Lucene search
K
CnnvdMost viewed

195539 matches found

CNNVD
CNNVD
added 2025/09/15 12:0 a.m.47 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the f2fs file system not performing an integrity check on the destination block address during recovery, whi...

5.5CVSS4.9AI score0.00145EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.47 views

Microsoft Windows Fast Fat Driver 安全漏洞

Microsoft Windows Fast Fat Driver is a complete file system from Microsoft USA that solves a variety of problems such as storing data on disk, interacting with a cache manager, and handling a variety of I/O operations such as file creation, performing reads/writes to files, setting file...

7.8CVSS6.4AI score0.00477EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.47 views

vLLM 代码问题漏洞

vLLM is a vLLM open source high throughput and memory efficient inference and service engine for LLM. A code issue vulnerability exists in versions of vLLM prior to v0.7.0 that stems from arbitrary code execution during unpickling when torch.load loads malicious pickle data...

8.8CVSS7.3AI score0.00694EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.47 views

Siemens SIMATIC WinCC和Siemens SIMATIC STEP 输入验证错误漏洞

Totally Integrated Automation Portal TIA Portal is PC software that offers the complete range of Siemens digital automation services, from digital planning and integrated engineering to transparent operation. A local arbitrary code execution vulnerability exists in Siemens Engineering Platforms,...

7.3CVSS7.7AI score0.00179EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.47 views

WordPress plugin Import and export users and customers 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Import...

4.4CVSS5.8AI score0.00255EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.47 views

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from the presence of a memory leak. No details of the vulnerability are provided at this time...

7.5CVSS6.8AI score0.0093EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.47 views

Health Level 7 Security Vulnerability

Health Level 7 is a series of global standards for transferring clinical and administrative health data between applications from Health Level 7, Inc. A security vulnerability exists in Health Level 7 versions prior to 5.6.106 that stems from a package decompression feature in the core library th...

8.1CVSS6.9AI score0.013EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.47 views

WordPress Plugin Image Regenerate & Select Crop Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...

5.3CVSS6.2AI score0.00552EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.47 views

PTC KEPserverEX Security Vulnerability

PTC KEPserverEX is a connectivity platform from PTC. Users can connect, manage, monitor and control a variety of automation devices and software applications through an intuitive user interface. A security vulnerability exists in PTC KEPserverEX version v6.14.263.0 and prior versions. An attacker...

9.1CVSS6.7AI score0.00962EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.47 views

WordPress Plugin CodeBard s Patron Button and Widgets for Patreon Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin CodeBard s...

6.1CVSS6.6AI score0.00358EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/06 12:0 a.m.47 views

WordPress Plugin cf7-field-validation SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin cf7-field-validati...

9.8CVSS7.3AI score0.00566EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.47 views

Microsoft SQL Server Security Vulnerability

Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. An attacker has exploited the vulnerability to cause a denial of service on the system. The following products and versions are...

5.5CVSS7.1AI score0.00851EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/06 12:0 a.m.47 views

NASA Open MCT Security Vulnerability

NASA Open MCT is an open source open mission control technology from NASA, Inc. for visualizing data on desktop and mobile devices. A security vulnerability exists in versions prior to NASA Open MCT 2.2.5 545a177, which stems from the presence of a prototype contamination vulnerability...

7.5CVSS6.7AI score0.00941EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/08/16 12:0 a.m.47 views

Jenkins Plugin Gogs 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.3CVSS5.7AI score0.00547EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/24 12:0 a.m.47 views

Osprey Pump Controller 授权问题漏洞

Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01, which stems from the use of an alternate path or channel to bypass authentication, and can be exploited by an attacker to gain unauthorized access to the system...

9.8CVSS8.4AI score0.00892EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/14 12:0 a.m.47 views

Microsoft .NET and Visual Studio 安全漏洞

Microsoft .NET Core and Microsoft Visual Studio are both products of Microsoft Corporation USA. NET Core is a free and open source development platform. NET Core is a free, open source development platform that features multi-language support and cross-platform capabilities.Microsoft Visual Studi...

7.8CVSS8AI score0.01148EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/12/13 12:0 a.m.47 views

Microsoft .NET Framework 安全漏洞

Microsoft .NET Framework is a comprehensive and consistent programming model from Microsoft Corporation USA and a development platform. The platform includes the C and Visual Basic programming languages, a public language runtime library, and an extensive class library. A security vulnerability...

7.8CVSS7.7AI score0.0113EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/12/11 12:0 a.m.47 views

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system from the individual developer Thorsten Rinne. A security vulnerability exists in phpMyFAQ versions prior to 3.1.9. An attacker exploited the vulnerability to perform cross-site scripting attacks...

5.4CVSS5.5AI score0.00479EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/12/09 12:0 a.m.47 views

spring-boot-admin 代码注入漏洞

spring-boot-admin is an open source based on Spring boot Mybatis backend management system , with user management , menu management and role management 3 functions , permission control to the button level . A code injection vulnerability exists in spring-boot-admin versions prior to 2.6.10 and...

9.8CVSS8.4AI score0.01437EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/12/09 12:0 a.m.47 views

Akeneo PIM Development Repository 代码注入漏洞

Akeneo PIM Development Repository is an Akeneo open source repository . It is used to develop Akeneo PIM products. A code injection vulnerability exists in Akeneo PIM Development Repository versions prior to v5.0.119 and v6.0.53, which originates from a code injection vulnerability that could all...

8.8CVSS8.5AI score0.01406EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/12/06 12:0 a.m.47 views

Passeo 安全特征问题漏洞

Passeo is a Python password generator by the individual developer Arjun Sharda. A security signature issue vulnerability exists in versions of Passeo prior to 1.0.5 that stems from a reliance on the python random library for random value selection, which relies on a non-cryptographically secure...

7.5CVSS7.2AI score0.00791EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/10/28 12:0 a.m.47 views

GitLab 日志信息泄露漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab CE/EE, which stems from its ability t...

6.8CVSS6.6AI score0.00662EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.47 views

Google TensorFlow 安全漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow, which stems from the UnbatchGradOp function accepting an argument id that is assumed to be scalar. A non-scalar id ca...

7.5CVSS7.4AI score0.00558EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.47 views

npm jquery-validation 安全漏洞

npm jquery-validation is a form insertion validation application provided by npm, Inc. npm jquery-validation version 1.19.3 contains a denial of service vulnerability, which stems from the fact that an attacker who is able to provide arbitrary input to the url2 method can trigger a denial of...

7.5CVSS5.8AI score0.01327EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.46 views

pac4j 安全漏洞

pac4j is a simple yet powerful Java security engine developed by pac4j OpenSource. It is used to authenticate users, retrieve their configuration files, and manage authorizations, thereby protecting web applications and web services. There were security vulnerabilities in versions of pac4j before...

7CVSS5.9AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.46 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an attempt to write to a read-only memory region, which could cause the kernel to crash...

7.1CVSS5.8AI score0.00148EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/29 12:0 a.m.46 views

Eventlet 环境问题漏洞

Eventlet is a concurrent networking library for Python. An environmental issue vulnerability exists in versions prior to Eventlet 0.40.3 that stems from improper handling of HTTP request entrainment, which could lead to a front-end security control bypass...

9.1CVSS6.3AI score0.00363EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.46 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a buffer overflow that could cause a system crash...

7.8CVSS6.7AI score0.0023EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.46 views

Microsoft Office 安全漏洞

Microsoft Office is an office software suite product from the American company Microsoft Microsoft. Commonly used components of this product include Word, Excel, Access, Powerpoint, FrontPage, and others. A security vulnerability exists in Microsoft Office. An attacker can exploit the vulnerabili...

7.8CVSS8.3AI score0.00786EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/23 12:0 a.m.46 views

WordPress plugin Elementor Header & Footer Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS7.4AI score0.003EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/09/13 12:0 a.m.46 views

LiteLLM 代码问题漏洞

LiteLLM is an open source application from LiteLLM. All LLM APIs can be called using the OpenAI format. A code issue vulnerability exists in LiteLLM version 1.38.10, which stems from vulnerability to a server-side request forgery attack, where a user can specify parameters when sending a request,...

7.5CVSS7.8AI score0.37197EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.46 views

WordPress plugin User Profile Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.1CVSS6.7AI score0.28993EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.46 views

LibreNMS 安全漏洞

LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of network environments and automatic updates. A security vulnerability exists in LibreNMS versions prior to 24.4.0 that stems from the...

7.1CVSS5.7AI score0.34128EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.46 views

WordPress Plugin Login Screen Manager Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.8CVSS6AI score0.00379EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/04/13 12:0 a.m.46 views

Diasoft File Replication 权限许可和访问控制问题漏洞

Diasoft File Replication is a file replication software from Diasoft. A vulnerability exists in Diasoft File Replication Pro version 7.5.0 due to privilege permission and access control issues. An attacker could exploit this vulnerability to elevate privileges by replacing legitimate files with a...

9.8CVSS8.5AI score0.06051EPSS
Exploits4References5
CNNVD
CNNVD
added 2022/12/23 12:0 a.m.46 views

memos 授权问题漏洞

memos is an open source hosted memo center with knowledge management and social features. An authorization issue vulnerability exists in versions of memos prior to 0.9.0 that stems from incorrect authentication...

9.8CVSS7.8AI score0.00731EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/12/13 12:0 a.m.46 views

多款VMware产品缓冲区错误漏洞

VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a set of virtual machine software, and VMware Fusion is a set of virtual machine software designed to run Windows applications on Macs. VMware Fusion is a suite of virtual...

8.2CVSS8.1AI score0.01546EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/12/08 12:0 a.m.46 views

daloRADIUS 安全漏洞

daloRADIUS is an advanced RADIUS web management application from Liran Tal Personal Developer. It is designed to manage hotspot and universal ISP deployments. A security vulnerability exists in daloRADIUS, which originates from the exposure of sensitive system information to unauthorized control...

7.5CVSS6.1AI score0.00701EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/10/11 12:0 a.m.46 views

SAP 3D Visual Enterprise Author 缓冲区错误漏洞

SAP 3D Visual Enterprise Author is a desktop application for managing 2D, 3D, animation, video and audio assets from SAP. A buffer overflow vulnerability exists in SAP 3D Visual Enterprise Author version 9, which stems from a lack of proper memory management and can be exploited by an attacker to...

7.8CVSS8.4AI score0.0051EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/26 12:0 a.m.46 views

joblib 安全漏洞

joblib is joblib open source set of tools to provide lightweight pipelining in Python. Joblib package versions prior to 1.2.0 has a security vulnerability , the vulnerability stems from its Parallel class in the predispatch flag allows an attacker to achieve arbitrary code execution through eval...

9.8CVSS7.8AI score0.01975EPSS
Exploits1References13
CNNVD
CNNVD
added 2022/08/23 12:0 a.m.46 views

Gravitee API Management 跨站脚本漏洞

Gravitee API Management is the open source Gravitee API management tool. A security vulnerability exists in Gravitee API Management prior to version 1.25.3, which stems from a combination of HTML injection and path traversal in the email service, allowing an anonymous user to read arbitrary files...

6.1CVSS5.8AI score0.00616EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/04/20 12:0 a.m.46 views

Atlassian Bitbucket Data Center 代码问题漏洞

Atlassian Bitbucket Data Center is the data center version of Atlassian Bitbucket by Atlassian Australia. Atlassian Bitbucket Data Center suffers from a command execution vulnerability that can be exploited by an attacker to execute arbitrary code via Java deserialization...

9.8CVSS6.4AI score0.71092EPSS
Exploits4References4
CNNVD
CNNVD
added 2022/04/20 12:0 a.m.46 views

Atlassian Jira 授权问题漏洞

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. Atlassian Jira suffers from an authorization issue vulnerability that can be exploited by an attacker to bypass authentication b...

9.8CVSS8.6AI score0.88057EPSS
Exploits2References5
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.46 views

Siemens SCALANCE竞争条件问题漏洞

The SCALANCE W-1700 products are IEEE 802.11 compliant wireless communication devices. a denial of service vulnerability exists in the Siemens SCALANCE W-1700 11ac series, which can be exploited by an attacker to cause the entire device to crash for competing conditions...

5.7CVSS5.8AI score0.00227EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/02/18 12:0 a.m.46 views

Red Hat Vscode-Xml 代码问题漏洞

Red Hat Vscode-Xml is an open source Xml language support from Red Hat. It makes it easy to edit Xml in Visual Studio Code. A code issue vulnerability exists in Red Hat Vscode-Xml, which stems from a flaw found in vcode -xml in versions prior to 0.19.0. An attacker could exploit this vulnerabilit...

9.1CVSS8.2AI score0.01262EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/12/15 12:0 a.m.46 views

Gradio 路径遍历漏洞

Gradio is an open source Python library that is a way to demonstrate machine learning models through a friendly web interface. versions of Gradio prior to 2.5.0 have a path traversal vulnerability that can be exploited by an attacker to access any file on the host...

7.7CVSS5.7AI score0.03794EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.46 views

Fluentd 资源管理错误漏洞

Fluentd is an open source log collector from the Cloud Native Computing Cloud Native Computing Foundation Foundation. It is used to collect events from various data sources and write them to files, Rdbms, NoSql, IaaS, SaaS, Hadoop and more. A resource management error vulnerability exists in...

7.5CVSS7.4AI score0.02004EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/10/21 12:0 a.m.46 views

WordPress 代码问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code issue vulnerability exists in the WordPress plugin Catch Themes Demo Import in versions 1.7 a...

7.2CVSS6.2AI score0.55729EPSS
Exploits6References12
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.45 views

Joomla! CMS 安全漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has security vulnerabilities, which stem from the lack of output escaping mechanisms. This may lead to cross-site scripting vectors in multilingual integrated components...

8.4CVSS5.6AI score0.00216EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.45 views

WordPress plugin Better Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

5.4CVSS7.3AI score0.00166EPSS
Exploits0References2
Total number of security vulnerabilities5000