Lucene search
K
CnnvdMost viewed

195539 matches found

CNNVD
CNNVD
added 2025/04/16 12:0 a.m.19 views

SourceCodester Web-based Pharmacy Product Management System 注入漏洞

SourceCodester Web-based Pharmacy Product Management System is SourceCodester open source a Web-based pharmacy product management system . An injection vulnerability exists in the SourceCodester Web-based Pharmacy Product Management System version 1.0, which results from SQL injection due to...

9.8CVSS7.8AI score0.00544EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.19 views

Oracle MySQL 安全漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL Server, which stems from improper handling of the Server: DDL component and can be exploited by an...

4.9CVSS6AI score0.00754EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.19 views

YesWiki 路径遍历漏洞

YesWiki is a wiki system written in PHP by the French organization YesWiki. It is used to create and manage websites in a collaborative manner. A path traversal vulnerability exists in YesWiki versions prior to 4.5.2, which stems from the squelette parameter being vulnerable to a path traversal...

8.6CVSS9AI score0.05366EPSS
Exploits6References4
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.19 views

FoxCMS 代码注入漏洞

FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS version 1.2.5, which originates from the index.html component that allows execution of arbitrary code...

9.8CVSS6.8AI score0.43655EPSS
Exploits11References3
CNNVD
CNNVD
added 2025/03/15 12:0 a.m.19 views

Keylime 代码问题漏洞

Keylime is an open source extensible trust system utilizing TPM technology from Keylime Open Source. A code issue vulnerability exists in Keylime version 7.12.0 that stems from strict type checking and could lead to proxy registration failure...

4.3CVSS6.7AI score0.00365EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/08 12:0 a.m.19 views

WordPress plugin Post Lockdown 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS8.6AI score0.00304EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.19 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling peer hash locks and RCU callbacks, which could lead to a deadlock...

5.5CVSS6.4AI score0.00148EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.19 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the scxmovetask function not properly detecting automated group migrations, which could result in a warning...

5.5CVSS6AI score0.00191EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.19 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference to ctx-activefmt in calctxv4l2initformats...

5.5CVSS5.4AI score0.00252EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.19 views

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a code issue vulnerability that stems from the bnxt driver not properly recalculating network device characteristics after XDP is disabled, which...

5.5CVSS8.1AI score0.00208EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.19 views

Barco多款产品 安全漏洞

Barco ClickShare CX-30/20 and others are products of Barco Belgium.Barco ClickShare CX-30/20 is a seamless wireless conferencing solution for small and medium-sized meeting rooms.Barco ClickShare C-5/10 is a seamless wireless The Barco ClickShare Bar Pro/Core is an advanced all-in-one video...

7.6CVSS6.9AI score0.00433EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.19 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from the presence of an object reference loop problem...

5.5CVSS6.6AI score0.00186EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.19 views

Intel Neural Compressor 输入验证错误漏洞

Intel Neural Compressor is an open source project from Intel Corporation USA designed to help developers easily implement AI model optimization. A security vulnerability exists in Intel Neural Compressor versions prior to v3.0 that stems from improper input validation. An attacker exploiting the...

7.7CVSS6.5AI score0.003EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/09 12:0 a.m.19 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with passing a stopped vif to a driver...

5.5CVSS6.7AI score0.00263EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.19 views

WordPress plugin WP Job Manager - Resume Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.7AI score0.00328EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.19 views

Microsoft Simple Certificate Enrollment Protocol 资源管理错误漏洞

Microsoft Simple Certificate Enrollment Protocol is a Microsoft Corporation USA protocol for automating certificate enrollment that allows devices to request and receive certificates through a simple process. A resource management error vulnerability exists in Microsoft Simple Certificate...

7.5CVSS6.1AI score0.02277EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.19 views

Django 安全漏洞

Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django versions v5.1.1, v5.0.9 and v4.2.16. An attacker...

5.3CVSS5AI score0.00805EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.19 views

Microsoft Remote Desktop Client 资源管理错误漏洞

Microsoft Remote Desktop Client is a remote desktop client from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Remote Desktop Client. An attacker could exploit this vulnerability to remotely execute code. The following products and versions are affected:...

8.8CVSS6.5AI score0.01475EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.19 views

HCL Nomad 安全漏洞

HCL Nomad is an application for using and managing the Domino application development platform in mobile devices from HCL Corporation, USA. A security vulnerability exists in HCL Nomad, which stems from being affected by an open proxy vulnerability...

8.6CVSS6.8AI score0.00375EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/17 12:0 a.m.19 views

ArubaOS 安全漏洞

ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba, USA. A security vulnerability exists in ArubaOS. An attacker could exploit the vulnerability by installing unsigned software packages on the underlying...

7.2CVSS7.3AI score0.01167EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/27 12:0 a.m.19 views

Hitachi Energy MicroSCADA X SYS600 参数注入漏洞

Hitachi Energy MicroSCADA X SYS600 is a SCADA product from Hitachi, Japan. It ensures optimal control and reliable operation of your switching station through seamless integration and connectivity between different devices and systems. The Hitachi Energy MicroSCADA X SYS600 suffers from a paramet...

9.9CVSS9AI score0.00611EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/17 12:0 a.m.19 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the soc:qcom:icc-bwmon module issuing a warning due to an imbalance in reference counts during bwmonremove,...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.19 views

Fortinet FortiOS 访问控制错误漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An access control error...

5.5CVSS6.7AI score0.00159EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/05 12:0 a.m.19 views

Raisecom MSG1200、Raisecom MSG2100E、Raisecom MSG2200和Raisecom MSG2300 操作系统命令注入漏洞

The Raisecom MSG1200 and others are a Gigabit Converged Gateway from Raisecom China. An OS command injection vulnerability exists in the Raisecom MSG1200, Raisecom MSG2100E, Raisecom MSG2200, and Raisecom MSG2300 version 3.90, which originates from the parameter template/ in file...

9.8CVSS6.9AI score0.24873EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/08/01 12:0 a.m.19 views

WordPress plugin CTT Expresso para WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS6.1AI score0.00415EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.19 views

WordPress plugin Newspack Blocks Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

7.5CVSS6AI score0.00551EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/06 12:0 a.m.19 views

WordPress plugin Responsive Image Gallery security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.3CVSS6.8AI score0.00246EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/01 12:0 a.m.19 views

key-serializer security vulnerability

key-serializer is a library by Harvey Woo Personal Developer. It is used to serialize keys and query keys deep within objects. A security vulnerability exists in key-serializer version 0.2.5, which stems from a function containing prototype contamination that allows an attacker to execute arbitra...

6.3CVSS7.7AI score0.00419EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/25 12:0 a.m.19 views

WordPress Security Vulnerabilities

WordPress is a suite of blogging platforms developed in the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WordPress versions prior to 6.5.5, which stems from insufficient input clean...

6.4CVSS5.8AI score0.00467EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/06/21 12:0 a.m.19 views

IBM i Security Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.3, 7.4, and 7.5. An attacker exploiting this vulnerability could elevate privileges to gain root access to the host...

7.8CVSS6.8AI score0.00171EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.19 views

Microsoft Azure Backlink Vulnerability

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft Corporation USA. A backlink vulnerability exists in Microsoft Azure File Sync. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected:Azure Fi...

4.4CVSS6.7AI score0.00738EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/08 12:0 a.m.19 views

WordPress plugin Sensei Pro (WC Paid Courses) Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

6.5CVSS6.2AI score0.00353EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/07 12:0 a.m.19 views

netplan Security Vulnerabilities

netplan is a utility program from the netplan team for easy network configuration on Linux systems. A security vulnerability exists in Netplan 1.0 and earlier versions, which stems from disclosing the private key of wireguard to local users...

6.5CVSS6.3AI score0.00264EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/05/31 12:0 a.m.19 views

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle versions 4.3 through 4.3.3. An attacker exploited the vulnerability to perform a cross-site...

8.8CVSS6.7AI score0.00314EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/31 12:0 a.m.19 views

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle versions 4.3 through 4.3.3, which stems from an insufficient check to see if ReCAPTCHA is...

7.5CVSS6.8AI score0.00419EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.19 views

Adobe Acrobat Reader 访问控制错误漏洞

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a security vulnerability that can be exploited by an attacker to cause arbitrary code execution in the context of the current user...

7.8CVSS7.7AI score0.00362EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.19 views

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from a publicly available HTTP API that uses an unencrypted channel to provide a management...

9.8CVSS6.6AI score0.0161EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.19 views

Maxon Cinema 4D 安全漏洞

Maxon Cinema 4D is a 3D drawing software from Maxon, a German company. A security vulnerability exists in Maxon Cinema 4D that originates from a post-release reuse vulnerability in the analysis of SKP files. An attacker can exploit the vulnerability to execute remote code...

7.8CVSS7.8AI score0.00378EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.19 views

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is China Foxit Foxit company a PDF reader. A remote code execution vulnerability exists in Foxit PDF Reader, which can be exploited by an attacker to execute arbitrary code...

7.8CVSS8.3AI score0.03925EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.19 views

LG Simple Editor 安全漏洞

LG Simple Editor is a simple editor from Luckin LG Korea that creates new content by simplifying the process and instant playback on signage. A remote code execution vulnerability exists in LG Simple Editor due to an exposed and dangerous feature. An attacker could exploit the vulnerability to...

9.8CVSS8.1AI score0.01483EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/26 12:0 a.m.19 views

WordPress plugin Advanced Post List 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

5.9CVSS6.2AI score0.00362EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.19 views

Tenda AC500 安全漏洞

The Tenda AC500 is a Gigabit port access controller from Tenda, China. A security vulnerability exists in Tenda AC500 version 2.0.1.91307, which originates from a buffer overflow in the funcpara1 parameter of the formSetCfm method of the /goform/setcfm file. No details of the vulnerability are...

9.8CVSS7.5AI score0.01906EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/04/11 12:0 a.m.19 views

Adobe Animate 输入验证错误漏洞

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from an input validation error vulnerability that stems from the application's susceptibility to integer overflow, which can be exploited by an attacker to execute arbitrary code in t...

7.8CVSS7.6AI score0.00398EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.19 views

Microsoft OLE 安全漏洞

Microsoft OLE is an object-oriented technology from Microsoft Corporation USA. A security vulnerability exists in Microsoft OLE. The following products and versions are affected:Microsoft SQL Server 2019 for x64-based Systems GDR,Microsoft SQL Server 2022 for x64-based Systems GDR,Microsoft OLE D...

8.8CVSS9AI score0.02351EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.19 views

Microsoft ODBC Driver 安全漏洞

Microsoft ODBC Driver is a driver from Microsoft Corporation USA. It allows applications to access data in a database management system DBMS using SQL as the standard for accessing data. A security vulnerability exists in Microsoft ODBC Driver. An attacker could exploit the vulnerability to...

8.8CVSS8.9AI score0.0233EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.19 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

Microsoft OLE DB Driver for SQL Server is a standalone data access application programming interface API for OLE DB. A remote code execution vulnerability exists in Microsoft OLE DB Driver for SQL Server, which can be exploited by an attacker to execute arbitrary code on the system...

8.8CVSS8.8AI score0.02351EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/25 12:0 a.m.19 views

WordPress Plugin wp-schema-pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability previously...

4.3CVSS8.4AI score0.00453EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/03/18 12:0 a.m.19 views

AMSS++ Cross-Site Scripting Vulnerability

AMSS++ is a tool for office management support systems from Amssplus. A cross-site scripting vulnerability exists in AMSS++ version 4.31, which stems from a cross-site scripting vulnerability in the bid parameter of the /amssplus/modules/book/main/bookdetailkhetperson.php page...

7.1CVSS6.2AI score0.00403EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/18 12:0 a.m.19 views

WordPress Plugin Error Log Viewer by BestWebSoft Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

6.5CVSS6.5AI score0.00587EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.19 views

Fortinet FortiOS Authorization Issues Vulnerability

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering, and antispam. An authorization issue...

8.8CVSS6.9AI score0.00638EPSS
Exploits0References4
Total number of security vulnerabilities5000