130931 matches found
WellChoose Organization Portal System Path Traversal Vulnerability
WellChoose Organization Portal System is an electronic directory service system from WellChoose in Taiwan, China. The WellChoose Organization Portal System suffers from a path traversal vulnerability that can be exploited by an attacker to download arbitrary system files...
WellChoose Organization Portal System File Inclusion Vulnerability
WellChoose Organization Portal System is an electronic directory service system from WellChoose in Taiwan, China. A file inclusion vulnerability exists in the WellChoose Organization Portal System, which can be exploited by an attacker to execute arbitrary code on the server due to a failure to...
WellChoose Organization Portal System SQL Injection Vulnerability
WellChoose Organization Portal System is an electronic directory service system from WellChoose in Taiwan, China. The WellChoose Organization Portal System suffers from a SQL injection vulnerability that arises from the application's lack of validation of externally entered SQL statements. The...
Tenda AC20 Buffer Overflow Vulnerability (CNVD-2025-19580)
The Tenda AC20 is a wireless router from the Chinese company Tenda. Tenda AC20 suffers from a buffer overflow vulnerability, which originates from the parameter Time in the file /goform/saveParentControlInfo that fails to correctly validate the length and size of the input data, which can be...
Tenda AC20 Buffer Overflow Vulnerability (CNVD-2025-19579)
The Tenda AC20 is a wireless router from the Chinese company Tenda. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from the failure of the savevirtualserdata function parameter list in the /goform/formSetVirtualSer file to correctly validate the length of the input...
Netis WF2880 Function_00465620 Function Buffer Overflow Vulnerability
The Netis WF2880 is a wireless router from the Chinese company Netis. A buffer overflow vulnerability exists in the Netis WF2880 Function00465620 function, which can be exploited by an attacker to cause a denial of service...
Netis WF2880 FUN_00476598 Function Buffer Overflow Vulnerability
The Netis WF2880 is a wireless router from the Chinese company Netis. A buffer overflow vulnerability exists in the Netis WF2880 FUN00476598 function, which can be exploited by an attacker to cause a denial of service...
Netis WF2880 FUN_004743f8 function buffer overflow vulnerability
The Netis WF2880 is a wireless router from the Chinese company Netis. A buffer overflow vulnerability exists in the Netis WF2880 FUN004743f8 function, which can be exploited by an attacker to cause a denial of service...
Netis WF2880 FUN_0047151c Function Buffer Overflow Vulnerability
The Netis WF2880 is a wireless router from the Chinese company Netis. A buffer overflow vulnerability exists in the Netis WF2880 FUN0047151c function, which can be exploited by an attacker to cause a denial of service attack...
Netis WF2880 FUN_00470c50 Function Buffer Overflow Vulnerability
The Netis WF2880 is a wireless router from the Chinese company Netis. A buffer overflow vulnerability exists in the Netis WF2880 FUN00470c50 function, which can be exploited by an attacker to cause a denial of service...
Netis WF2880 FUN_0046f984 Function Buffer Overflow Vulnerability
The Netis WF2880 is a wireless router from the Chinese company Netis. The Netis WF2880 FUN0046f984 function buffer overflow vulnerability can be exploited by an attacker to cause a denial of service...
Intel Tiber Edge Platform Edge Orchestrator Denial of Service Vulnerability (CNVD-2025-19837)
Intel Tiber Edge Platform Edge Orchestrator is an edge computing platform from Intel designed to simplify the edge application development and deployment process by supporting modular tools to build and run edge applications. Intel Tiber Edge Platform Edge Orchestrator suffers from a denial of...
Intel Tiber Edge Platform Edge Orchestrator Improper Access Control Vulnerability
Intel Tiber Edge Platform Edge Orchestrator is an edge computing platform from Intel designed to simplify the edge application development and deployment process by supporting modular tools to build and run edge applications. Intel Tiber Edge Platform Edge Orchestrator suffers from an Improper...
Intel Tiber Edge Platform Edge Orchestrator Denial of Service Vulnerability (CNVD-2025-19835)
Intel Tiber Edge Platform Edge Orchestrator is an edge computing platform from Intel designed to simplify the edge application development and deployment process by supporting modular tools to build and run edge applications. Intel Tiber Edge Platform Edge Orchestrator suffers from a denial of...
Intel Tiber Edge Platform Edge Orchestrator Denial of Service Vulnerability (CNVD-2025-19834)
Intel Tiber Edge Platform Edge Orchestrator is an edge computing platform from Intel designed to simplify the edge application development and deployment process by supporting modular tools to build and run edge applications. Intel Tiber Edge Platform Edge Orchestrator suffers from a denial of...
Intel Tiber Edge Platform Edge Orchestrator Information Disclosure Vulnerability
Intel Tiber Edge Platform Edge Orchestrator is an edge computing platform from Intel designed to simplify the edge application development and deployment process by supporting modular tools to build and run edge applications. Intel Tiber Edge Platform Edge Orchestrator suffers from an information...
Intel Tiber Edge Platform Edge Orchestrator Improper Input Validation Vulnerability
Intel Tiber Edge Platform Edge Orchestrator is an edge computing platform from Intel designed to simplify the edge application development and deployment process by supporting modular tools to build and run edge applications. Intel Tiber Edge Platform Edge Orchestrator suffers from an improper...
Intel Tiber Edge Platform Edge Orchestrator Denial of Service Vulnerability
Intel Tiber Edge Platform Edge Orchestrator is an edge computing platform from Intel designed to simplify the edge application development and deployment process by supporting modular tools to build and run edge applications. A denial of service vulnerability exists in Intel Tiber Edge Platform...
Intel Graphics Drivers Elevation of Privilege Vulnerability
Intel Graphics Drivers is Intel's official driver for users of Arc series graphics cards, Iris Xe graphics cards and Core Ultra processors with Arc GPUs. An elevation of privilege vulnerability exists in Intel Graphics Drivers, which stems from improper default privileges and can be exploited by ...
Intel 800 Series Ethernet Integer Overflow Vulnerability (CNVD-2025-19829)
Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. Intel 800 Series Ethernet suffers from an integer overflow vulnerability that originates from an integer overflow or wrap-around...
Intel 800 Series Ethernet Input Validation Improperity Vulnerability (CNVD-2025-19828)
Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. Intel 800 Series Ethernet suffers from an improper input validation vulnerability that can be exploited by an attacker to cause a...
Intel 800 Series Ethernet Input Validation Improperity Vulnerability
Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. Intel 800 Series Ethernet suffers from an improper input validation vulnerability that can be exploited by an attacker to cause a...
Intel 800 Series Ethernet Integer Overflow Vulnerability
Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. Intel 800 Series Ethernet suffers from an integer overflow vulnerability that originates from an integer overflow or wrap-around...
Intel 800 Series Ethernet Elevation of Privilege Vulnerability (CNVD-2025-19802)
Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. An elevation of privilege vulnerability exists in Intel 800 Series Ethernet that stems from an unchecked exception condition, whi...
Intel 800 Series Ethernet Elevation of Privilege Vulnerability (CNVD-2025-19801)
Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. An elevation of privilege vulnerability exists in Intel 800 Series Ethernet that stems from an unchecked exception condition, whi...
Intel 800 Series Ethernet Elevation of Privilege Vulnerability
Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. An elevation of privilege vulnerability exists in Intel 800 Series Ethernet, which stems from insufficient control flow managemen...
Multiple Apple products suffer from an out-of-bounds write vulnerability
iPadOS is Apple's mobile operating system for iPad devices, which is based on iOS and optimized for the iPad. iPhone OS is Apple's operating system for the iPhone and iPod touch. macOS is a set of Apple-developed MacOS is an operating system developed by Apple that runs on the Macintosh family of...
Tenda CH22 /goform/editFileName File Buffer Overflow Vulnerability
The Tenda CH22 is an enterprise-grade wireless router from the Tenda brand. Tenda CH22 suffers from a buffer overflow vulnerability, which originates from the failure of the function formeditFileName in the file /goform/editFileName to correctly validate the length and size of the input data, whi...
Tenda CH22 Buffer Overflow Vulnerability
The Tenda CH22 is an enterprise-grade wireless router from the Tenda brand. Tenda CH22 suffers from a buffer overflow vulnerability, which originates from the failure of the formdelFileName function in the file /goform/delFileName to properly validate the length and size of the input data, which...
Online Shopping Portal Project password-recovery.php File SQL Injection Vulnerability
Online Shopping Portal Project is an online shopping portal project. A SQL injection vulnerability exists in Online Shopping Portal Project, which originates from the lack of validation of externally-entered SQL statements in the parameter emailid in the file /shopping/password-recovery.php. An...
Online Shopping Portal Project bill-ship-addresses.php File SQL Injection Vulnerability
Online Shopping Portal Project is an online shopping portal project. Online Shopping Portal Project suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter billingpincode in the file...
Hospital Management System SQL Injection Vulnerability
Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter doctorspecilization in the file...
Adobe Illustrator Null Pointer Dereference Vulnerability
Adobe Illustrator is an industry-standard vector graphic design software developed by Adobe, mainly used for creating and editing vector graphics, illustrations, logo design, etc., widely used in publishing, multimedia and online image fields. Adobe Illustrator suffers from a null pointer...
Fortinet FortiSIEM Operating System Command Injection Vulnerability (CNVD-2025-21176)
Fortinet FortiSIEM is a suite of security information and event management systems from the American company Fiat Fortinet. The system includes features such as asset discovery, workflow automation and unified management. Fortinet FortiSIEM has an operating system command injection vulnerability,...
DELL Data Lakehouse Improper Privilege Control Vulnerability
DELL Data Lakehouse is an all-in-one solution from Dell Technologies that combines the advantages of Data Warehouse and Data Lake to provide a unified, flexible and high-performance data storage and processing platform. DELL Data Lakehouse suffers from an improper privilege control vulnerability...
DELL SupportAssist for Business PCs Elevation of Privilege Vulnerability
DELL SupportAssist for Business PCs is Dell's PC management solution for enterprise users, helping companies improve IT management efficiency and reduce O&M costs through AI-driven automated support, remote deployment and centralized control capabilities. An elevation of privilege vulnerability...
WordPress BeeTeam368 Extensions plugin file inclusion vulnerability
WordPress BeeTeam368 Extensions plugin is a WordPress plugin that is mainly used to extend the functionality of a website. The WordPress BeeTeam368 Extensions plugin suffers from a file inclusion vulnerability, which stems from improper control over the filename of an include or request statement...
Apache Tomcat Authorization Problem Vulnerability (CNVD-2025-19105)
Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server for the implementation of Servlet and JavaServer Page JSP support. Apache Tomcat suffers from an authorization problem vulnerability that stems from a rewrite valve session fixation flaw. An attack...
Beauty Parlour Management System book-appointment.php File SQL Injection Vulnerability
Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally entered SQL statements in t...
Unspecified Vulnerability in Adobe Commerce
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has a security vulnerability that can be exploited by an attacker to cause a security feature bypass...
Adobe Photoshop Out-of-Bounds Write Vulnerability (CNVD-2025-24438)
Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. Adobe Photoshop suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the...
Online Medicine Guide /adphar.php File SQL Injection Vulnerability
Online Medicine Guide is an online medical guide. Online Medicine Guide suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter phuname in the file /adphar.php. The vulnerability can be exploited to execute illegal SQL...
Delta Electronics DTN Soft Code Execution Vulnerability
Delta Electronics DTN Soft is a temperature controller software from Delta Electronics China. A security vulnerability exists in Delta Electronics DTN due to an insecure deserialization flaw in the handling of project files. An attacker can exploit the vulnerability to execute arbitrary code on t...
LibTIFF Buffer Overflow Vulnerability
LibTIFF is LibTIFF open source a library to read and write TIFF Tagged Image File Format files , the library contains a number of command-line tools to deal with TIFF files . LibTIFF has a buffer overflow vulnerability that originates from an incorrect operation of the file tiffcrop.c, which can ...
WordPress AL Pack plugin unauthorized access vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An unauthorized access vulnerability exists in the WordPress AL Pack plugin, which stems from a lack of functionality checking of the checkactivatepermission permission callback...
D-Link DIR-818L Injection Vulnerability
The D-Link DIR-818L is a WiFi router from the Chinese company AUO D-Link. The D-Link DIR-818L suffers from an injection vulnerability that originates from a misbehavior in the file /htdocs/cgibin, which can be exploited by an attacker to bypass authentication and access restricted data by injecti...
Teachers Record Management System admin/search.php File SQL Injection Vulnerability
Teachers Record Management System is a teacher record management system. The Teachers Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter searchdata in file /admin/search.php. An...
WordPress Authentication and xmlrpc log writer plugin cross-site scripting vulnerability
The WordPress Authentication and xmlrpc log writer plugin is a plugin for logging failed login attempts e.g. brute-force attacks and invalid XMLRPC requests, primarily for processing data and protecting against it with tools like fail2ban. The WordPress Authentication and xmlrpc log writer plugin...
WordPress Add User Meta plugin Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Add User Meta plugin, which stems from missing or incorrect validation of random numbers on the "add-user-meta...
Adobe Commerce Incorrect Authorization Vulnerability
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An incorrect authorization vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...