Lucene search
K
CnnvdMost viewed

195539 matches found

CNNVD
CNNVD
added 2021/02/24 12:0 a.m.21 views

Freebsd FreeBSD Competitive Conditions Problem Vulnerability

FreeBSD is a Unix-like operating system from the Freebsd Foundation. FreeBSD has a security vulnerability that can be exploited by an attacker to bypass restrictions via jail remove Unkilled Processes of FreeBSD to escalate his privileges...

8.5CVSS7.1AI score0.00758EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/02/01 12:0 a.m.21 views

GNOME Evolution Data Forgery Issue Vulnerability

GNOME Evolution is a suite of email client programs for the Gnome desktop environment for Linux. The program provides Email, calendar, meeting scheduling, contact management, and other features. A data forgery issue vulnerability exists in GNOME Evolution through 3.38.3, which stems from Evolutio...

3.3CVSS5.8AI score0.00346EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

TP-Link Tapo C110 格式化字符串错误漏洞

The TP-Link Tapo C110 is an indoor network camera produced by TP-Link Corporation. The TP-Link Tapo C110 v2 has a vulnerability related to formatted string handling. This vulnerability stems from improper processing of user control inputs in the ONVIF service. It is possible for authenticated...

8.1CVSS5.3AI score0.00463EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

Google Chrome 资源管理错误漏洞

Google Chrome is a cross-platform web browser developed by Google. It is primarily used for accessing web pages, running web applications, and providing various extended features. There is a resource management vulnerability in Google Chrome, which stems from improper handling of references after...

8.3CVSS5.9AI score0.00229EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 149.0.7827.115, there was a resource management vulnerability that stemmed from issues with reusing resources after their release in the Media component. This vulnerability could allow remote attackers to exploit heap...

5.5AI score0.0024EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 149.0.7827.115, there was a resource management vulnerability that stemmed from the reuse of resources after they were released in Core. This vulnerability could allow remote attackers to execute arbitrary code through a...

8.8CVSS6AI score0.00287EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google. Its main features include providing a fast, secure, and stable browsing experience. Google Chrome has a resource management vulnerability. This vulnerability stems from the Views component failing to properly handle the object lifecycle when...

8.8CVSS6AI score0.00187EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a cross-platform web browser developed by Google. It primarily offers functions such as web browsing, extension support, and multi-tab management. Google Chrome has a privilege escalation vulnerability, which stems from the VideoCapture component failing to properly validate memo...

5.3CVSS5.9AI score0.00189EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.19 contained security vulnerabilities. These vulnerabilities stemmed from authorization bypass issues during message reading operations, resulting in bypassing channel permissio...

7.1CVSS5.3AI score0.00215EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

Google Chrome 输入验证错误漏洞

Google Chrome is a cross-platform web browser developed by Google. It is primarily used for accessing the internet and running web applications. Google Chrome has a security vulnerability that stems from improper handling of implementation logic in extensions. A remote attacker can exploit this...

3.1CVSS5.9AI score0.00208EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

KanaDojo 安全漏洞

KanaDojo is an attractive and customizable Japanese learning platform developed by lingdojo. Versions of KanaDojo prior to 0.18.0 contained security vulnerabilities. These vulnerabilities were caused by sandbox escape attacks, allowing attackers to execute arbitrary code by passing the global...

8.5CVSS6.3AI score0.00487EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

Quest Bot 安全漏洞

Quest Bot is a multi-functional Discord community management robot developed by Duck Organization. Versions of Quest Bot prior to 1.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the /automod add, /automod remove, and /automod list commands not having the required...

7.2CVSS5.5AI score0.00215EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

389 Directory Server 输入验证错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. 389 Directory Server has a vulnerability related to input validation. This vulnerability stems from an integer overflow in the SASL I/O layer. In the function...

7.6CVSS6.3AI score0.0067EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

Apple macOS Sequoia 信息泄露漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Sequoia 15.4 had a security vulnerability that stemmed from privacy concerns, potentially allowing applications to access sensitive user data...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

Perry 路径遍历漏洞

Perry is a tool developed by Perry OpenSource that compiles TypeScript into native executable files. Versions of Perry prior to 0.5.1159 contained a path traversal vulnerability. This vulnerability allows malicious attackers to write arbitrary content to any writable location within the running...

8.6CVSS5.4AI score0.00379EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

vLLM 资源管理错误漏洞

vLLM is an open-source inference and service engine designed for LLM models, featuring high throughput and efficient memory usage. Version vLLM 0.8.0 and later contain a resource management vulnerability. This vulnerability stems from the unlimited frame counting in the VideoMediaIO.loadbase64...

7.5CVSS7.2AI score0.00543EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

VMware Spring Web Services 安全漏洞

VMware Spring Web Services is a SOAP Web services development framework provided by the American company VMware. There are security vulnerabilities in versions 5.0.0 to 5.0.1, 4.1.0 to 4.1.3, 4.0.0 to 4.0.18, and 3.1.0 to 3.1.8 of VMware Spring Web Services. These vulnerabilities stem from the...

8.2CVSS5.3AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 6.9.13-48 and 7.1.2-24 contained security vulnerabilities due to lack of return value checking. On 32-bit...

5.9CVSS5.5AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

Fission 操作系统命令注入漏洞

Fission is an open-source function deployment framework based on Kubernetes. Versions of Fission prior to 1.23.0 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the builder passing the Environment.spec.builder.command directly to...

6.9CVSS5.6AI score0.00364EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

libnfs 安全漏洞

libnfs is a network file system access client library developed by Ronnie Sahlberg. Versions of libnfs prior to 55c18ea contained security vulnerabilities; these vulnerabilities stemmed from unvalidated string sizes, which could lead to integer overflows when connecting to specially crafted NFS...

7.1CVSS5.4AI score0.00192EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

Palo Alto Networks PAN-OS 代码问题漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall devices. There is a code vulnerability in Palo Alto Networks PAN-OS, which stems from memory corruption during tunnel traffic processing. This vulnerability could allow authenticated users to initiat...

6.9CVSS5.5AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

Dulwich 路径遍历漏洞

Dulwich is a Python-based Git repository management interface developed by Jelmer Vernooij. Versions of Dulwich from 0.23.2 to 1.2.5 contained a path traversal vulnerability. This vulnerability stemmed from the porcelain.submoduleupdate method not verifying the submodule paths properly. As a...

7.5CVSS5.6AI score0.00448EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

Dulwich 路径遍历漏洞

Dulwich is a Python-based Git repository management interface developed by Jelmer Vernooij. Versions of Dulwich from 0.10.0 to 1.2.5 contained a path traversal vulnerability. This vulnerability stemmed from the fact that the path element verifier on Windows allowed filenames that were interpreted...

8.8CVSS6AI score0.00635EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

WordPress plugin Copy & Delete Posts 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.4AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

TDengine 数字错误漏洞

TDengine is an open-source, high-performance, cloud-native time series database developed by the TDengine company. There are digital error vulnerabilities in the TDengine 3.4.0.0 to 3.4.1.5 version. These vulnerabilities stem from unverified remote attackers sending specially crafted RPC packets,...

7.5CVSS5.4AI score0.00539EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

Fedify 安全漏洞

Fedify is a TypeScript library developed by Hong Minhee. It is used to build federated server applications that support ActivityPub and other standards. Versions of Fedify prior to 1.9.11, 1.10.10, 2.0.18, 2.1.14, and 2.2.3 have security vulnerabilities. These vulnerabilities stem from attackers...

7CVSS5.4AI score0.00171EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Monterey prior to 12.4 contained security vulnerabilities due to memory corruption issues, which could lead to unexpected changes in shared memory between processes...

7.1CVSS5.5AI score0.00099EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

Fission 安全漏洞

Fission is an open-source function deployment framework based on Kubernetes. Versions of Fission prior to 1.24.0 contained a security vulnerability. This vulnerability stemmed from the lack of validation in the Environment.spec.runtime.podSpec/spec.builder.podSpec field. When using MergePodSpec,...

9.9CVSS5.3AI score0.003EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

Fission 安全漏洞

Fission is an open-source function deployment framework based on Kubernetes. Versions of Fission prior to 1.23.0 contain security vulnerabilities. These vulnerabilities stem from the runtime Pod using the fission-fetcher ServiceAccount and automatically mounting tokens. User function code can rea...

8.7CVSS5.4AI score0.00276EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

389 Directory Server 安全漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server, which stems from the fact that the length of the ocsuperior field is not taken into account when calculating...

6.5CVSS5.5AI score0.00349EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

Jenkins 安全漏洞

Jenkins is an open-source application developed by Jenkins Project. The open-source automation server Jenkins offers hundreds of plugins to support building, deploying, and automating any project. Jenkins versions 2.567 and earlier, as well as LTS 2.555.2 and earlier, have security vulnerabilitie...

4.3CVSS5.3AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

NSA Ghidra 资源管理错误漏洞

NSA Ghidra is an open-source reverse-engineering tool developed by the National Security Agency National Security Agency of the United States. Prior to version 12.1 of NSA Ghidra, there was a resource management vulnerability. This vulnerability stemmed from iterator failures during the...

6.9CVSS5.5AI score0.00169EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

VMware Spring Data Commons 资源管理错误漏洞

VMware Spring Data Commons is a data access abstraction framework developed by VMware Corporation in the United States. Vulnerabilities exist in versions 4.0.0 and earlier, as well as versions 3.5.0 and earlier, 3.4.0 and earlier, 3.3.0 and earlier, 3.2.0 and earlier, 3.1.0 and earlier, 3.0.0 and...

5.9CVSS5.3AI score0.00331EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

VMware Spring AMQP 信任管理问题漏洞

VMware Spring AMQP is a message queue integration framework developed by VMware, Inc. There is a vulnerability related to trust management in VMware Spring AMQP. This vulnerability arises when configuring a proxy connection using RabbitConnectionFactoryBean.setUriamqps://…, without calling...

4CVSS5.3AI score0.00132EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

VMware Spring Data MongoDB 安全漏洞

VMware Spring Data MongoDB is a MongoDB data access framework developed by the American company VMware. There are security vulnerabilities in VMware Spring Data MongoDB versions 5.0.0 and earlier, as well as versions 4.5.0 and earlier, 4.4.0 and earlier, 4.3.0 and earlier, 4.2.0 and earlier, 4.1....

8.1CVSS5.4AI score0.00328EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

Spring Security 跨站脚本漏洞

VMware Spring Security is a security framework provided by the American company VMware, designed to provide descriptive security protection for Spring-based applications. VMware Spring Security has a cross-site scripting vulnerability, which allows attackers to manipulate values within...

7.6CVSS6.2AI score0.00204EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

SpiceDB 授权问题漏洞

SpiceDB is a fine-grained permission database developed by the Authzed team. In versions 1.15.0 to 1.52.0 of SpiceDB, there was an authorization vulnerability. This vulnerability stemmed from the caveat structure, which contained nested lists, potentially leading to improper caching reuse...

2.3CVSS5.3AI score0.00276EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft DWM Core Library 资源管理错误漏洞

The Microsoft DWM Core Library is a core library of Microsoft Windows from the company Microsoft. There is a resource management vulnerability in the Microsoft DWM Core Library. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected:...

7.8CVSS5.4AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

microsoft windows common log file system driver 资源管理错误漏洞

The Microsoft Windows Common Log File System Driver provides a high-performance, general-purpose log file subsystem. Dedicated client applications can utilize this subsystem, and multiple clients can share it to optimize log access. The Microsoft Windows Common Log File System Driver has a resour...

7.8CVSS5.8AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Windows Media Center 缓冲区错误漏洞

Microsoft Windows Media is a series of media playback and management software developed by the American company Microsoft. There are security vulnerabilities in Microsoft Windows Media. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected:...

7.8CVSS7.1AI score0.00445EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Windows Ancillary Function Driver for WinSock 竞争条件问题漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a compatibility issue vulnerability in Winsock by Microsoft Corporation. Attackers can exploit this vulnerability to gain elevated privileges. The following products and versions are affected: Windows Server 2012 R2 Server Core...

7CVSS7AI score0.00179EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Windows Performance Monitor 数字错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability in input validation of Microsoft Windows. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected: Windows 11...

8.1CVSS6AI score0.0064EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Windows TCP/IP 缓冲区错误漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There are security vulnerabilities associated with Microsoft Windows TCP/IP. The following products and versions are affected: Windows Server 2022, Windows 11 Version...

5.5CVSS5.8AI score0.00383EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability arises from the vgicitsinvalidatecache function, which incorrectly places an iteration pointer ...

9.3CVSS5.3AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

SQLFluff 资源管理错误漏洞

SQLFluff is an open-source SQL linter that features flexible and configurable syntax. Versions of SQLFluff prior to 4.2.0 contained a resource management vulnerability. This vulnerability stemmed from the parser’s improper handling of malicious long SQL queries, which could lead to resource...

7.5CVSS5.6AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Adobe Experience Manager 输入验证错误漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

6.1CVSS5.4AI score0.00254EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.2AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

DBI 缓冲区错误漏洞

DBI is a Perl database interface tool developed under the open-source license of perl5-dbi. Versions of DBI prior to 1.648 contained a buffer error vulnerability. This vulnerability stemmed from the lack of length limitation when error messages were written into a 200-byte buffer, which could lea...

9.8CVSS5.7AI score0.00393EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Windows Narrator Braille 权限许可和访问控制问题漏洞

Microsoft Windows is an operating system used on personal devices by the American company Microsoft. There are code-related vulnerabilities in Microsoft Windows Narrator Braille. Attackers can exploit these vulnerabilities to gain higher privileges...

7.8CVSS7.1AI score0.00432EPSS
Exploits0References1
Total number of security vulnerabilities5000