Lucene search
K
CnnvdMost viewed

195539 matches found

CNNVD
CNNVD
added 2026/05/28 12:0 a.m.24 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from inconsistent fsck operations during the block migration of f2fs FGGC nodes. This vulnerability ma...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.24 views

IBM Db2 安全漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain security vulnerabilities. These vulnerabilities arise from specially crafted queries when autonomous transactions are enabled, which may lead to denial-of-service...

7.1CVSS5.8AI score0.00362EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.24 views

dssrf 安全漏洞

DSSRF is a URL and network verification library developed by RelunSec’s individual developers, designed for defending against SSRF vulnerabilities. Versions of DSSRF prior to 1.3.0 contained security vulnerabilities, which stemmed from the ability to bypass the isurlsafe check for each IPv6...

8.7CVSS5.8AI score0.00349EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.24 views

WordPress plugin Voyage Plus 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.9AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.24 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between the driveroverrideshow function and the driveroverridestore function in...

4.7CVSS5.8AI score0.00091EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.24 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.6 contained a security vulnerability. This vulnerability stems from the/api/v1/retrieval/query/collection endpoint, which allows access to other users’ private...

4.3CVSS5.8AI score0.00253EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.24 views

Backstage 代码问题漏洞

Backstage is an open-source application developed by Backstage. It serves as an open platform for building developer portals. Versions of Backstage prior to 0.27.1 contained code-related vulnerabilities. These vulnerabilities stemmed from server-side request forgeing when the experimental client ...

7.5CVSS5.8AI score0.00292EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.24 views

Navtor NavBox 安全漏洞

Navtor NavBox is a shipping information system device developed by the Norwegian company Navtor. It is used for electronic nautical chart management and synchronization of navigation data. There is a security vulnerability in Navtor NavBox, which stems from the lack of authentication in the HTTP...

7.5CVSS5.8AI score0.00505EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.24 views

GIMP 安全漏洞

GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability that can lead to a denial-of-service attack due to specially crafted PSP image files...

5.5CVSS7.1AI score0.00494EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.24 views

pearweb 安全漏洞

PearWeb is a PHP extension and application repository developed by PEAR. Versions of PearWeb prior to 1.33.0 contained a security vulnerability. This vulnerability stemmed from the use of the pregReplace function with the / modifier in incorrectly updated email processing, potentially allowing PH...

9.8CVSS5.9AI score0.00395EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.24 views

Sonatype Nexus Repository 安全漏洞

Sonatype Nexus Repository is a repository manager from Sonatype, Inc. that is used for managing, storing, and distributing software, among other things. A security vulnerability exists in Sonatype Nexus Repository 3 3.0.0 and later versions, which stems from improper validation of proxy repositor...

6.2CVSS7.1AI score0.00284EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.24 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from multiple post-release reuse vulnerabilities when physically removing a USB device...

6.4AI score0.00211EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.24 views

hpke-js 安全漏洞

hpke-js is a hybrid public key cryptographic module from the individual developer Ajitomi Daisuke. A security vulnerability exists in hpke-js versions prior to 1.7.5, which stems from a race condition in the SenderContext Seal API that could lead to a loss of message confidentiality and integrity...

9.1CVSS6.2AI score0.00193EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.24 views

Windu CMS 安全漏洞

Windu CMS Windu CMS is a lightweight web content management system CMS from Windu. A security vulnerability exists in Windu CMS version 4.1, which stems from insufficient client-side brute force protection and could lead to brute force attacks...

7.5CVSS6.3AI score0.00249EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.24 views

Abilis CPX 安全漏洞

Abilis CPX is a software platform for a range of, voice and data network management equipment from Abilis, Italy. A security vulnerability exists in Abilis CPX that originates from the ability to log into a restricted shell after three failed SSH authentication attempts, which could lead to a...

6.5CVSS6.6AI score0.00299EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.24 views

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system from Oracle Corporation USA. This database management system provides data management, distributed processing, and other functions. A security vulnerability exists in Portable Clusterware versions 19.3 through 19.28, 21.3 through...

5.8CVSS7.3AI score0.00291EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/17 12:0 a.m.24 views

esm.sh 安全漏洞

esm.sh is a content delivery network open-sourced by esm.sh. A security vulnerability exists in esm.sh version 136 and earlier, which stems from improper handling of the X-Zone-Id HTTP header and could lead to a path traversal attack...

6.9CVSS8.9AI score0.02829EPSS
Exploits2References5
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.24 views

Tautulli 安全漏洞

Tautulli is a Tautulli open source application for monitoring Plex Media Server media server. A security vulnerability exists in Tautulli 2.15.3 and earlier versions, which stems from the presence of path traversal in the realpmsimageproxy endpoint, which could lead to arbitrary file reads...

8.6CVSS6.5AI score0.00633EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/09/04 12:0 a.m.24 views

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that can be exploited by an attacker that may lead to physical elevation of privileges...

8.4CVSS6.5AI score0.00086EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.24 views

XXL-JOB 安全漏洞

XXL-JOB is a distributed task scheduling platform by the individual developer Xu Xueli xuxueli. A security vulnerability exists in XXL-JOB 3.1.1 and earlier versions, which stems from incorrect manipulation of parameter IDs, resulting in improper control of resource identifiers...

5.5CVSS5.5AI score0.00314EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/08/18 12:0 a.m.24 views

Shaarli 安全漏洞

Shaarli is a suite of website cloning tools. A security vulnerability exists in Shaarli versions prior to 0.15.0, which stems from an input string that is not properly cleaned and is susceptible to reflective cross-site scripting attacks...

7.1CVSS6.1AI score0.00216EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.24 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from rpmsgregisterdeviceoverride not releasing a device reference, which could lead to a resource leak...

5.5CVSS6.1AI score0.00159EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.24 views

Fuji Electric V-SFT 缓冲区错误漏洞

Fuji Electric V-SFT is a screen configuration software from Fuji Electric Japan. Fuji Electric V-SFT suffers from a buffer overflow vulnerability that originates in the settemptypedefault function in VS6MemInIF, which can be exploited by an attacker to cause a crash, information disclosure, and...

8.4CVSS7.3AI score0.00191EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/17 12:0 a.m.24 views

WordPress plugin Theme File Duplicator 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

9.9CVSS8.9AI score0.00467EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.24 views

Microsoft Office 资源管理错误漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

7.8CVSS8AI score0.01072EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.24 views

Adobe Illustrator 缓冲区错误漏洞

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Illustrator, which can be exploited by attackers to obtain sensitive information...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.24 views

Salesforce Tableau 安全漏洞

Salesforce Tableau is a data visualization and analytics platform from Salesforce, Inc. A security vulnerability exists in Salesforce Tableau that stems from a plaintext storage of sensitive information vulnerability that could result in personal access tokens being logged...

7.5CVSS6.3AI score0.00325EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/27 12:0 a.m.24 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition issue when concurrently stopping garbage collection in the f2fs file system...

7.8CVSS6.5AI score0.00217EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.24 views

WordPress plugin WPLMS 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A code issue...

9.9CVSS8.8AI score0.00682EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.24 views

WordPress plugin Media Downloader 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS8AI score0.00418EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.24 views

IrfanView 安全漏洞

IrfanView is an image viewer by the individual developer Irfan Skiljan. It supports image browsing, image editing, image format conversion and more. IrfanView suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context of the current proce...

7.8CVSS7.5AI score0.00394EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.24 views

7-Zip 数字错误漏洞

7-Zip is a compression software from the 7-Zip open source. A numeric error vulnerability exists in 7-Zip that stems from improper validation of user-supplied data during the Zstandard decompression process, which could result in an integer overflow and execution of arbitrary code before writing ...

7.8CVSS8AI score0.21985EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.24 views

OpenAirInterface CN5G AMF 安全漏洞

OpenAirInterface CN5G AMF is an OpenAirInterface open source application. A security vulnerability exists in OpenAirInterface CN5G AMF v2.0.0 and earlier versions, which stems from the presence of a stack-based buffer overflow that allows a remote attacker to execute code by sending a response wi...

5.3CVSS7.6AI score0.01412EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/07 12:0 a.m.24 views

Moodle 安全漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle that stems from a possible risk in local files when restoring block backups...

7.5CVSS6.2AI score0.00638EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.24 views

Jamf Pro 安全漏洞

Jamf Pro is an Apple device management solution from Jamf USA. A security vulnerability exists in Jamf Pro that stems from a flaw in the Jamf Remote Assist tool that allows a local, unprivileged user to elevate their privileges to root privileges on MacOS systems...

5.2CVSS6.6AI score0.00142EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.24 views

openSUSE Leap 安全漏洞

openSUSE Leap is a new openSUSE build and a new hybrid Linux distribution from SUSE Germany. A security vulnerability exists in openSUSE Leap that stems from an attacker's ability to place special files into the actual package source, allowing the attacker to change the victim's osc configuration...

5.5CVSS6.4AI score0.00209EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/10 12:0 a.m.24 views

Adobe Commerce 访问控制错误漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An improper access control vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

5.3CVSS6.6AI score0.00589EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.24 views

Siemens JT2GO 安全漏洞

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML with available JT, VFZ, CGM and TIF data. Siemens JT2Go suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

7.8CVSS7.6AI score0.00191EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.24 views

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that originates from...

8.6CVSS7AI score0.0063EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.24 views

Solara Security Breach

Solara is a pure Python, React style framework open sourced by widgetti. It is used to extend Jupyter and web applications. A security vulnerability exists in Solara versions prior to 1.35.1, which stems from a failure to properly validate a URI fragment for a directory traversal sequence, which...

8.6CVSS6.5AI score0.02884EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.24 views

Red Hat Keycloak Information Disclosure Vulnerability

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. An information disclosure vulnerability exists in Red Hat Keycloak. An attacker could exploit the vulnerability to cause a data leak or system...

8.1CVSS6.4AI score0.02837EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.24 views

Microsoft SharePoint 代码问题漏洞

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code...

7.8CVSS8.2AI score0.01187EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.24 views

Submariner Operator 安全漏洞

Submariner Operator is a Submariner open source for installing Submariner components on Kubernetes clusters. A security vulnerability exists in Submariner Operator, which stems from unnecessary role-based access control privileges that allow a privileged attacker to steal service account tokens a...

6.6CVSS6.4AI score0.00504EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.24 views

Red Hat Keycloak 路径遍历漏洞

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A path traversal vulnerability exists in Red Hat Keycloak that stems from an inability to properly validate the inclusion of a URL in a redirec...

8.1CVSS7.9AI score0.01552EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.24 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

Microsoft OLE DB Driver for SQL Server is a standalone data access application programming interface API for OLE DB. A remote code execution vulnerability exists in Microsoft OLE DB Driver for SQL Server, which can be exploited by an attacker to execute arbitrary code on the system...

7.5CVSS8.8AI score0.01777EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.24 views

Microsoft ODBC Driver 安全漏洞

Microsoft ODBC Driver is a driver from Microsoft Corporation USA. It allows applications to access data in a database management system DBMS using SQL as the standard for accessing data. A security vulnerability exists in the Microsoft ODBC Driver. The following products and editions are...

8.8CVSS8.9AI score0.02351EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/04 12:0 a.m.24 views

Esri Portal For ArcGIS 跨站脚本漏洞

Esri Portal For ArcGIS is a component from Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site scripting vulnerability exists in Esri Portal For ArcGIS 11.1 and prior versions that stems from vulnerability to...

6.1CVSS6AI score0.0047EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.24 views

Microsoft Open Management Infrastructure Security Vulnerability

Microsoft Open Management Infrastructure is a free, open source Common Information Model CIM management server from Microsoft. A security vulnerability exists in Microsoft Open Management Infrastructure. An attacker could exploit the vulnerability to remotely execute code. The following products...

9.8CVSS6.7AI score0.20157EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/14 12:0 a.m.25 views

F5 Nginx Code Issues Vulnerabilities

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 Inc. distributed under the BSD-like protocol. A security vulnerability exists in F5 Nginx Plus version R31, which stems from an undisclosed request that could cause an NGINX worker process to...

7.5CVSS8.4AI score0.01061EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.24 views

Drupal Security Vulnerabilities

Drupal is an open source content management system developed in PHP by the Drupal community. A security vulnerability exists in Drupal version 9.3.6, which stems from the presence of a Denial of Service DoS vulnerability...

7.5CVSS6.9AI score0.00791EPSS
Exploits0References6
Total number of security vulnerabilities5000