Lucene search
K
CnnvdMost viewed

195539 matches found

CNNVD
CNNVD
added 2025/01/13 12:0 a.m.17 views

SAP NetWeaver AS SQL注入漏洞

SAP NetWeaver AS is a SAP web application server from SAP, Germany. SAP NetWeaver AS suffers from a SQL injection vulnerability that originates from a program that does not properly check for authorization, which could be exploited by an attacker to gain control over data in an Informix database,...

8.8CVSS8AI score0.00718EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.17 views

WordPress plugin Asgard Security Scanner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.1CVSS7.7AI score0.00377EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.17 views

Drupal 安全漏洞

Drupal is an open source content management system developed in the Drupal community using the PHP language. A security vulnerability exists in Drupal OAuth & OpenID Connect Single Sign On - SSO OAuth/OIDC Client versions 3.0.0 through 3.44.0, and 4.0.0 through 4.0.19, which stems from improperly...

6.1CVSS6.2AI score0.00242EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.17 views

Chat2DB 安全漏洞

Chat2DB is an AI-driven SQL client open-sourced by CodePhiliaX. A security vulnerability exists in Chat2DB version v0.3.5, which stems from the presence of XML external entity injection in the component /datagrip/upload, allowing an attacker to execute arbitrary code by providing crafted XML inpu...

9.8CVSS8.4AI score0.00807EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.17 views

WordPress plugin Gutenverse 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.3CVSS8.6AI score0.00577EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.17 views

SAP Adobe Document Service 安全漏洞

SAP Adobe Document Service SAP ADS is a document management service from SAP, Germany. A security vulnerability exists in SAP Adobe Document Service, which originates from an attacker authenticated as an administrator, who can use a publicly available Web service to upload or download customized...

6.8CVSS6.4AI score0.00544EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.17 views

Apache Superset 安全漏洞

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from an authorization issue vulnerability that stems from improper authorization settings that can be exploited by an attacker to use this API when FABADDSECURITYAPI is...

7.6CVSS6.8AI score0.00653EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/04 12:0 a.m.17 views

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in getbinary in vendor/mediatek/proprietary/hardware/connectivity/gps/gpshal/src/datacoder.c, where out-of-bounds writes may exist...

7.8CVSS9.1AI score0.00084EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/04 12:0 a.m.17 views

WordPress plugin Dollie Hub 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8AI score0.00273EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.17 views

Foxit PDF Reader 资源管理错误漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A resource management error vulnerability exists in Foxit PDF Reader, which stems from the Annotation feature that contains a reuse-after-release, leading to a remote code execution vulnerability...

8.8CVSS7.8AI score0.00875EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/09 12:0 a.m.17 views

WordPress plugin Responsive Data Table 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.7AI score0.00259EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.17 views

changedetection.io 安全漏洞

changedetection.io is a website change detection, monitoring, and notification application from the individual developers at dgtlmoon. A security vulnerability exists in changedetection.io versions prior to 0.47.5, which stems from a flaw in the restriction of local file access that could result ...

6.9CVSS5.9AI score0.0229EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/03 12:0 a.m.17 views

PowerDNS 安全漏洞

PowerDNS is an open source DNS server from PowerDNS. PowerDNS uses Access mdb file to record DNS information under Win32, and MySQL to record DNS information under Linux/Unix. Whether it is mdb or MySQL, backup is very convenient. A security vulnerability exists in PowerDNS that allows an attacke...

7.5CVSS6.5AI score0.00698EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/03 12:0 a.m.17 views

TEM Opera Plus FM Family Transmitter 跨站请求伪造漏洞

The TEM Opera Plus FM Family Transmitter is a frequency modulation FM transmitter device from TEM. A cross-site request forgery vulnerability exists in TEM Opera Plus FM Family Transmitter version 35.45, which originates from allowing a user to perform certain actions via HTTP requests without...

8.6CVSS6.8AI score0.00245EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.17 views

Proxmox Virtual Environment 安全漏洞

Proxmox Virtual Environment Proxmox VE is an open source server virtualization environment Linux distribution from Proxmox. A security vulnerability exists in Proxmox Virtual Environment, which stems from insufficient protection against malicious API response values, and allows an authenticated...

8.2CVSS6.6AI score0.00366EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/09/12 12:0 a.m.17 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab EE versions 16.6 to before 17.1.7,...

7.2CVSS6.6AI score0.00522EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/09/02 12:0 a.m.17 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a memory misreference vulnerability that is caused by a free use in WebAudio. An attacker can exploit this vulnerability to execute arbitrary code on a system...

8.8CVSS7.7AI score0.00526EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/08/27 12:0 a.m.17 views

Hitachi Energy MicroSCADA X SYS600 参数注入漏洞

Hitachi Energy MicroSCADA X SYS600 is a SCADA product from Hitachi, Japan. It ensures optimal control and reliable operation of your switching station through seamless integration and connectivity between different devices and systems. The Hitachi Energy MicroSCADA X SYS600 suffers from a paramet...

9.9CVSS9AI score0.00611EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/22 12:0 a.m.17 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a permissions issue vulnerability that stems from a failure to properly enforce permissions, which can be exploited by an attacker to perform write operations on a team...

6CVSS6.8AI score0.00342EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.17 views

Microsoft Office PowerPoint 资源管理错误漏洞

Microsoft Office PowerPoint is an American Microsoft Microsoft company's software for creating, presentations PPT. A resource management error vulnerability exists in Microsoft Office PowerPoint. An attacker could exploit this vulnerability to execute arbitrary code on the system...

7.8CVSS7.6AI score0.00929EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/11 12:0 a.m.17 views

GitLab CE/EE Security Vulnerabilities

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE. An attacker exploited the...

9.8CVSS6.9AI score0.06036EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.17 views

Citrix Systems NetScaler Gateway and Citrix Systems NetScaler ADC Security Vulnerabilities

Citrix Systems NetScaler Gateway Citrix Systems Gateway and Citrix Systems NetScaler ADC are both products of Citrix Systems, Inc.Citrix Systems NetScaler Gateway is a secure remote access solution. The solution provides administrators with application-level and data-level controls to enable user...

7.5CVSS6.8AI score0.00764EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/05 12:0 a.m.17 views

Drupal Wiki Security Vulnerabilities

Drupal Wiki is a free and open source content management system from Drupal Wiki, Inc. A security vulnerability exists in Drupal Wiki versions prior to 8.31.1, which stems from allowing cross-site scripting XSS attacks via comments, titles, and image captions on Wiki pages...

6.1CVSS5.9AI score0.00625EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.17 views

WordPress plugin LearnPress Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.4AI score0.0062EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/06/30 12:0 a.m.17 views

Botan Security Vulnerabilities

Botan is a library of cryptographic algorithms written in C++. It supports a variety of algorithms including AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. A security vulnerability exists in Botan that stems from allowing the use of explicit encoding to present ECDSA X.509 certificates, which, whe...

7.5CVSS6.9AI score0.005EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.17 views

Microsoft Visual Studio 访问控制错误漏洞

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. An elevation of privilege vulnerability exists in Microsoft Visual Studio, which can be exploited by...

6.7CVSS7.2AI score0.00892EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.17 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak in mcbausb...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.17 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability in the net:tls module...

5.5CVSS6.3AI score0.00218EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.17 views

WordPress plugin GMAce 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

4.9CVSS8.7AI score0.00859EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/06 12:0 a.m.17 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when multiple listeners are registered to the same file descriptor...

7.8CVSS6.9AI score0.00109EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.17 views

Tenda AC500 安全漏洞

The Tenda AC500 is a Gigabit port access controller from Tenda, China. A security vulnerability exists in Tenda AC500 version 2.0.1.91307, which originates from a buffer overflow in the funcpara1 parameter of the formSetCfm method of the /goform/setcfm file. No details of the vulnerability are...

9.8CVSS7.5AI score0.01906EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/04/16 12:0 a.m.17 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that can be exploited by attackers to perform UI spoofing via a crafted Chrome extension...

4.3CVSS6.8AI score0.00649EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.17 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...

8.8CVSS8.8AI score0.024EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.17 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

Microsoft OLE DB Driver for SQL Server is a standalone data access application programming interface API for OLE DB. A remote code execution vulnerability exists in Microsoft OLE DB Driver for SQL Server, which can be exploited by an attacker to execute arbitrary code on the system...

8.8CVSS8.8AI score0.02351EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.17 views

VMware Security Vulnerabilities in Multiple Products

VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a set of virtual machine software, and VMware Fusion is a set of virtual machine software designed to run Windows applications on Macs. VMware Fusion is a suite of virtual...

9.3CVSS6.8AI score0.03542EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/02 12:0 a.m.17 views

WordPress Plugin AI Engine Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.5CVSS8.3AI score0.0061EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/19 12:0 a.m.17 views

Red Hat Undertow Resource Management Error Vulnerability

Red Hat Undertow is a Java-based embedded web server from Red Hat, Inc. and is the default web server for Wildfly Java Application Server. Red Hat Undertow suffers from a resource management error vulnerability that stems from an out-of-memory error after closing a connection multiple times using...

7.5CVSS7.7AI score0.04572EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/23 12:0 a.m.17 views

Snapcast Security Breach

Snapcast is a multi-room client-server audio player where all clients are synchronized with server time to play perfectly synchronized audio. A security vulnerability exists in Snapcast version 0.27.0, which stems from a vulnerability that could allow a remote attacker to execute arbitrary code a...

9.8CVSS9.3AI score0.2732EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.17 views

WordPress plugin Demo Import security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

7.2CVSS7AI score0.012EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/01/05 12:0 a.m.17 views

WordPress Plugin iframe Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.5CVSS6AI score0.00328EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/05 12:0 a.m.17 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a denial of service in the modem after receiving an RRC setup message...

7.5CVSS7.5AI score0.00607EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/16 12:0 a.m.17 views

Libde265 Security Vulnerability

Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.10.12, which stems from the presence of a buffer overflow vulnerability that allows a local attacker to cause a denial of service...

6.5CVSS6.8AI score0.00766EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.17 views

Pimcore Security Vulnerability

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A security vulnerability exists in Pimcore...

7.2CVSS6.7AI score0.00553EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/10/27 12:0 a.m.17 views

Rockwell Automation FactoryTalk Services Platform 授权问题漏洞

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation that provides routine services for applications such as diagnostic information, health monitoring and real-time data access. A security vulnerability exists in Rockwell Automation FactoryTa...

8.1CVSS6.8AI score0.02724EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/10/12 12:0 a.m.17 views

Juniper Networks Junos and Junos EVO Buffer Error Vulnerability

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos and Junos EVO, which is caused by a stack-based buffer overflow...

5.5CVSS7.3AI score0.00163EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/10/11 12:0 a.m.17 views

Zebra Technologies Industrial Printers Security Breach

Zebra Technologies Industrial Printers is an industrial printer from Zebra Technologies. A security vulnerability exists in Zebra Technologies Industrial Printers that could allow an attacker to change the username and password of a web page by sending a specially crafted POST request to the...

5.4CVSS6.8AI score0.00269EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.17 views

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An Access Control Error...

6.5CVSS6.6AI score0.0037EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.17 views

Microsoft Windows Power Management Service Security Vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Power Management Service. An attacker could exploit this vulnerability to obtain sensitive information. The...

5.5CVSS6.4AI score0.00549EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/09/20 12:0 a.m.18 views

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods , short message alerts and product image zoom and other features . A security vulnerability exists in MyPrestaModules Prestashop Module version v6.2.9,...

7.5CVSS6.8AI score0.30806EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/09/12 12:0 a.m.17 views

Microsoft SharePoint 安全漏洞

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. An elevation o...

8.8CVSS6.9AI score0.02254EPSS
Exploits0References5
Total number of security vulnerabilities5000