Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “VS Administration” permissions to execute arbitrary commands on the Loa…
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster applia…
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the Lo…
Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By defau…
A possible security vulnerability has been identified in Apache Kafka. By default, the broker property `sasl.oauthbearer.jwt.validator.class` is set to `org.apache.kafka.common.security.oauthbearer.…
Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of inten…
A vulnerability was found in Qibo CMS 1.0. Affected by this vulnerability is an unknown functionality of the component Internal Message Module. Performing a manipulation results in cross site scripti…
A vulnerability was detected in p2r3 convert up to 6998584ace3e11db66dff0b423612a5cf91de75b. Affected is the function Bun.serve of the file buildCache.js of the component API. Performing a manipulati…
A security vulnerability has been detected in rowboatlabs rowboat up to 0.1.67. This impacts the function tool_call of the file apps/experimental/tools_webhook/app.py of the component tools_webhook. …
A weakness has been identified in usememos memos up to 0.22.1. This affects the function memos_access_token of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the ar…
A security flaw has been discovered in Yifang CMS up to 2.0.5. The impacted element is the function store of the file plugins/yifang_backend_account/logic/admin/L_rbac_admin.php of the component Exte…
When sed is invoked with both -i (in-place edit) and --follow-symlinks, the function open_next_file() performs two separate, non-atomic filesystem operations on the same path: 1. resolves symlink to…
Double-Free / Use-After-Free (UAF) in the `IntoIter::drop` and `ThinVec::clear` functions in the thin_vec crate. A panic in `ptr::drop_in_place` skips setting the length to zero.
A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component httpd. The manipulatio…
A vulnerability was determined in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. Executing a manipul…
A vulnerability was found in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of th…
A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.0. This vulnerability affects the function Statement.executeUpdate of the file sql.jsp of the component Interface. Such manipulation …
A flaw has been found in phili67 Ecclesia CRM up to 8.0.0. This affects the function ValidateInput of the file /v2/query/view/ of the component Query Viewer Component. This manipulation of the argume…
A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in imp…
A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file mogu_picture/src/main/…