Lucene search
K
CnnvdMost viewed

195539 matches found

CNNVD
CNNVD
added 2023/09/22 12:0 a.m.18 views

WordPress plugin Media Library Assistant plugin Cross-site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS6.1AI score0.00474EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/09/05 12:0 a.m.18 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a series of chipsets from Qualcomm, an American company. A security vulnerability exists in Qualcomm Chipsets. Attackers have exploited the vulnerability to cause a denial-of-service attack on the system...

7.5CVSS6.7AI score0.003EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/08/31 12:0 a.m.18 views

Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet SQL注入漏洞

Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software is a Schweitzer Engineering Laboratories, Inc. tool for configuring, commissioning and managing power system protection, control, metering and monitoring equipment. monitoring equipment of the power system. A security...

6.5CVSS7AI score0.00341EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/29 12:0 a.m.18 views

MongoDB 日志信息泄露漏洞

MongoDB is a document-oriented database management system of the U.S. MongoDB company. An information disclosure vulnerability exists in MongoDB that stems from the possibility of incorrectly posting events containing authentication-related data to an application-configured command listener, whic...

7.5CVSS6.3AI score0.00492EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/08/22 12:0 a.m.18 views

GNU Binutils 安全漏洞

GNU Binutils is a set of open source tools for working with binaries such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. A denial of service vulnerability exists in GNU Binutils. An attacker can exploit this...

8.8CVSS7.4AI score0.00664EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.18 views

Microsoft .NET Framework Security Vulnerabilities

Microsoft .NET Framework is a comprehensive and consistent programming model from Microsoft Corporation USA and a development platform. The platform includes the C and Visual Basic programming languages, a public language runtime library, and an extensive class library. A security vulnerability...

7.4CVSS6.5AI score0.0133EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/08/07 12:0 a.m.18 views

WordPress plugin WPCode cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS6.1AI score0.00452EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/07/17 12:0 a.m.18 views

WordPress Plugin Life Album Gallery 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS8.1AI score0.00269EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.18 views

WordPress Plugin wordpress-mobile-pack 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

6.5CVSS7AI score0.0022EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.18 views

SQLFluff 注入漏洞

SQLFluff is a dialect-flexible and configurable SQL linter. An injection vulnerability exists in SQLFluff versions prior to 2.1.2 that stems from allowing an attacker to call arbitrary python code via libarypath...

7.8CVSS7.7AI score0.00414EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/06/27 12:0 a.m.18 views

Shopware 代码问题漏洞

Shopware is a suite of open source e-commerce software from the German company Shopware. A code issue vulnerability exists in Shopware versions prior to 5.7.18 that stems from some flaws in the email validation during the registration process, so that different email addresses may be constructed,...

5.3CVSS5.7AI score0.00649EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/06/13 12:0 a.m.18 views

nuxt 代码注入漏洞

Nuxt.js is an open source web application framework based on Vue.js, Node.js, Webpack and Babel.js. A code injection vulnerability exists in versions prior to nuxt 3.5.3. An attacker exploits this vulnerability to perform a code injection attack...

9.8CVSS7.8AI score0.58648EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/06/09 12:0 a.m.18 views

WordPress Plugin Weaver Show Posts 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.4CVSS6.8AI score0.00508EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/06/05 12:0 a.m.18 views

WordPress Plugin WooSidebars Sidebar Manager Converter 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

6.1CVSS5.1AI score0.00696EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.18 views

MP4v2 安全漏洞

MP4v2 is a library for creating, modifying, and reading MP4 files by enzo1982 individual developers. A security vulnerability exists in MP4v2 version 2.1.3, which stems from a memory leak in mp4fileio...

5.5CVSS5.6AI score0.00281EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.18 views

WordPress plugin Newsletter Popup 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

8.8CVSS8.1AI score0.00389EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/05/22 12:0 a.m.18 views

Sitecore Experience Platform 路径遍历漏洞

Sitecore Experience Platform XP is a suite of customer digital experience platforms from Sitecore, Denmark. A security vulnerability exists in Sitecore Experience Platform 10.2 and prior versions, which stems from a directory traversal vulnerability that could allow an authenticated, remote...

6.5CVSS6.7AI score0.01474EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.18 views

Intel Processors 安全漏洞

Intel Processors are American Intel Corporation's offerings to interpret computer instructions and process data in computer software. A security vulnerability exists in Intel Processors. Attackers have exploited the vulnerability to cause information leakage...

5.5CVSS5.8AI score0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.18 views

Wordpress plugin Wholesale Suite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. Wordpress plugin Wholesale Suite...

6.5CVSS5.4AI score0.00383EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/08 12:0 a.m.18 views

WordPress plugin NEX-Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

7.2CVSS7.7AI score0.44629EPSS
Exploits3References3
CNNVD
CNNVD
added 2023/05/05 12:0 a.m.18 views

TOTOLINK X5000R 操作系统命令注入漏洞

TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK X5000R V9.1.0u.6118B20201102 and V9.1.0u.6369B20230113 versions, which stems from the presence of a command injection in the setting/setTracerouteCfg, which can be exploited by an...

9.8CVSS8.8AI score0.25889EPSS
Exploits4References3
CNNVD
CNNVD
added 2023/04/28 12:0 a.m.18 views

PortlandLabs Concrete CMS 授权问题漏洞

PortlandLabs Concrete CMS is a team-oriented open source content management system from PortlandLabs, Inc. in the United States. An authorization issue vulnerability exists in PortlandLabs Concrete CMS versions prior to 9.2, which stems from vulnerability to possible Auth bypass attacks...

3.3CVSS4.9AI score0.00755EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/04/24 12:0 a.m.18 views

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multilingual, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in phpMyFAQ Cross-Site Scripting Vulnerability. No information about this vulnerability is available at this time, so stay tuned to CNNVD or vendor...

7.2CVSS6AI score0.00552EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/04/23 12:0 a.m.18 views

WordPress Plugin Google Maps v3 Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.5CVSS6.6AI score0.0037EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/17 12:0 a.m.18 views

Electra Central AC unit 安全漏洞

The Electra Central AC unit is an Electra Central AC unit from Electra. A security vulnerability exists in the Electra Central AC unit. An attacker could exploit the vulnerability to cause the unit to connect to an unauthorized update server...

7.5CVSS6.5AI score0.00271EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/15 12:0 a.m.19 views

SourceCodester Employee and Visitor Gate Pass Logging System SQL注入漏洞

Employee and Visitor Gate Pass Logging System is an employee and visitor pass logging system by Carlo Montero, an individual developer. SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 suffers from a SQL injection vulnerability that stems from a problem in the file...

8.8CVSS7.1AI score0.00729EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/03/29 12:0 a.m.18 views

QNAP Systems部分产品 安全漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is an operating system used by entry to mid-level QNAP NAS.QNAP Systems QuTS hero is an operating system. A security vulnerability exists in QNAP Systems QTS, QuTS hero,...

2.7CVSS5AI score0.00658EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.18 views

Delta Electronics InfraSuite Device Master 安全漏洞

Delta Electronics InfraSuite Device Master is Delta Electronics' device for simplifying and automating critical equipment monitoring. An authentication error vulnerability exists in Delta Electronics InfraSuite Device Master versions prior to 1.0.5, which can be exploited by an attacker to genera...

9.8CVSS7AI score0.00736EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.18 views

WordPress plugin HT Portfolio 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS6.2AI score0.00281EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/03/22 12:0 a.m.18 views

CKEditor 跨站脚本漏洞

CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability exists in CKEditor4 versions prior to 4.21.0, which stems from packages on web pages that lack proper content security policy configuration...

6.1CVSS6.6AI score0.00725EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/03/21 12:0 a.m.18 views

Moodle 跨站脚本漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle. An attacker exploited the vulnerability to perform a cross-site scripting attack...

6.1CVSS5.3AI score0.00662EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/03/16 12:0 a.m.18 views

Dell BIOS 输入验证错误漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, Inc. A security vulnerability exists in Dell BIOS, which arises from an incorrect input validation vulnerability that can be exploited by a locally authenticated attacker with administrator privileges to...

7.5CVSS7AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/15 12:0 a.m.18 views

WordPress Plugin Cristian Client Portal – Private user pages and login 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Cristian Client Portal -...

8.8CVSS8.2AI score0.00256EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/09 12:0 a.m.18 views

Froxlor 安全漏洞

Froxlor is a lightweight server management software from the Froxlor team. A security vulnerability exists in Froxlor versions prior to 2.0.13, which stems from the ability to log in with a password that is stored in the database as an MD5 hash, leading to type obfuscation in PHP, which can be...

9.8CVSS8.3AI score0.01073EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/02/24 12:0 a.m.18 views

libheif 安全漏洞

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. A security vulnerability exists in libheif. An attacker exploited the vulnerability to cause a buffer overflow during a memcpy call via a specially crafted image file...

7.8CVSS8AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/21 12:0 a.m.18 views

WordPress Plugin Hueman Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.4AI score0.00471EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/02/20 12:0 a.m.18 views

Octobox 安全漏洞

Octobox is a tool for managing GitHub notifications. A security vulnerability exists in Octobox PR versions prior to 2807, which originates from a ReDoS vulnerability that can be triggered by a system user providing a specially crafted search query string...

7.5CVSS7.3AI score0.0104EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/02/20 12:0 a.m.18 views

Apollo 访问控制错误漏洞

Apollo is a set of PHP scripts by Alex Breen, an individual developer. It is intended to provide a web-based interface for students to upload coursework. A security vulnerability exists in Apollo versions prior to 2.1.0 that stems from not enabling authentication for the built-in eureka service,...

7.5CVSS7.3AI score0.00823EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/02/17 12:0 a.m.18 views

Moodle 跨站脚本漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which stems from insufficient cleansing of user-supplied data in blog searches, and which ca...

6.1CVSS5.3AI score0.00854EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.18 views

Intel Processors 安全漏洞

Intel Processors are U.S.-based companies of Intel Corporation that provide for the interpretation of computer instructions and the processing of data in computer software. A security vulnerability exists in Intel Processors that originates from an incorrect initialization in the IntelR TXT SINIT...

7.2CVSS7.1AI score0.00212EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.18 views

Intel Integrated Baseboard Management Controller 安全漏洞

Intel Integrated Baseboard Management Controller is an integrated baseboard management controller from Intel Corporation USA. A security vulnerability exists in Intel Integrated Baseboard Management Controller BMC. An attacker could exploit this vulnerability to cause a denial of service on the...

4.9CVSS5.5AI score0.00514EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/13 12:0 a.m.18 views

NETGEAR Nighthawk 缓冲区错误漏洞

NETGEAR Nighthawk is a series of wireless routers from NETGEAR. A security vulnerability exists in NETGEAR Nighthawk Mesh WiFi Systems, which stems from the presence of a stack-based buffer overflow vulnerability...

9.8CVSS8.8AI score0.00682EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/09 12:0 a.m.18 views

WordPress plugin Metform Elementor Contact Form Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.2CVSS6.7AI score0.28565EPSS
Exploits5References6
CNNVD
CNNVD
added 2023/02/01 12:0 a.m.18 views

Django 安全漏洞

Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes an object-oriented mapper, view system, template system and so on. A security vulnerability exists in Django version 3.2 up to and including version 3.2.17, version...

7.5CVSS6.8AI score0.47102EPSS
Exploits0References12
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.18 views

Jenkins Plugin GitHub Pull Request Builder 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.5AI score0.00821EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/01/23 12:0 a.m.18 views

WordPress plugin The User Verification 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

9.8CVSS8.3AI score0.01598EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/01/10 12:0 a.m.18 views

SAP NetWeaver和SAP NetWeaver ABAP Server 安全漏洞

SAP NetWeaver and SAP NetWeaver ABAP Server are products of SAP, Germany.SAP NetWeaver is an integrated, service-oriented application platform that provides a development environment for SAP applications. SAP NetWeaver is an integrated, service-oriented application platform that provides a...

9.8CVSS8.2AI score0.00693EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/10 12:0 a.m.18 views

bzip2 输入验证错误漏洞

bzip2 is an open source compression/decompression application. A security vulnerability exists in bzip2-rs, which stems from allowing an attacker to cause a denial of service via a large file, which triggers an integer overflow in mem.rs...

7.5CVSS7.2AI score0.01212EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/01/05 12:0 a.m.18 views

Discourse 安全漏洞

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. A security vulnerability exists in Discourse versions prior to 2.8.14 stable, 2.9.0.beta16 beta and tests-passed. An attacker can exploit this vulnerability to create posts...

6.5CVSS6.4AI score0.00575EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/28 12:0 a.m.18 views

WordPress plugin Broken Link Checker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS4.9AI score0.00506EPSS
Exploits2References2
Total number of security vulnerabilities5000