Lucene search
K
CnnvdMost viewed

195539 matches found

CNNVD
CNNVD
added 2022/09/13 12:0 a.m.30 views

NLnet Labs Routinator 安全漏洞

NLnet Labs Routinator is an RPKI Resource Public Key Infrastructure validator from NLnet Labs in the Netherlands written in the Rust language. A security vulnerability exists in NLnet Labs Routinator versions 0.9.0 through 0.11.2, which stems from an error in error handling, where data in RRDP...

7.5CVSS7.3AI score0.00721EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/06/15 12:0 a.m.30 views

Cisco Identity Services Engine 安全漏洞

Cisco Identity Services Engine ISE is an environment-aware platform ISE Identity Services Engine from Cisco. The platform oversees networks by collecting real-time information from networks, users, and devices to develop and implement appropriate policies.The Cisco Identity Services Engine is...

9.8CVSS5.7AI score0.01045EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/06/13 12:0 a.m.30 views

WordPress plugin Newsletter 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS5.7AI score0.01785EPSS
Exploits2References4
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.30 views

Neos 跨站脚本漏洞

Neos/forms is an open source framework for building web forms. A security vulnerability exists in Neos CMS versions 3.3.29 and 8.0.1, which stems from the presence of multiple cross-site scripting vulnerabilities...

5.4CVSS5.4AI score0.00564EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/10 12:0 a.m.30 views

Microsoft .NET Framework 输入验证错误漏洞

Microsoft .NET Framework is a comprehensive and consistent programming model from Microsoft Corporation USA and a development platform. The platform includes the C and Visual Basic programming languages, a public language runtime library, and an extensive class library. An input validation error...

5.5CVSS6.4AI score0.02515EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/05/05 12:0 a.m.30 views

SchedMD Slurm 安全漏洞

SchedMD Slurm is an open source and highly scalable cluster management and job scheduling system for large and small Linux clusters from SchedMD, Inc. SchedMD Slurm versions 21.08.x through 21.08.8 A security vulnerability exists in versions 20.11.x through 20.11.9, which stems from information...

9CVSS8.1AI score0.02102EPSS
Exploits0References18
CNNVD
CNNVD
added 2022/05/04 12:0 a.m.30 views

F5 BIG-IP 多款产品跨站脚本漏洞

F5 BIG-IP and F5 BIG-IP Guided Configuration GC are both products of F5, Inc. F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, etc. F5 BIG-IP Guided Configuration is a configuration template. cross-site...

6.8CVSS6.2AI score0.00852EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/05/02 12:0 a.m.30 views

WordPress plugin Ad Invalid Click Protector 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Ad Invalid Click Protector plugin versions prior to 1.2.7 are vulnerable to cross-site...

6.5CVSS6.3AI score0.00562EPSS
Exploits2References3
CNNVD
CNNVD
added 2022/04/18 12:0 a.m.30 views

ZOHO ManageEngine ADSelfService Plus 信任管理问题漏洞

ZOHO ManageEngine ADSelfService Plus is an integrated self-service password management and single sign-on solution for Active Directory and cloud applications from ZOHO, Inc. version 6122, a remote code execution vulnerability exists that can be exploited by remote and partially authenticated...

7.1CVSS9AI score0.70501EPSS
Exploits4References7
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.30 views

Microsoft Skype for Business Server 信息泄露漏洞

Microsoft Skype for Business Server is a secure, unified communications platform from Microsoft that provides instant messaging IM, audio and video calling, online conferencing, online status messages, and sharing capabilities. An information disclosure vulnerability exists in Microsoft Skype for...

6.5CVSS7AI score0.03301EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.30 views

WordPress plugin 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress eRoom-Zoom Meetings & Webinar plugin 1.3.7 an...

4.3CVSS5.7AI score0.00432EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/04/04 12:0 a.m.30 views

WordPress plugin Blackhole for Bad Bots 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A security vulnerability exists in the WordPress plugin...

9.1CVSS8.3AI score0.01645EPSS
Exploits2References4
CNNVD
CNNVD
added 2022/03/07 12:0 a.m.30 views

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from Autodesk, Inc. A buffer error vulnerability exists in Autodesk AutoCAD that stems from a lack of proper validation of the length of user-supplied data before copying it to a stack-based buffer...

7.8CVSS7.5AI score0.0182EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/12/27 12:0 a.m.30 views

Apache Apisix 访问控制错误漏洞

Apache Apisix is a cloud-native microservices API gateway service from the Apache Foundation in the United States. The software is based on OpenResty and etcd for dynamic routing and plug-in hot-loading, and is suitable for API management in microservice systems. an authorization issue...

9.8CVSS5.7AI score0.85943EPSS
Exploits5References4
CNNVD
CNNVD
added 2021/12/17 12:0 a.m.30 views

NumPy 安全漏洞

NumPy is a Python scientific computing package. The product supports a large number of dimensional array and matrix calculations, as well as providing a large library of mathematical functions for data operations. A security vulnerability exists in NumPy prior to 1.19, which stems from a buffer...

5.5CVSS7.6AI score0.00368EPSS
Exploits1References11
CNNVD
CNNVD
added 2021/12/08 12:0 a.m.30 views

Reprise License Manager 安全漏洞

Reprise Software Reprise License Manager is a software licensing toolkit from Reprise Software, Inc. that provides local and cloud-based license management, license enforcement and product activation solutions for publishers of commercial software applications.Reprise Software Reprise License...

9CVSS6.5AI score0.02005EPSS
Exploits3References4
CNNVD
CNNVD
added 2021/08/19 12:0 a.m.30 views

Parse Server 授权问题漏洞

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. An authorization issue vulnerability exists in versions of Parse Server prior to 4.5.1 that stems from the server incorrectly creating a session when an anonymous user registers with REST for t...

6.5CVSS6.5AI score0.00993EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/08/12 12:0 a.m.30 views

Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which could be exploited by an attacker to cause a denial of service in "boostedtreescreatequantilestream resource" using the negation parameter...

5.5CVSS5.3AI score0.00154EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/07/29 12:0 a.m.30 views

Apache jUDDI 代码问题漏洞

Apache jUDDI is a java implementation of UDDI open source package that serves WebServices. jUDDI versions prior to Apache jUDDI 3.3.10 have a code issue vulnerability that can be exploited by attackers to remotely run arbitrary code...

9.8CVSS6AI score0.04115EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/07/12 12:0 a.m.30 views

FortiMail操作系统命令注入漏洞

Fortinet FortiMail is a set of e-mail security gateway products of the U.S. Fita Fortinet. The product provides e-mail security and data protection features. A security vulnerability exists in the FortiMail management interface before 6.4.4, which can be exploited by an attacker to execute...

8.8CVSS5.8AI score0.01155EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/06/17 12:0 a.m.30 views

Quassel 安全漏洞

Quassel Quassel IRC is a graphical, distributed, cross-platform IRC client. A security vulnerability exists in Quassel 0.13.1, which stems from launching without SSL or TLS support when --require-ssl is enabled, if an available X.509 certificate cannot be found on the local system...

7.5CVSS7.2AI score0.00616EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/06/11 12:0 a.m.30 views

TianoCore EDK2 加密问题漏洞

EDK2 is a set of cross-platform firmware development environments from the TianoCore Tianocore community based on the UEFI and PI specifications. EDK2 suffers from a cryptographic issue vulnerability that stems from a potential security risk in the example EDK2 encrypted private key in IpSecDxe.e...

7.5CVSS7.2AI score0.01106EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/05/26 12:0 a.m.30 views

Ubuntu Apport 后置链接漏洞

Apport is a toolkit for collecting and feeding back error messages information that the operating system finds useful when an application crashes. A security vulnerability exists in Ubuntu Apport that stems from Apport incorrectly handling certain information-gathering operations, which can be...

7.3CVSS6.6AI score0.00289EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/05/13 12:0 a.m.30 views

Sensorweb ScadaBR 代码问题漏洞

Sensorweb ScadaBR is a suite of open source software for developing automated data acquisition and monitoring applications from Sensorweb, Inc. A code issue vulnerability exists in ScadaBR 1.0 / 1.1CE. The vulnerability stems from a lack of effective privilege licensing and access control measure...

8.8CVSS8.2AI score0.39096EPSS
Exploits8References6
CNNVD
CNNVD
added 2021/04/15 12:0 a.m.30 views

Envoy 输入验证错误漏洞

Envoy is an open source distributed proxy server. versions prior to Envoy 1.71.1 are vulnerable to integer overflow, which can be exploited by an attacker with an excessive grpc-timeout value to cause an unexpected timeout calculation...

7.5CVSS5.6AI score0.0204EPSS
Exploits1References7
CNNVD
CNNVD
added 2020/11/24 12:0 a.m.30 views

MongoDB Authorization Issues Vulnerability

MongoDB is a document-oriented database management system from the U.S.-based MongoDB, Inc. An authorization issue vulnerability exists in MongoDB that allows an unauthenticated client to trigger a denial of service by issuing a specially crafted wired protocol message, which could cause the...

7.5CVSS7.1AI score0.01655EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.29 views

Apple多款产品 访问控制错误漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

5.3CVSS5.4AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.29 views

Jenkins 代码问题漏洞

Jenkins is an open-source application developed by Jenkins Project. The open-source automation server Jenkins offers hundreds of plugins to support building, deploying, and automating any project. Jenkins versions 2.567 and earlier, as well as LTS 2.555.2 and earlier, have code vulnerabilities...

8.8CVSS5.6AI score0.14907EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.29 views

VMware Spring Security 代码问题漏洞

VMware Spring Security is a security framework provided by the American company VMware, designed to provide descriptive security protection for Spring-based applications. Versions of VMware Spring Security from 7.0.0 to 7.0.5 have code vulnerabilities. These vulnerabilities stem from attackers wh...

7.3CVSS5.5AI score0.00198EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.29 views

WordPress plugin LearnPress – WordPress LMS Plugin for Create and Sell Online Courses 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.3CVSS5.8AI score0.00423EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.29 views

Angular 代码问题漏洞

Angular is an open-source development platform created by Angular. It is used to build mobile and desktop web applications using TypeScript/JavaScript and other languages. There were code-related vulnerabilities in versions prior to Angular 19.2.21, 20.3.19, 21.2.9, and 22.0.0-next.8. These...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.29 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of a key size check in Bluetooth L2CAP. This vulnerability may lead to unexpected...

8.1CVSS5.8AI score0.00177EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.29 views

mchange-commons-java 注入漏洞

mchange-commons-java is a software developed by Steve Waldman. Versions of mchange-commons-java prior to 0.4.0 had a injection vulnerability. This vulnerability stemmed from the library’s inclusion of an independently implemented JNDI dereferencing function, which could allow attackers to trigger...

9.8CVSS7.4AI score0.00812EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.29 views

Tattile Smart+ 代码问题漏洞

Tattile Smart+ is a smart license plate recognition camera developed by the Italian company Tattile. There are code-related vulnerabilities in Tattile Smart+, Vega, and Basic 1.181.5 and earlier versions. These vulnerabilities stem from an inadequate mechanism for handling expired authentication...

9.8CVSS5.8AI score0.00716EPSS
Exploits3References3
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.29 views

Apache Linkis security vulnerabilities

Apache Linkis is a middleware product developed by the Apache Foundation in the United States. It enables effective connections between upper-level applications and underlying data engines. Versions of Apache Linkis 1.7.0 and earlier contain security vulnerabilities. These vulnerabilities stem fr...

7.5CVSS5.8AI score0.00744EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.29 views

Microsoft Windows Kerberos 安全漏洞

Microsoft Windows Kerberos is a software for authentication in network clusters from Microsoft Corporation.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications via a key system. A security vulnerability exists i...

7.5CVSS5.8AI score0.00974EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/21 12:0 a.m.29 views

WordPress plugin TempTool 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.3AI score0.0018EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/20 12:0 a.m.29 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to free untracked internal buffers, which could lead to a memory leak...

6.1AI score0.00214EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/04 12:0 a.m.29 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling reference counting, which could lead to a resource leak...

4.9AI score0.00146EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.29 views

Unitree多款产品 安全漏洞

Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree H1 is a humanoid robot. A security vulnerability exists in several Unitree products that stems from the u...

4.7CVSS6.4AI score0.00177EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.29 views

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when a PLMN is selected...

9.8CVSS6.9AI score0.00402EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/14 12:0 a.m.29 views

SourceCodester Student Grading System SQL注入漏洞

SourceCodester Student Grading System is a SourceCodester open source student grading system. A SQL injection vulnerability exists in SourceCodester Student Grading System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /edituser.php, which could lead to a SQL...

8.8CVSS6.9AI score0.00309EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.29 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unrestricted id mapping change that could lead to elevation of privilege...

7.8CVSS6.1AI score0.00141EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.29 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unreleased node references in xivegetmaxprio, which could lead to a reference count leak...

5.5CVSS6.3AI score0.0016EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.29 views

Microsoft Windows SMB Server 访问控制错误漏洞

Microsoft Windows SMB Server is a network file sharing protocol from Microsoft USA. It allows applications on a computer to read and write files and request services from server programs on a computer network. An access control error vulnerability exists in Microsoft Windows SMB Server. An attack...

8.8CVSS9AI score0.64987EPSS
Exploits6References3
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.29 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to release a buffer during a synthetic event test, which could lead to a memory leak...

5.5CVSS6.5AI score0.00165EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.29 views

Fortinet多款产品 安全漏洞

Fortinet FortiOS and others are products of Fortinet, Inc. Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiManager is a centralized network security management platform.Fortinet FortiProxy is a secure network proxy that protects...

7.5CVSS6.3AI score0.00379EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/24 12:0 a.m.29 views

WordPress plugin BookingPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. The WordPress plugi...

6.5CVSS8.5AI score0.00484EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/29 12:0 a.m.29 views

SiYuan 安全漏洞

SiYuan is a privacy-first personal knowledge management system from SiYuan open source. A security vulnerability exists in SiYuan version 3.1.11, which stems from the ids array parameter of the /batchGetBlockAttrs file containing a SQL injection vulnerability...

9.8CVSS7.8AI score0.00522EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.30 views

Symfony 信息泄露漏洞

Symfony is a PHP framework for web and console applications and a set of reusable PHP components from Symfony, Inc. An information disclosure vulnerability exists in Symfony that originates from some internal information being disclosed during host resolution, which could lead to IP/port...

3.1CVSS3.9AI score0.00481EPSS
Exploits0References4
Total number of security vulnerabilities5000