NVIDIA Isaac-GR00T Code Injection Vulnerability

NVIDIA Isaac-GR00T is an open base modeling platform from NVIDIA. The NVIDIA Isaac-GR00T suffers from a code injection vulnerability, which originates in a Python component, that can be exploited by an attacker to perform malicious operations and compromise system stability by bypassing security...

TOTOLINK N350R Injection Vulnerability

The TOTOLINK N350R is a WiFi router from China's Gion Electronics TOTOLINK. The TOTOLINK N350R suffers from an injection vulnerability that originates from a misbehavior in the file /boafrm/formSysCmd, which can be exploited by an attacker to cause an application to crash or behave abnormally by...

TOTOLINK A7000R Certification Bypass Vulnerability

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A7000R suffers from an authentication bypass vulnerability that stems from formLoginAuth.htm not properly validating a login request, which can be exploited by an attacker to bypass authentication, tamper wi...

Rockwell Automation FLEX 5000 Resource Management Error Vulnerability (CNVD-2025-19531)

Rockwell Automation FLEX 5000 is a high-speed counter module from Rockwell Automation. A resource management error vulnerability exists in the Rockwell Automation FLEX 5000 that stems from incorrect processing of a CIP Class 32 request causing the module to enter a fault state. No details of the...

TOTOLINK EX1200T Certification Bypass Vulnerability

The TOTOLINK EX1200T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from an authentication bypass vulnerability that originates from formLoginAuth.htm not properly validating the login request, which can be exploited by an attacker to gain system...

NVIDIA NeMo Framework Code Issue Vulnerability

NVIDIA Nemo Framework is a framework for building and deploying generative AI models from NVIDIA. A code issue vulnerability exists in the NVIDIA NeMo Framework, which can be exploited by an attacker to execute malicious code by uploading arbitrary files and bypassing file size limits...

Netis WF2880 FUN_0046ed68 function buffer overflow vulnerability

The Netis WF2880 is a wireless router from the Chinese company Netis. A buffer overflow vulnerability exists in the Netis WF2880 FUN0046ed68 function, which can be exploited by an attacker to cause a denial of service...

Tenda AC20 Buffer Overflow Vulnerability (CNVD-2025-19581)

The Tenda AC20 is a wireless router from the Chinese company Tenda. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from the failure of the sub48E628 function parameter list in the /goform/SetIpMacBind file to properly validate the length of the input data, which can b...

Adobe Illustrator Memory Misreference Vulnerability (CNVD-2025-24437)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause a sensitive memory leak...

Apache Superset SQL Injection Vulnerability (CNVD-2025-19100)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from a SQL injection vulnerability that stems from a bypass of the DISALLOWEDSQLFUNCTIONS security feature, which can be exploited by an attacker to gain access to sensiti...

Apache Superset Information Disclosure Vulnerability (CNVD-2025-19102)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from an information disclosure vulnerability that stems from the /chart/data endpoint response containing underlying query information, which can be exploited by an attack...

Online Medicine Guide browsemdcn.php File SQL Injection Vulnerability

Online Medicine Guide is an online medical guide. Online Medicine Guide suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter Search in the file /browsemdcn.php. The vulnerability can be exploited by an attacker to...

Ivanti Avalanche SQL Injection Vulnerability

Ivanti Avalanche is an enterprise mobile device management system from Ivanti for managing mobile devices such as smartphones and tablets. Ivanti Avalanche suffers from a SQL injection vulnerability that originates when the program does not properly validate user-entered SQL statements, which can...

Online Shopping Portal Project signup.php File SQL Injection Vulnerability

Online Shopping Portal Project is an online shopping portal project. A SQL injection vulnerability exists in Online Shopping Portal Project, which originates from the lack of validation of externally entered SQL statements in the parameter emailid in the file /shopping/signup.php. An attacker can...

Visitor Management System front.php File SQL Injection Vulnerability

Visitor Management System is a visitor access management system. The Visitor Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter rid in the file /front.php. An attacker can exploit this...

Unspecified Vulnerability in D-Link DIR-619L

D-Link DIR-619L is a home wireless router from AUO D-Link, designed for home and small office environments, utilizing the IEEE 802.11n wireless standard with a maximum transmission rate of 300Mbps. A security vulnerability exists in the D-Link DIR-619L, which stems from insufficient validation of...

Foxit PDF Reader Buffer Overflow Vulnerability (CNVD-2025-27459)

Foxit PDF Reader is a Chinese Foxit Foxit company's a PDF document reader. Foxit PDF Reader suffers from a buffer overflow vulnerability that originates from an uninitialized pointer, which can be exploited by an attacker to obtain system privileges and modify the system configuration by executin...

Adobe Illustrator Stack Buffer Overflow Vulnerability

Adobe Illustrator is an industry-standard vector graphic design software developed by Adobe, mainly used for creating and editing vector graphics, illustrations, logo design, etc., widely used in publishing, multimedia and online image fields. Adobe Illustrator suffers from a stack buffer overflo...

Intel AI for Enterprise Retrieval-augmented Generation Search Path Uncontrolled Vulnerability

Intel AI for Enterprise Retrieval-augmented Generation is a technology framework for enhancing the accuracy and relevance of Large Language Model LLM responses by incorporating an external knowledge base. An uncontrolled search path vulnerability exists in Intel AI for Enterprise...

Intel AI Playground Improper Privilege Vulnerability

Intel AI Playground is an open source application based on AI acceleration technology launched by Intel, which is mainly used to simplify the threshold of AI development, supporting features such as image generation, enhancement and chatbots. Intel AI Playground suffers from a privilege improprie...

WordPress B Slider plugin server-side request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress B Slider plugin suffers from a server-side request forgery vulnerability that stems from the fsapirequest function not implementing an adequate validation mechanis...

DELL CloudLink XML External Entity References Improperly Restricted Vulnerability

DELL CloudLink is a data encryption and key management solution from Dell that is targeted at enterprise-level users and supports public, private and hybrid cloud environments. DELL CloudLink suffers from an improperly restricted XML external entity reference vulnerability that can be exploited b...

Adobe Substance3D Modeler Out-of-Bounds Read Vulnerability

Adobe Substance3D Modeler is the core tool in the Adobe Substance 3D series of software, designed for 3D modeling, supporting digital clay sculpting, symmetry tools, automated UV management, and other features for seamless switching across computer VR environments. An out-of-bounds read...

Apache bRPC Denial of Service Vulnerability

Apache bRPC is the United States Apache Apache Foundation's industrial-grade RPC framework for building reliable and high-performance services. A denial of service vulnerability exists in Apache bRPC, which stems from improper memory allocation in the Redis protocol parser, and can be exploited b...

Simple Cafe Ordering System portal.php File SQL Injection Vulnerability

Simple Cafe Ordering System is a simple coffee ordering system. Simple Cafe Ordering System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /portal.php. An attacker can exploit this...

Tenda AC20 Hardcoded Credentials Vulnerability

Tenda AC20 is a home router from Tenda. The Tenda AC20 suffers from a hard-coded credentials vulnerability that originates from the presence of hard-coded credentials in the file /etcro/shadow. An attacker can exploit the vulnerability to cause confidentiality to be compromised...

Intel E810 Ethernet Input Validation Improperity Vulnerability

Intel E810 Ethernet is a new generation of Ethernet network adapters launched by Intel, mainly for data center and cloud computing scenarios, supporting high-speed network connectivity and virtualization technologies. The Intel E810 Ethernet suffers from an improper input validation vulnerability...

Tenda AC20 shareSpeed Parameter Buffer Overflow Vulnerability

Tenda AC20 is a home router from Tenda. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from the parameter shareSpeed in file /goform/WifiGuestSet that fails to properly validate the length and size of the input data, which can be exploited by an attacker to execute...

Intel DSA Search Path Uncontrolled Vulnerability

Intel DSA is a hardware gas pedal built into Intel® Xeon® Scalable processors that accelerates storage, networking, and data analytics workloads by offloading data transfer tasks to dedicated hardware, freeing up CPU resources for other tasks. Intel DSA suffers from an uncontrolled search path...

Intel Device Plugins for Kubernetes Improper Access Control Vulnerability

Intel Device Plugins for Kubernetes is a set of frameworks and implementations developed by Intel for exposing hardware resources such as GPUs, FPGAs, etc. to container applications in a Kubernetes cluster. An improper access control vulnerability exists in Intel Device Plugins for Kubernetes,...

Intel Distribution for Python Improper Privileges Vulnerability

Intel Distribution for Python is the official Python distribution from Intel, designed to improve the performance of Python code by optimizing high-performance mathematical and scientific computing libraries, with support for multi-core CPUs and the latest instruction set acceleration. Intel...

Intel Converged Security and Management Engine Competitive Conditions Vulnerability

The Intel Converged Security and Management Engine is Intel's microcontroller embedded in the chipset to provide system management, security and low-power features. A competitive condition vulnerability exists in Intel Converged Security and Management Engine, and no detailed vulnerability detail...

Intel Connectivity Performance Suite Competitive Conditions Vulnerability

Intel Connectivity Performance Suite is a network optimization software solution from Intel, with key features that include automatically optimizing a computer's network connectivity performance and prioritizing critical applications based on user needs. A competitive condition vulnerability exis...

Adobe Substance 3D Stager out-of-bounds write vulnerability (CNVD-2025-24439)

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. Adobe Substance 3D Stager suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the context of the current user...

Adobe Dimension Out-of-Bounds Read Vulnerability (CNVD-2025-24436)

Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. Adobe Dimension suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a sensitive memory leak...

Adobe Commerce Path Traversal Vulnerability (CNVD-2025-24435)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A path traversal vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a bypass of security features and modify limited...

Job Diary admin-inbox.php file SQL injection vulnerability

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID in the file /admin-inbox.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...

Job Diary edit-details.php file SQL Injection Vulnerability

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ID in the file /edit-details.php. An attacker can exploit this vulnerability to execute illegal SQL commands to stea...

Job Diary user-apply.php file SQL Injection Vulnerability

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter jobtitle in the file /user-apply.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...

Medical Store Management System UpdateCompany.java File SQL Injection Vulnerability

Medical Store Management System is a pharmacy management system. The Medical Store Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter companyNameTxt in the file UpdateCompany.java. An...

Sports Management System match.php File SQL Injection Vulnerability

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/match.php. An attacker can exploit this vulnerabilit...

Netis WF2880 FUN_00471994 Function Buffer Overflow Vulnerability

The Netis WF2880 is a wireless router from the Chinese company Netis. A buffer overflow vulnerability exists in the Netis WF2880 FUN00471994 function, which can be exploited by an attacker to cause a denial of service...

Intel Graphics Drivers Null Pointer Dereference Vulnerability

Intel Graphics Drivers is Intel's official driver for users of Arc series graphics cards, Iris Xe graphics cards and Core Ultra processors with Arc GPUs. A null pointer dereference vulnerability exists in Intel Graphics Drivers, which can be exploited by an attacker to cause a denial of service...

Intel Arc B-Series graphics denial of service vulnerability

Intel Arc B-Series graphics is a line of discrete graphics cards from Intel designed for desktop gaming, content creation and artificial intelligence applications. A denial of service vulnerability exists in Intel Arc B-Series graphics, which stems from a protection mechanism failure that can be...

Travel Management System /updatesubcategory.php File SQL Injection Vulnerability

Travel Management System is a travel management system. Travel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameters t1/s1 in file /updatesubcategory.php. An attacker can exploit this vulnerabili...

Zoo Management System admin/add-foreigner-ticket.php File Cross-Site Scripting Vulnerability

Zoo Management System is a zoo management system. Zoo Management System has a cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the parameter visitorname in the file /admin/add-foreigner-ticket.php, which can be...

Online Medicine Guide /addelivery.php File SQL Injection Vulnerability

Online Medicine Guide is an online medical guide. Online Medicine Guide suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement in the parameter deName in the file /addelivery.php. The vulnerability can be exploited by an attacker t...

Adobe Framemaker Out-of-Bounds Read Vulnerability

Adobe FrameMaker is Adobe's development of professional-grade technical document creation and layout software, mainly used to deal with complex long-form structured content such as technical manuals, aviation documents, etc., support for XML/DITA standards, multilingual publishing and cross-media...

Intel Tiber Edge Platform Edge Orchestrator Information Disclosure Vulnerability

Intel Tiber Edge Platform Edge Orchestrator is an edge computing platform from Intel designed to simplify the edge application development and deployment process by supporting modular tools to build and run edge applications. Intel Tiber Edge Platform Edge Orchestrator suffers from an information...

GNU GRUB Null Pointer Dereference Vulnerability

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a null pointer dereference vulnerability that stems from not properly setting ERRNO when an HFS+grub mount fails, which can lead to null pointer access. An attacker can exploit this vulnerability to perform...