Lucene search
K
CnnvdMost viewed

195539 matches found

CNNVD
CNNVD
added 2025/07/11 12:0 a.m.20 views

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that stems from an error in the...

7.1CVSS6.9AI score0.00271EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/11 12:0 a.m.20 views

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper...

6CVSS6.6AI score0.00211EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/07 12:0 a.m.20 views

UTT HiPER 840G 安全漏洞

The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...

9CVSS7.9AI score0.00795EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/11 12:0 a.m.20 views

MetaCPAN Perl Mojolicious::Plugin::CSRF 安全特征问题漏洞

MetaCPAN Perl Mojolicious::Plugin::CSRF is a CSRF defense plugin from the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN Perl Mojolicious::Plugin::CSRF version 1.03 that stems from the use of a weak random number source to generate CSRF tokens...

7CVSS6.7AI score0.00242EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/22 12:0 a.m.20 views

Infoblox NETMRI 安全漏洞

Infoblox NETMRI is a network management product from US-based Infoblox, Inc. can automate, provide visibility and continuous insight to help organizations intelligently manage their multi-vendor networks. A security vulnerability exists in Infoblox NETMRI versions prior to 7.6.1 that originates...

5.3CVSS6.5AI score0.06044EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/14 12:0 a.m.20 views

SAMSUNG多款产品 安全漏洞

SAMSUNG Exynos 9820 and others are products of the South Korean company Samsung SAMSUNG.SAMSUNG Exynos 9820 is a processor for mobile devices.SAMSUNG Exynos 980 is a first 5G integrated Soc product and the world's first A77 architecture processor.SAMSUNG Exynos 9825 is a mobile processor. A...

7.5CVSS6.4AI score0.00361EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.20 views

WordPress plugin Instantio 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

7.2CVSS7.5AI score0.00377EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.20 views

Cisco IOS XE 操作系统命令注入漏洞

Cisco IOS XE is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. Cisco IOS XE suffers from an operating system command injection vulnerability that ste...

6.5CVSS7.1AI score0.00355EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.20 views

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.2, which stems from an...

4.9CVSS6.4AI score0.00395EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.20 views

Microsoft Office 资源管理错误漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...

7.8CVSS8AI score0.01072EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.20 views

WordPress plugin Cue 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS6.1AI score0.00396EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/13 12:0 a.m.20 views

Kubernetes 安全漏洞

Kubernetes K8s is an open source system for automating the deployment, scaling, and management of containerized applications from the Kubernetes open source. A security vulnerability exists in Kubernetes that stems from the use of the deprecated in-tree gitRepo volume feature, which could lead to...

6.5CVSS5.5AI score0.00516EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/08 12:0 a.m.20 views

WordPress plugin Post Lockdown 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS8.6AI score0.00304EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.20 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reference count leak due to a missing ofnodeput in at91sam9g20ekaudioprobe...

5.5CVSS5.4AI score0.00252EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.20 views

WordPress plugin ViewMedica 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

5.4CVSS8.2AI score0.00182EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/24 12:0 a.m.20 views

Hanwha Vision NVR 安全漏洞

Hanwha Vision NVR is a series of network video recorder devices from Hanwha Vision, a South Korean company. A security vulnerability exists in Hanwha Vision NVR that originates from a NULL pointer reference due to a special URL parameter value, allowing remote code execution and causing the NVR t...

6.9CVSS7.6AI score0.00593EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.20 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the pairing alignment method that affects Bluetooth pairing functionality...

5.5CVSS7.5AI score0.00261EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.20 views

Microsoft Windows Remote Desktop Services 安全漏洞

Microsoft Windows Remote Desktop Services is a collection of features from Microsoft USA that allow users to remotely access graphical desktops and Windows applications. A remote code execution vulnerability exists in Microsoft Windows Remote Desktop Services, which is caused by a flaw in the...

8.1CVSS8.3AI score0.01079EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.20 views

Microsoft Lightweight Directory Access Protocol 输入验证错误漏洞

Microsoft Lightweight Directory Access Protocol LDAP is a directory services protocol from Microsoft Corporation USA that runs on a layer above the TCP/IP stack. An input validation error vulnerability exists in Microsoft Lightweight Directory Access Protocol. An attacker exploiting this...

9.8CVSS9.5AI score0.70906EPSS
Exploits3References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.20 views

Google Chrome 安全漏洞

Google Chrome is a WEB browser developed by Google Inc. Google Chrome V8 suffers from a use-after-release vulnerability that can be exploited by an attacker to execute arbitrary code...

8.8CVSS7.3AI score0.04071EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/26 12:0 a.m.20 views

Dell Wyse Management Suite 安全漏洞

Wyse Management Suite is Dell's hybrid cloud security management solution for Wyse thin client devices, designed to simplify IT management processes and enhance device security. An authentication bypass vulnerability exists in Wyse Management Suite, which stems from a vulnerability that includes...

7.6CVSS6.9AI score0.00534EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.20 views

E-Lins多款产品 安全漏洞

E-Lins H685 and others are a cellular router from E-Lins. A security vulnerability exists in various E-Lins products that stems from allowing the use of hard-coded credentials. The following products are affected: the E-Lins H685, H685f, H700, H720, H750, H820, H820Q, H820Q0, and H900...

7.5CVSS7.5AI score0.00613EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.20 views

Fortinet多款产品 访问控制错误漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiManager is a centralized network security management platform.Fortinet FortiPortal is an advanced, feature-rich, hosted...

9.8CVSS6.8AI score0.00589EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.20 views

WordPress plugin JS Help Desk 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.8CVSS6.6AI score0.00436EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.20 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure of the sja1105setupdevlinkregions function to properly handle memory leaks in dsa devices, where...

5.5CVSS6.5AI score0.00234EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/09/10 12:0 a.m.20 views

Zyxel NAS542和NAS326 操作系统命令注入漏洞

Zyxel NAS542 and Zyxel NAS326 are both products of the Chinese company Hopkins Zyxel.Zyxel NAS542 is a NAS Network Attached Storage device.Zyxel NAS326 is a cloud storage NAS. An operating system command injection vulnerability exists in Zyxel NAS326 version V5.21AAZF.18C0 and earlier and NAS542...

9.8CVSS9.2AI score0.02064EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/05 12:0 a.m.20 views

Raisecom MSG1200、Raisecom MSG2100E、Raisecom MSG2200和Raisecom MSG2300 操作系统命令注入漏洞

The Raisecom MSG1200 and others are a Gigabit Converged Gateway from Raisecom China. An OS command injection vulnerability exists in the Raisecom MSG1200, Raisecom MSG2100E, Raisecom MSG2200, and Raisecom MSG2300 version 3.90, which originates from the parameter template/ in file...

9.8CVSS6.9AI score0.24873EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.20 views

Palo Alto Networks PAN-OS Security Vulnerability

Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from the presence of an improper input validation vulnerability that allows an attacker to tamper with the physical file system to...

6.8CVSS6.5AI score0.0023EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/30 12:0 a.m.20 views

SeaCMS SQL Injection Vulnerability

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A SQL injection vulnerability exists in SeaCMS version 12.9, which stems from the fact that manipulation of the parameter cid using inpu...

9.8CVSS8AI score0.00534EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.20 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS6.1AI score0.00313EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.20 views

Dell BIOS Input Validation Error Vulnerability

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell USA. The Dell BIOS has an input validation error vulnerability that stems from an improper input validation vulnerability in an externally developed component, which could be exploited by an attacker to caus...

8.2CVSS7.4AI score0.00176EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/08 12:0 a.m.20 views

WordPress plugin Sensei Pro (WC Paid Courses) Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

6.5CVSS6.2AI score0.00353EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/06 12:0 a.m.20 views

Mlflow Security Vulnerabilities

Mlflow is an open source platform for machine learning lifecycles. A security vulnerability exists in Mlflow that stems from the ability to create multiple models with the same name using URL encoding, potentially leading to a denial of service...

5.4CVSS6.7AI score0.00442EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/05/31 12:0 a.m.20 views

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from the use of referral source URLs that require no additional cleanup...

9.8CVSS6.8AI score0.00541EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/22 12:0 a.m.20 views

Cisco Firepower Management Center 安全漏洞

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. Cisco Firepower Management Center suffers from a SQL injection vulnerability that stems from the web-based management interface not adequately validating user input. A remote attacker coul...

8.8CVSS8.1AI score0.00836EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/20 12:0 a.m.20 views

Fluent Bit 安全漏洞

Fluent Bit is an open source log processing and analysis system written in C. A security vulnerability exists in Fluent Bit versions 2.0.7 through 3.0.3, which stems from a security issue in the parsing of trace requests by the http server that could lead to a denial of service condition,...

9.8CVSS7.7AI score0.28309EPSS
Exploits3References3
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.20 views

WordPress plugin Shortcodes and extra features for Phlox theme 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Shortcodes and extra...

9.8CVSS8.6AI score0.00675EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.20 views

Siemens Solid Edge 缓冲区错误漏洞

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute cod...

7.8CVSS7.2AI score0.00295EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/30 12:0 a.m.20 views

Foxit Reader 资源管理错误漏洞

Foxit Reader is a PDF document reader from the Chinese company Foxit. A resource management error vulnerability exists in Foxit Reader version 2024.1.0.23997, which stems from a post-release reuse vulnerability that could lead to memory corruption and arbitrary code execution...

8.8CVSS8.1AI score0.15639EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.20 views

WordPress Plugin Before And After 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress Plugin Before And After A cross-site...

4.3CVSS6.5AI score0.00212EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.20 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation USA that allows access to data from a variety of sources in a unified way. Microsoft OLE DB Provider for SQL Server A security vulnerability exists. An attacker could exploit the vulnerability to remotely execute code...

8.8CVSS8.9AI score0.02351EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.20 views

Fortinet FortiClient 代码注入漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A code injection vulnerability exists in Fortinet...

9.6CVSS7.8AI score0.01524EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/04 12:0 a.m.20 views

Envoy 安全漏洞

Envoy is an open source distributed proxy server. A security vulnerability exists in Envoy that stems from the HTTP/2 protocol stack's susceptibility to CPU exhaustion due to continuous frame flooding. Affected products and versions: Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8...

7.5CVSS6.8AI score0.8781EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/03/26 12:0 a.m.20 views

Tenda AC7 安全漏洞

Tenda AC7 is a wireless router from Tenda, China. A security vulnerability exists in Tenda AC7 version 15.03.06.44 due to a buffer overflow in the index parameter of the formWifiWpsOOB method...

9CVSS9.1AI score0.01683EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/03/25 12:0 a.m.20 views

WordPress Plugin Google Maps CP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

8.8CVSS8.1AI score0.00497EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/01 12:0 a.m.20 views

phpseclib security vulnerability

phpseclib is a PHP secure communication library open-sourced by phpseclib. A security vulnerability exists in phpseclib versions prior to 1.0.23, 2.0.47, and 3.0.36, which stems from a denial of service that allows an attacker to construct an incorrectly-formatted certificate containing a very...

7.5CVSS6.7AI score0.00601EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/17 12:0 a.m.21 views

IBM Trusteer 代码问题漏洞

IBM Trusteer is a suite of security solutions from International Business Machines IBM focused on providing security tools for cybercrime prevention and end-user protection. IBM Trusteer has a code issue vulnerability that stems from the presence of certain undisclosed issues that could allow fil...

9.8CVSS7AI score0.0046EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/21 12:0 a.m.20 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a denial of service vulnerability that originates from the presence of a null pointer dereference in the function ath10kwmitlvoppullmgmttxcomplev. An...

5.5CVSS6.3AI score0.00283EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/12/18 12:0 a.m.20 views

Gallagher Controller 6000 Security Vulnerability

The Gallagher Controller 6000 is an interface between the Gallagher Command Center server and distributed field hardware from Gallagher New Zealand. A security vulnerability exists in Gallagher Controller 6000 versions prior to 8.70 vCR8.70.231204a, v8.60 and earlier, which stems from the presenc...

4.6CVSS6.2AI score0.00311EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/08 12:0 a.m.20 views

Google Pixel Resource Management Error Vulnerability

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from a logic error in the code of the Pixel Camera Driver, which may be used after release...

6.7CVSS6.7AI score0.00109EPSS
Exploits0References3
Total number of security vulnerabilities5000