130931 matches found
CGM CLININET Code Injection Vulnerability (CNVD-2025-19814)
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a code injection vulnerability that stems from a system function that fails to properly filter special elements of a constructed code segment. An attacker can exploit this vulnerability to execute...
CGM CLININET Access Control Error Vulnerability (CNVD-2025-19813)
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from an Access Control Error vulnerability that originates from improper access control in the serverConfig endpoint, which can be exploited by an attacker to gain unauthorized access to sensitive...
CGM CLININET Code Injection Vulnerability (CNVD-2025-19812)
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a code injection vulnerability that stems from the RunCommand function failing to properly filter the special elements of the constructor code segment. An attacker can exploit this vulnerability t...
CGM CLININET SQL Injection Vulnerability
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from an SQL injection vulnerability that originates from the lack of validation of the pesel parameter of the getPatientIdentifier function against externally entered SQL statements. An attacker can...
CGM CLININET Access Control Error Vulnerability (CNVD-2025-19807)
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from an access control error vulnerability that originates from improper access control in /cgi-bin/CliniNET.prd/GetActiveSessions.pl, which can be exploited by an attacker to gain unauthorized access ...
CGM CLININET Access Control Error Vulnerability
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from an Access Control Error vulnerability that originates from improper access control in the /cgi-bin/CliniNET.prd/utils/dblogstat.pl endpoint, which can be exploited by an attacker to gain...
CGM CLININET Code Injection Vulnerability
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a code injection vulnerability that stems from the ConvertToPDF function's filename parameter failing to properly filter special elements of the constructed code segment. An attacker can exploit...
Tenda AC6 fromSetIpMacBind Function Buffer Overflow Vulnerability
Tenda AC6 is a dual-band wireless router from Tenda that supports IPv4 and IPv6 protocols and utilizes the 802.11ac/n wireless standard to provide a wireless transmission rate of 1167Mbps. Tenda AC6 suffers from a buffer overflow vulnerability that originates from the list parameter in the...
DELL ThinOS 10 Elevation of Privilege Vulnerability
DELL ThinOS 10 is a next-generation thin client operating system from Dell designed for virtual desktop infrastructure VDI to improve security, efficiency and user experience. DELL ThinOS 10 suffers from an elevation of privilege vulnerability that stems from improper assignment of critical...
DELL ThinOS 10 Protection Mechanism Failure Vulnerability
DELL ThinOS 10 is a next-generation thin client operating system from Dell designed for virtual desktop infrastructure VDI to improve security, efficiency and user experience. DELL ThinOS 10 suffers from a Protection Mechanism Failure vulnerability, which stems from a failure of the protection...
CGM CLININET Access Control Error Vulnerability (CNVD-2025-19816)
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from an Access Control Error vulnerability that originates from improper access control in /cgi-bin/CliniNET.prd/utils/userlogxls.pl, which can be exploited by an attacker to gain unauthorized access t...
Apartment Management System addbranch.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /branch/addbranch.php. An attacker can exploit this...
IBM Cognos Command Center Redirection Vulnerability
IBM Cognos Command Center is a solution for automating business processes that simplifies operational complexity across multiple software environments by allowing users to view, execute and monitor automated processes through a single interface. A redirection vulnerability exists in IBM Cognos...
libbiosig ISHNE Parsing Function Buffer Overflow Vulnerability
libbiosig is BioSig Project open source an open source software library for biomedical signal processing . With biological signal analysis functions. A buffer overflow vulnerability exists in the libbiosig ISHNE parsing function, which can be exploited by an attacker to cause arbitrary code...
Hospital Management System about-us.php File SQL Injection Vulnerability
Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the pagetitle parameter of about-us.php. An attacker can exploit thi...
Hospital Management System index.php File SQL Injection Vulnerability
Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the username parameter of index.php. No details of the vulnerability a...
Google Android elevation of privilege vulnerability (CNVD-2025-19984)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a logic error in the main.cpp main code. The vulnerability can be exploited by an attacker to gain elevated privileges on the system...
libbiosig Input Validation Error Vulnerability
libbiosig is BioSig Project open source an open source software library for biomedical signal processing . With biological signal analysis functions. libbiosig there is an input validation error vulnerability , the vulnerability stems from the GDF parsing function fails to correctly validate the...
Apartment Management System addcomplain.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /complain/addcomplain.php. An attacker can exploit...
libbiosig stack buffer overflow vulnerability (CNVD-2025-20240)
libbiosig is BioSig Project open source an open source software library for biomedical signal processing . With biological signal analysis functions. libbiosig has a stack buffer overflow vulnerability that can be exploited by an attacker to cause execution of arbitrary code...
libbiosig RHS2000 parsing function buffer overflow vulnerability
libbiosig is BioSig Project open source an open source software library for biomedical signal processing . With biological signal analysis functions. A buffer overflow vulnerability exists in the libbiosig RHS2000 parsing function, which can be exploited by an attacker to cause arbitrary code...
libbiosig input validation error vulnerability (CNVD-2025-20232)
libbiosig is BioSig Project open source an open source software library for biomedical signal processing . With biological signal analysis functions. libbiosig has an input validation error vulnerability , the vulnerability stems from the ABF parsing function fails to correctly validate the user...
libbiosig stack buffer overflow vulnerability (CNVD-2025-20243)
libbiosig is BioSig Project open source an open source software library for biomedical signal processing . With biological signal analysis functions. libbiosig has a stack buffer overflow vulnerability that can be exploited by an attacker to cause execution of arbitrary code...
Google Android elevation of privilege vulnerability (CNVD-2025-19963)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a memory misreference vulnerability, which stems from a messed up instruction in sdpserver.cc that is responsible for freeing up memory, which can be exploited by an attacker to gain elevated...
Google Android elevation of privilege vulnerability (CNVD-2025-19982)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused due to logic error code in multiple locations. The vulnerability can be exploited by an attacker to gain elevated privileges on the system...
libbiosig stack buffer overflow vulnerability (CNVD-2025-20244)
libbiosig is BioSig Project open source an open source software library for biomedical signal processing . With biological signal analysis functions. libbiosig has a stack buffer overflow vulnerability that can be exploited by an attacker to cause execution of arbitrary code...
IBM Cognos Command Center Clickjacking Vulnerability
IBM Cognos Command Center is a solution for automating business processes that simplifies operational complexity across multiple software environments by allowing users to view, execute and monitor automated processes through a single interface. A clickjacking vulnerability exists in IBM Cognos...
IBM Cognos Command Center Code Execution Vulnerability
IBM Cognos Command Center is a solution for automating business processes that simplifies operational complexity across multiple software environments by allowing users to view, execute and monitor automated processes through a single interface. A code execution vulnerability exists in IBM Cognos...
QNAP File Station 5 Null Pointer Dereference Vulnerability
QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from a null pointer dereference vulnerability that can be exploited by an attacker to cause a denial of service...
Apartment Management System addemployee.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /employee/addemployee.php. An attacker can exploit this...
Apartment Management System addfloor.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter hdnid in the file /floor/addfloor.php. An attacker can exploit th...
Apartment Management System add_maintenance_cost.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements for parameter ID in file /maintenance/addmaintenancecost.php. An attacker can exploit thi...
Apartment Management System addowner.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /owner/addowner.php. An attacker can exploit this...
Google Android Elevation of Privilege Vulnerability
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from a mix-up in rfctsframes.cc in the rfcsendbufuih directive responsible for freeing memory, which can be exploited by an attacker to elevat...
Google Chrome Reuse After Release Vulnerability
Google Chrome is a free web browser developed by Google. It is the world's largest browser in terms of market share due to its speed, security, simplicity, multi-platform support and built-in privacy protection. A post-release reuse vulnerability exists in Google Chrome, which can be exploited by...
Apartment Management System addunit.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /unit/addunit.php. An attacker can exploit this...
Apartment Management System add_owner_utility.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /ownerutility/addownerutility.php. An attacker can exploit...
Tenda CH22 /goform/editUserName Buffer Overflow Vulnerability
Tenda CH22 is an enterprise-grade wireless router from Tenda brand. The Tenda CH22 suffers from a buffer overflow vulnerability, which originates from the parameter newaccount in file /goform/editUserName failing to correctly validate the length and size of the input data, which can be exploited ...
Delta Electronics EIP Builder XML External Entity Injection Vulnerability
Delta Electronics EIP Builder is a configuration tool for connecting various devices from Delta Electronics China. Delta Electronics EIP Builder suffers from an XML External Entity Injection vulnerability that stems from improper handling of XML external entities in file parsing, which can be...
Delta Electronics COMMGR Command Injection Vulnerability
Delta Electronics COMMGR is a communication management software from Delta Electronics China. Delta Electronics COMMGR suffers from a command injection vulnerability due to improper boundary checking when creating specially designed .isp files, no details of the vulnerability are available at thi...
Delta Electronics COMMGR Code Injection Vulnerability (CNVD-2025-22950)
Delta Electronics COMMGR is a communication management software from Delta Electronics China. A code injection vulnerability exists in Delta Electronics COMMGR, which can be exploited by an attacker to execute arbitrary code on the system...
Unspecified Vulnerability in D-Link DSL-7740C
The D-Link DSL-7740C is a modem from China-based AUO D-Link. A security vulnerability exists in the D-Link DSL-7740C, which can be exploited by attackers to escalate privileges via brute force attack...
D-Link DSL-7740C traceroute6 function command injection vulnerability
The D-Link DSL-7740C is a modem from China-based AUO D-Link. A command injection vulnerability exists in the D-Link DSL-7740C traceroute6 function, which can be exploited by an attacker to cause arbitrary command execution...
D-Link DSL-7740C ping function command injection vulnerability
The D-Link DSL-7740C is a modem from China-based AUO D-Link. A command injection vulnerability exists in the D-Link DSL-7740C ping function. The vulnerability stems from the ping function failing to properly filter constructed command special characters, commands, etc. The vulnerability can be...
D-Link DSL-7740C ping6 function command injection vulnerability
The D-Link DSL-7740C is a modem from China-based AUO D-Link. A command injection vulnerability exists in the D-Link DSL-7740C ping6 function. The vulnerability stems from the ping6 function failing to properly filter construct command special characters, commands, etc. The vulnerability can be...
D-Link DSL-7740C Maintenance Module Access Control Error Vulnerability
The D-Link DSL-7740C is a modem from China-based AUO D-Link. An access control error vulnerability exists in the D-Link DSL-7740C Maintenance module, which can be exploited by an attacker to arbitrarily change the password of an elevated privilege account and escalate privileges...
D-Link DSL-7740C EXE Parameter Command Injection Vulnerability
The D-Link DSL-7740C is a modem from China-based AUO D-Link. A command injection vulnerability exists in the D-Link DSL-7740C EXE parameter, which can be exploited by an attacker to execute arbitrary commands by serving a crafted GET request...
D-Link DSL-7740C DELT_file.xgi Endpoint Access Control Error Vulnerability
The D-Link DSL-7740C is a modem from China-based AUO D-Link. An access control error vulnerability exists in the D-Link DSL-7740C DSL7740C.V6.TR069.20211230 version, which stems from improper access control of the DELTfile.xgi endpoint, and can be exploited by an attacker to modify arbitrary...
D-Link DSL-7740C backup function command injection vulnerability
The D-Link DSL-7740C is a modem from China-based AUO D-Link. A command injection vulnerability exists in the D-Link DSL-7740C backup function, which can be exploited by an attacker to execute arbitrary commands...
Hospital Management System contact.php File SQL Injection Vulnerability
Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the pagetitle parameter of contact.php. An attacker can exploit this...