Lucene search
K
CnnvdMost viewed

195539 matches found

CNNVD
CNNVD
added 2025/07/30 12:0 a.m.22 views

Apple macOS 安全漏洞

Apple macOS Sequoia is an operating system from the American company Apple Apple. Apple macOS Sequoia contains a security vulnerability that can be exploited by attackers to cause iCloud Private Relay to fail to activate when multiple users are logged in at the same time...

5.3CVSS6.4AI score0.00362EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/24 12:0 a.m.22 views

Capillary.io CapillaryScope 安全漏洞

Capillary.io CapillaryScope is a software for vascular examinations from the Spanish company Capillary.io. A security vulnerability exists in Capillary.io CapillaryScope versions prior to v2.5.0, which stems from the unencrypted storage of sensitive data and could lead to credential disclosure...

6.9CVSS6.4AI score0.00074EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.22 views

TeleMessage 安全漏洞

TeleMessage is a secure and compliant messaging solution for organizations from TeleMessage Israel. A security vulnerability exists in TeleMessage version 2025-05-05 and earlier, which stems from the heap content of a JSP application containing a password sent over HTTP...

4CVSS9.3AI score0.00366EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/21 12:0 a.m.22 views

Google Chrome 安全漏洞

Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from an information disclosure vulnerability, no details of the vulnerability are provided at this time...

5.4CVSS6.2AI score0.00322EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/05/05 12:0 a.m.22 views

Retrieval-based-Voice-Conversion-WebUI 安全漏洞

Retrieval-based-Voice-Conversion-WebUI is an open source voice training modeling tool from RVC-Project. A security vulnerability exists in Retrieval-based-Voice-Conversion-WebUI version 2.2.231006 and earlier, which stems from command injection...

9.8CVSS7AI score0.02259EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.22 views

LRQA Nettitude PoshC2 安全漏洞

LRQA Nettitude PoshC2 is an agent-aware C2 framework from LRQA used to help penetration testers with red teaming, late exploits, and lateral movement. A security vulnerability exists in LRQA Nettitude PoshC2 that stems from allowing an unauthenticated attacker to connect to the C2 server and...

6.5CVSS7.4AI score0.00332EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.22 views

Microsoft Windows Kernel 安全漏洞

Microsoft Windows Kernel is the kernel of the Windows operating system by Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel. An attacker can exploit the vulnerability to elevate privileges. The following products and versions are affected:Windows 10 Version 18...

7.8CVSS8.1AI score0.00592EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.22 views

WordPress plugin MyBookProgress by Stormhill Media 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6AI score0.00232EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.22 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an attempt by the usb typec ucsi component to restore a port before port registration, resulting in a null...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.22 views

WordPress plugin WP ERP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.4CVSS8.5AI score0.00344EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.22 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an overflow in the block ublk component queuesize, resulting in a misreference to a pointer...

7.8CVSS5.8AI score0.00229EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.22 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from NFSv4 not initializing nfs4label during referral lookup...

5.5CVSS5.5AI score0.00215EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.22 views

Microsoft SharePoint 授权问题漏洞

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code...

8CVSS8.2AI score0.30987EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/01 12:0 a.m.22 views

WordPress plugin ELEX WordPress HelpDesk & Customer Ticketing System 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability exists in the WordPress...

8.8CVSS8.3AI score0.00483EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.22 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from fd being closed and then left unbound...

5.5CVSS5.9AI score0.00182EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/13 12:0 a.m.22 views

WordPress plugin GiveWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS8.3AI score0.00909EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.22 views

WordPress plugin Convertful 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS8.7AI score0.00339EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/24 12:0 a.m.22 views

Hanwha Vision NVR 安全漏洞

Hanwha Vision NVR is a series of network video recorder devices from Hanwha Vision, a South Korean company. A security vulnerability exists in Hanwha Vision NVR that stems from a URL input parameter in which malformed data can be injected to reboot the NVR, leading to remote code execution...

6.9CVSS7.5AI score0.00593EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/23 12:0 a.m.22 views

Rizin 操作系统命令注入漏洞

Rizin is a free open source reverse engineering framework from the Rizin organization. It is used to analyze binary files, disassemble code, debug programs, as a forensic tool, as a scriptable command-line hex editor capable of opening disk files, and more. An operating system command injection...

7.8CVSS7.1AI score0.01176EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.22 views

WordPress plugin Instant Appointment SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

9.3CVSS9.2AI score0.00523EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.22 views

WordPress plugin Utech World Time 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...

6.5CVSS8AI score0.00392EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.22 views

Pentaminds CuroVMS 安全漏洞

Pentaminds CuroVMS is an intelligent visitor management system from Pentaminds. A security vulnerability exists in Pentaminds CuroVMS version v2.0.1 that stems from the inclusion of exposed credentials...

9.1CVSS6.6AI score0.00519EPSS
Exploits2References3
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.22 views

Google Android 安全漏洞

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the System component of Google Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1, which can be exploited by an attacker to...

7.8CVSS7.1AI score0.00097EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.22 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a faulty 6 GHz scan build...

5.5CVSS6.4AI score0.00259EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.22 views

WordPress plugin MDC YouTube Downloader 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

6.5CVSS7.7AI score0.00304EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/28 12:0 a.m.22 views

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 15, which originates from an application that may be able to bypass certain privacy preferences...

7.5CVSS6.3AI score0.00389EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.22 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the wifi driver rtw89 incorrectly adding the interface to the list twice during system error recovery...

5.5CVSS6.6AI score0.00235EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/10/18 12:0 a.m.22 views

WordPress plugin RSS Feed Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.9AI score0.00313EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/09/17 12:0 a.m.22 views

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 13.7, which stems from the handling of maliciously crafted textures may cause an application to terminate unexpectedly...

5.5CVSS6.2AI score0.00259EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/09/15 12:0 a.m.22 views

OpenDaylight 安全漏洞

OpenDaylight ODL is an open source SDN controller from OpenDaylight Open Source. A security vulnerability exists in OpenDaylight Model-Driven Service Abstraction Layer MD-SAL version 13.0.1 and earlier, which stems from the fact that controllers with the follower role can configure flow entries i...

9.1CVSS6.5AI score0.00443EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/28 12:0 a.m.22 views

Xiaomi GetApps 安全漏洞

Xiaomi GetApps is a global app store by Chinese company Xiaomi. It is used by developers to publish and distribute their apps to over 200 million users in 59 regions. A security vulnerability exists in Xiaomi GetApps that stems from authentication logic that can be bypassed...

8.8CVSS6.8AI score0.00445EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.22 views

Warehouse Inventory System 安全漏洞

Warehouse Inventory System is a Warehouse Inventory Management System by Siamon Hasan Personal Developer. A cross-site request forgery vulnerability exists in Warehouse Inventory System version v2.0, which stems from a failure of the categorie.php component to adequately validate whether a reques...

8.8CVSS6.8AI score0.00284EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/08/07 12:0 a.m.22 views

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows that stems from the presence of an elevation of privilege vulnerability that could allow an attacker with basic user privileges to...

7.3CVSS7AI score0.01678EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/17 12:0 a.m.22 views

SolarWinds Access Rights Manager 授权问题漏洞

SolarWinds Access Rights Manager is a lightweight review management system from SolarWinds. An authorization issue vulnerability exists in SolarWinds Access Rights Manager, which can be exploited by an attacker to gain domain administrator access...

8.8CVSS7AI score0.01943EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/04 12:0 a.m.22 views

Sharp MFP Security Vulnerability

Sharp MFP is a series of multifunction printers from Sharp Japan. A security vulnerability exists in Sharp MFP that stems from incorrect credential information to perform certain device functions, which could result in referencing internal information in the device...

5.3CVSS6.5AI score0.00909EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/06/25 12:0 a.m.22 views

WordPress Plugin Quiz Maker Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS7.5AI score0.11755EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/06/21 12:0 a.m.22 views

WordPress plugin Smush security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS6.4AI score0.00311EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.22 views

Microsoft Dynamics 365 安全漏洞

Microsoft Dynamics 365 Business Central is a comprehensive business management solution that helps small and medium-sized companies connect their finance, sales, service and operations teams in a single, easy-to-use application. An elevation of privilege vulnerability exists in Microsoft Dynamics...

7.3CVSS7.8AI score0.00945EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/28 12:0 a.m.22 views

ansibleguy-webui 安全漏洞

ansibleguy-webui is a coding library by the individual developers at AnsibleGuy in Austria. A security vulnerability exists in ansibleguy-webui versions prior to 0.0.21, which stems from the presence of a cross-site scripting XSS vulnerability...

8.2CVSS7.3AI score0.004EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.22 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability in the media:hantro module...

5.5CVSS6.2AI score0.00235EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/19 12:0 a.m.22 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. No information about this vulnerability is available at this time, so stay tuned to CNNVD or vendor announcements...

5.5CVSS6.4AI score0.00193EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.22 views

WordPress plugin Barcode Scanner with Inventory & Order Manager 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...

5.3CVSS6AI score0.00585EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.22 views

WordPress plugin Testimonial Slider 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6.3AI score0.00353EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.22 views

Adtran SR400ac 安全漏洞

The Adtran SR400ac is a router from the US-based Adtran Corporation. A security vulnerability exists in the Adtran SR400ac that stems from the presence of a ping command injection remote code execution vulnerability, which can be exploited by an attacker to execute code in a root context...

8.8CVSS9.3AI score0.03168EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.23 views

aiohttp 安全漏洞

aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python. A security vulnerability exists in aiohttp versions prior to 3.9.4, which results in a denial of service when attempting to parse a malformed POST request...

7.5CVSS6.3AI score0.01085EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.22 views

Red Hat JBoss Enterprise Application Platform 数据伪造问题漏洞

Red Hat JBoss Enterprise Application Platform EAP is an open source, J2EE-based middleware platform from Red Hat, Inc. The platform is primarily used to build, deploy and host Java applications and services. A data forgery vulnerability exists in Red Hat JBoss Enterprise Application Platform EAP,...

7.3CVSS7.4AI score0.00328EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.22 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...

8.8CVSS8.8AI score0.024EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.22 views

Microsoft Azure Kubernetes 安全漏洞

Microsoft Azure Kubernetes is a fully managed Kubernetes service from Microsoft Corporation USA. Provides serverless Kubernetes, a consolidated Continuous Integration and Continuous Delivery CI/CD experience, along with enterprise-grade security and governance. Unify development and operations...

9CVSS8.7AI score0.1802EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/04 12:0 a.m.22 views

Pebble 安全漏洞

Canonical Pebble is a lightweight, API-driven process manager from Canonical, UK. A security vulnerability exists in Pebble that stems from a file pulling API that allows any user to access the Pebble server.Affected products and versions: canonical/pebble v1.4.1, v1.7.3, v1.10.1...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/19 12:0 a.m.22 views

Xlight FTP Security Vulnerability

Xlight FTP is a high performance and easy to use FTP server software from Xlight FTP. It makes file transfer secure and easy to use. A security vulnerability exists in Xlight FTP version 1.1, which stems from a denial of service caused by the parameter user of the component Login...

7.5CVSS6.7AI score0.04195EPSS
Exploits3References6
Total number of security vulnerabilities5000