Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/11 12:0 a.m.12 views

WordPress plugin WP Mail Log 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS7.9AI score0.00284EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.22 views

VMware Spring Web Services 授权问题漏洞

VMware Spring Web Services is a SOAP Web services development framework provided by the American company VMware. Versions 5.0.0 to 5.0.1, 4.1.0 to 4.1.3, 4.0.0 to 4.0.18, and 3.1.0 to 3.1.8 of VMware Spring Web Services contain authorization vulnerabilities. These vulnerabilities stem from the...

5.4CVSS5.3AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.21 views

VMware Spring Integration 路径遍历漏洞

VMware Spring Integration is an enterprise application integration framework developed by VMware, Inc. Versions 7.0.0 to 7.0.4, 6.5.0 to 6.5.8, 6.4.0 to 6.4.11, 6.3.0 to 6.3.14, and 5.5.0 to 5.5.20 of VMware Spring Integration have a path traversal vulnerability. This vulnerability arises due to...

7.1CVSS5.5AI score0.0021EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Oracle PeopleSoft Enterprise PeopleTools 访问控制错误漏洞

Oracle PeopleSoft Enterprise PeopleTools is a technology provided by Oracle Corporation for use with PeopleSoft applications, ensuring that it remains aligned with user needs and expectations. Versions 8.61 and 8.62 of Oracle PeopleSoft Enterprise PeopleTools contain access control vulnerabilitie...

9.8CVSS5.8AI score0.9233EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

VMware Spring Boot 安全漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.6, 3.5.0 to 3.5.14, 3.4.0 to 3.4.16, 3.3.0 to 3.3.19, and 2.7.0 to 2.7.33 of VMware Spring Boot. These vulnerabilities stem from the use of fixed...

5.3CVSS5.3AI score0.00094EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Netty 资源管理错误漏洞

Netty is a non-blocking I/O client-server framework from the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.1.135.Final and 4.2.15.Final contained a resource management vulnerability. This...

7.5CVSS5.2AI score0.00371EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

Netty 资源管理错误漏洞

Netty is a non-blocking I/O client-server framework from the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.1.135.Final and 4.2.15.Final contained a resource management vulnerability. This...

7.5CVSS5.3AI score0.00371EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

MPEG-4 container plugin for Membrane Framework 安全漏洞

The MPEG-4 container plugin for Membrane Framework is an open-source plugin developed by Membrane Framework for parsing and multiplexing MP4 containers. Versions of the MPEG-4 container plugin for Membrane Framework from 0.3.0 to 0.36.7 contained security vulnerabilities. These vulnerabilities...

5.9CVSS5.3AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

Soagen Apinizer 安全漏洞

Soagen Apinizer is an API management and API gateway platform developed by the Turkish company Soagen. Versions of Soagen Apinizer from 2026.04.0 to 2026.04.6 contained security vulnerabilities. These vulnerabilities were caused by improper handling of special elements in expressions language...

9.8CVSS5.4AI score0.00417EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

CodexBar 安全漏洞

CodexBar is an AI programming service usage monitoring tool developed by Peter Steinberger. Versions of CodexBar prior to 0.33.0 contained security vulnerabilities. These vulnerabilities stemmed from credential forwarding, which could allow network adjacent attackers to intercept sensitive...

6CVSS5.3AI score0.00253EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.23 views

CyberArk Idira Endpoint Privilege Manager 安全漏洞

CyberArk Idira Endpoint Privilege Manager is a terminal privilege management agent developed by the American company CyberArk. Vulnerabilities existed in versions of CyberArk Idira Endpoint Privilege Manager prior to version 26.5. These vulnerabilities stemmed from improper access control in the...

8.9CVSS5.3AI score0.00124EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

OpenClaw 权限许可和访问控制问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.20 contained security vulnerabilities. These vulnerabilities were caused by permission escalation issues, where hooks triggered proxy operations that incorrectly received MCP...

8.7CVSS5.8AI score0.00281EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.21 views

WordPress plugin Product Filter by WBW SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.3CVSS5.8AI score0.0039EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.13 views

WordPress plugin MetroStore 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

4.3CVSS8.3AI score0.00184EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.17 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 149.0.7827.115, there was a resource management vulnerability. This vulnerability stemmed from a problem with reusing resources after they were released by the Network component. This could allow attackers with privilege...

8.1CVSS5.4AI score0.00225EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a resource management vulnerability, which stemmed from a reuse issue in the Autofill component. This vulnerability could allow remote attackers to exploit heap corruption through...

8.8CVSS5.5AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

389 Directory Server 输入验证错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. 389 Directory Server has a vulnerability related to input validation. This vulnerability stems from an integer overflow in the SASL I/O layer. In the function...

7.6CVSS6.3AI score0.0067EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.19 views

MCP Server Kubernetes 安全漏洞

MCP Server Kubernetes is a Kubernetes management server developed by Suyog Sonwalkar. Versions of MCP Server Kubernetes prior to 3.6.0 contained security vulnerabilities. These vulnerabilities stemmed from access control being executed at the tool discovery layer but not at the execution layer,...

8.8CVSS5.6AI score0.00376EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.12 views

gst-plugins-bad 缓冲区错误漏洞

gst-plugins-bad is a GStreamer open-source plugin. gst-plugins-bad has a buffer error vulnerability. This vulnerability stems from the H.265 codec parser library using incorrect loop boundaries when parsing SEI messages during the buffer period. As a result, the CPB values allocated for the stack...

6.5CVSS5.6AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.19 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google. It primarily provides features for web browsing, extension support, and multi-platform synchronization. There is a resource management vulnerability in Google Chrome. This vulnerability stems from the Cast component’s failure to properly handle...

8.3CVSS5.9AI score0.00174EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.26 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a security vulnerability caused by an improper implementation in the Headless component. This vulnerability could allow remote attackers to execute a sandbox escape by exploiting a...

9.6CVSS5.6AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Sequoia 15.4 had a security vulnerability due to improper handling of symbolic links, which could allow applications to access protected user data...

5.5CVSS5.3AI score0.00151EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Başarsoft Rotaban 代码问题漏洞

Başarsoft Rotaban is a service route optimization platform developed by the Turkish company Başarsoft. Versions of Başarsoft Rotaban prior to V2026.06.002 and V2026.06.003 contained code vulnerabilities. These vulnerabilities stemmed from the unlimited upload of dangerous type files, which could...

9.9CVSS5.4AI score0.00335EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 代码问题漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were code vulnerabilities in versions prior to 18.10 through 18.10.8...

6.5CVSS5.6AI score0.00247EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.17 views

ClipBucket V5 安全漏洞

ClipBucket V5 is a video hosting platform developed by MacWarrior’s individual developers. Versions of ClipBucket V5 prior to 5.5.3 – including version 133 – contained security vulnerabilities. These vulnerabilities were due to lack of authorization, which could allow ordinary authenticated users...

6.5CVSS5.3AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were security vulnerabilities in versions of GitLab CE/EE between 15...

4.3CVSS5.5AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

WordPress plugin Fediverse Embeds 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

5.3CVSS5.5AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.13 views

Check Point Identity Agent Full 代码问题漏洞

Check Point Identity Agent Full is a terminal identity awareness agent developed by Check Point Technologies. There is a code vulnerability in Check Point Identity Agent Full, which stems from improper handling of executable file parsing during log collection. This vulnerability may allow...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.22 views

VMware Spring Web Services 代码问题漏洞

VMware Spring Web Services is a SOAP Web services development framework provided by the American company VMware. There are code vulnerabilities in versions 5.0.0 to 5.0.1, 4.1.0 to 4.1.3, 4.0.0 to 4.0.18, and 3.1.0 to 3.1.8 of VMware Spring Web Services. These vulnerabilities stem from the use of...

8.6CVSS5.4AI score0.00383EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a security vulnerability caused by improper implementations in the Views component. This vulnerability could allow remote attackers to execute a sandbox escape by exploiting a...

8.3CVSS5.5AI score0.00191EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.22 views

Vim 注入漏洞

Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0495 contained a vulnerability due to the netrw plugin. This vulnerability stemmed from the s:NetrwBookHistSave function in the netrw plugin, which inserted directory names derived from the...

8.8CVSS5.7AI score0.00219EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.17 views

Quest Bot 信息泄露漏洞

Quest Bot is a multi-functional Discord community management robot developed by Duck Organization. Versions of Quest Bot prior to 1.0.4 contained an information leakage vulnerability. This vulnerability stemmed from the logging feature not restricting channel access, allowing configured users to...

5.7CVSS5.3AI score0.00251EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.17 views

WordPress plugin WpEvently 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.3AI score0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

GitLab Enterprise Edition(EE) 安全漏洞

GitLab Enterprise Edition EE is a content management system provided by the American company GitLab. Versions of GitLab EE prior to 15.5, 18.10.8, 18.11.5, and 19.0.2 contained security vulnerabilities. These vulnerabilities were caused by improper authorization in the Group SAML identity...

8.7CVSS5.3AI score0.00278EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.22 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a resource management vulnerability, which stems from a problem with reusing resources after they are released in the Autofill component. A remote attacker can exploit this vulnerability to destroy the...

5.3CVSS6AI score0.00227EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Quest Bot 安全漏洞

Quest Bot is a multi-functional Discord community management robot developed by Duck Organization. Versions of Quest Bot prior to 1.0.5 contained security vulnerabilities. These vulnerabilities stemmed from the AutoMod deletion process not verifying the server to which the rules belong, potential...

8.3CVSS5.3AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.17 views

ClipBucket V5 操作系统命令注入漏洞

ClipBucket V5 is a video hosting platform developed by MacWarrior’s individual developers. Versions of ClipBucket V5 prior to 5.5.3 – including version 140 – contained an operating system command injection vulnerability. This vulnerability stemmed from the remote playback feature allowing direct...

9.8CVSS5.6AI score0.00603EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

CyberArk Idira Privileged Session Manager 操作系统命令注入漏洞

CyberArk Idira Privileged Session Manager is a privileged session management platform developed by the American company CyberArk. Versions of CyberArk Idira Privileged Session Manager for SSH prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6 contained an operating system command injection vulnerability...

8.8CVSS5.9AI score0.0055EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

PostgreSQL Anonymizer SQL注入漏洞

PostgreSQL Anonymizer is an open-source extension developed by DALIBO in France, designed to mask or replace personally identifiable information PII or commercially sensitive data in PostgreSQL databases. PostgreSQL Anonymizer has a SQL injection vulnerability. This vulnerability arises from...

7.5CVSS5.7AI score0.00247EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.19 views

Axios 资源管理错误漏洞

Axios is an open-source HTTP client developed by Axios, based on Promise a solution for asynchronous programming. Versions of Axios prior to 0.32.0 and 1.16.0 have a resource management vulnerability. This vulnerability arises from failing to escape regular expression characters when constructing...

7.5CVSS5.3AI score0.00645EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a security vulnerability caused by improper implementations in the Mojo component. This vulnerability could allow local attackers to execute operating system-level privilege...

8.8CVSS5.4AI score0.0016EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

Cerebrate 信息泄露漏洞

Cerebrate is an open-source platform developed by Cerebrate. It aims to act as an interconnected coordinator for trusted contact information providers and other security tools. Prior to version 1.37 of Cerebrate, there was a vulnerability involving information leakage, which stemmed from exposing...

5.1CVSS5.3AI score0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.19 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.18 contained security vulnerabilities. These vulnerabilities stemmed from insufficient source verification in node event handling, allowing paired nodes to forge exec lifecycle...

8.6CVSS5.3AI score0.00342EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.23 views

VMware Spring Web Services 安全漏洞

VMware Spring Web Services is a SOAP Web services development framework provided by the American company VMware. There are security vulnerabilities in versions 5.0.0 to 5.0.1, 4.1.0 to 4.1.3, 4.0.0 to 4.0.18, and 3.1.0 to 3.1.8 of VMware Spring Web Services. These vulnerabilities stem from...

3.7CVSS5.4AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.15 views

WordPress plugin Fediverse Embeds 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

7.5CVSS5.5AI score0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

Axios 信息泄露漏洞

Axios is an open-source HTTP client developed by Axios. Versions of Axios prior to 0.32.0 and 1.16.0 have a vulnerability known as information leakage. This vulnerability arises from the Node.js HTTP adapter, which may disclose proxy credentials during redirection, potentially leading to these...

7.5CVSS5.4AI score0.00552EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.19 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.19 contained security vulnerabilities. These vulnerabilities stemmed from authorization bypass issues during message reading operations, resulting in bypassing channel permissio...

7.1CVSS5.3AI score0.00215EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.22 views

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a vulnerability due to race conditions in the Safe Browsing component. This vulnerability could allow remote attackers to execute a sandbox escape through malicious files after...

8.3CVSS5.6AI score0.00166EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.15 views

OpenClaw 权限许可和访问控制问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.27 had code-related vulnerabilities. These vulnerabilities stemmed from issues with code execution during the skill installation process. The workarea.env file could override th...

8.8CVSS6.3AI score0.00298EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.11 views

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.25 had code vulnerabilities, stemming from path traversal issues during the loading of memory core artifacts. The state of the workspace affected the resolution of local package...

7.8CVSS5.3AI score0.00114EPSS
Exploits0References1
Total number of security vulnerabilities195539