Lucene search
K

72864 matches found

SUSE CVE
SUSE CVE
added 2026/03/25 12:25 a.m.3 views

SUSE CVE-2026-30861

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. From version 0.2.5 to before version 0.2.10, an unauthenticated remote code execution RCE vulnerability exists in the MCP stdio configuration validation. The application allows unrestricted user...

9.9CVSS6.6AI score0.02054EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.11 views

Nats-Server 输入验证错误漏洞

Nats-Server is a high-performance server developed by Nats Open Source, used for native message delivery systems on Nats.io, cloud, and edge environments. Versions of Nats-Server prior to 2.11.14 and 2.12.5 contained a vulnerability related to input validation errors. This vulnerability stemmed...

7.5CVSS6.4AI score0.00582EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.5 views

Nats-Server 输入验证错误漏洞

Nats-Server is a high-performance server developed by Nats for use in Nats.io, cloud, and edge native messaging systems. Versions of NATS-Server prior to 2.11.15 and 2.12.6 contained a vulnerability related to input validation errors. This vulnerability allowed clients to send specific malformed...

7.5CVSS6.4AI score0.00616EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.5 views

PT-2026-27907

Name of the Vulnerable Software and Affected Versions SimpLy Gallery versions n/a through 3.3.2 Description An improper validation of the specified quantity in input within the GalleryCreator SimpLy Gallery simply-gallery-block component allows access to functionality that is not properly...

9.9CVSS5.9AI score0.00447EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.3 views

PT-2026-27540

This issue was addressed with improved input validation. This issue is fixed in iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data...

5.3CVSS5.8AI score0.00192EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.5 views

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products, which is caused by improper input...

7.5CVSS5.8AI score0.00665EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.10 views

PT-2026-27793

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description A flaw exists in the web-based management interface that may allow a remote attacker with valid credentials to perform a cross-site scripting XSS attack against a user...

5.4CVSS6.2AI score0.00162EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 26.3 and iPadOS prior to 26.3 contained security vulnerabilities. These...

5.3CVSS5.8AI score0.00192EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. Vulnerabilities exist in versions of GitLab CE/EE 18.5 to 18.8.7, 18.9 ...

7.5CVSS5.9AI score0.00478EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

WordPress plugin Gaea 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

7.1CVSS5.7AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 12:0 a.m.18 views

CVE-2025-70952

pf4j (up to version before 20c2f80) contains a path traversal/Zip Slip vulnerability in Unzip.java: extract() mishandles zip entry names due to missing path normalization and validation. This can enable directory traversal and unauthorized file write. Affected component is the unzip logic; impact...

7.5CVSS5.8AI score0.00856EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

WordPress plugin SimpLy Gallery 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.9CVSS5.8AI score0.00447EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.4 views

PT-2026-28064

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.5 through 18.8.6 GitLab CE/EE versions 18.9 through 18.9.2 GitLab CE/EE versions 18.10 through 18.10.0 Description An issue exists in GitLab CE/EE that could allow an unauthenticated user to cause a denial of service...

7.5CVSS5.9AI score0.00478EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.3 views

GitLab 18.5 < 18.8.7 / 18.9 < 18.9.3 / 18.10 < 18.10.1 (CVE-2026-3988)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a...

7.5CVSS5.9AI score0.00478EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.10 views

Cisco IOS和Cisco IOS XE Software 安全漏洞

Cisco IOS and Cisco IOS XE Software are products of the American company Cisco. Cisco IOS is an operating system developed for its network devices. Cisco IOS XE Software is a network operating system. There are security vulnerabilities in Cisco IOS and Cisco IOS XE Software Release 3E. These...

7.7CVSS5.8AI score0.0028EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

Cisco IOS XE Software 注入漏洞

Cisco IOS XE Software is a network operating system developed by the American company Cisco. There is an injection vulnerability in Cisco IOS XE Software, which stems from insufficient user input validation. This vulnerability may lead to CRLF injection attacks...

5.3CVSS7.5AI score0.0029EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

Cisco IOS XE Software 跨站脚本漏洞

Cisco IOS XE Software is a network operating system developed by the American company Cisco. Cisco IOS XE Software has a cross-site scripting vulnerability, which stems from insufficient user input validation. This vulnerability may lead to storage-based cross-site scripting attacks...

4.8CVSS7.3AI score0.00194EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-27796

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the web-based Cisco IOx application hosting environment management interface that could allow a remote attacker to inject carriage return line feed CRLF...

5.3CVSS6AI score0.0029EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-27988

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 7.11 through 18.8.6 GitLab CE/EE versions 18.9 through 18.9.2 GitLab CE/EE versions 18.10 through 18.10.0 Description An issue existed in GitLab CE/EE where an unauthenticated user could bypass WebAuthn two-factor...

8.1CVSS5.9AI score0.00276EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.4 views

Cisco Catalyst SD-WAN Manager XSS (cisco-sa-vmanage-xss-ZqkhP9W9)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...

5.4CVSS6AI score0.00162EPSS
Exploits0References3
Rows per page
Query Builder