Lucene search
K
CnnvdMost viewed

195539 matches found

CNNVD
CNNVD
added 2026/03/26 12:0 a.m.15 views

SolarWinds Observability Self-Hosted 跨站脚本漏洞

SolarWinds Observability Self-Hosted is an observability platform developed by the American company SolarWinds. SolarWinds Observability Self-Hosted has a cross-site scripting vulnerability, which stems from a storage-based cross-site scripting vulnerability. This vulnerability may lead to...

8.1CVSS5.6AI score0.00343EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.15 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 26.4 and iPadOS prior to 26.4 contained security vulnerabilities. These...

7.5CVSS5.8AI score0.00445EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.15 views

SourceCodester Sales and Inventory System SQL注入漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameters i...

6.5CVSS6.7AI score0.00245EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.15 views

itsourcecode Free Hotel Reservation System SQL注入漏洞

itsourcecode Free Hotel Reservation System is an open-source hotel reservation system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter accountid in the file /hotel/admin/modusers/index.php,...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.15 views

WordPress plugin Xhanch - My Advanced Settings 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.15 views

WordPress plugin Injection Guard 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.2CVSS5.7AI score0.00321EPSS
Exploits0References18
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.15 views

BlueStacks 安全漏洞

BlueStacks is an Android emulator for Windows systems developed by the American company BlueStacks. Version 4.80.0.1060 of BlueStacks has a security vulnerability. This vulnerability stems from excessive input in the search field, which could allow local attackers to trigger the search operation...

6.9CVSS5.8AI score0.00166EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.15 views

pybbs 代码注入漏洞

pybbs is a Java-developed community platform created by iuiu’s individual developers. Version 6.0.0 of pybbs contains a code injection vulnerability. This vulnerability stems from a cross-site scripting attack in the create function located in the file...

5.1CVSS5.7AI score0.00268EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.15 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability, which was caused by the reuse of WebRTC after it was released, potentially leading to heap corruption...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.15 views

PySpector 安全漏洞

PySpector is a high-performance Python static security analysis framework based on graphs, developed by Tommaso Bona. Versions of PySpector 0.1.6 and earlier contain security vulnerabilities. These vulnerabilities stem from a security verification bypass in the plugin system, which may lead to th...

8.3CVSS6AI score0.00169EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.15 views

Memray 跨站脚本漏洞

Memray is a memory analysis tool open source by Bloomberg. Versions of Memray prior to 1.19.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTML reports generated without escaping the command-line parameters of the tracking process. As a result, parameters...

6.1CVSS5.6AI score0.00302EPSS
Exploits2References4
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.15 views

WordPress plugin Post SMTP 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.2CVSS5.7AI score0.00229EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.15 views

Dell Integrated Dell Remote Access Controller 安全漏洞

Dell Integrated Dell Remote Access Controller is an embedded controller for remote management and monitoring of servers from Dell USA. An information disclosure vulnerability exists in Dell Integrated Dell Remote Access Controller. The vulnerability stems from the failure to clear debugging...

4.9CVSS5.9AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.15 views

WordPress plugin NEX-Forms – Ultimate Forms Plugin for WordPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.15 views

ASSA ABLOY Visionline 安全漏洞

ASSA ABLOY Visionline is a public area access control management platform developed by ASSA ABLOY Japan. Versions of ASSA ABLOY Visionline prior to version 1.33 contained security vulnerabilities. These vulnerabilities were caused by incorrect default permissions on Windows, execution of...

7.8CVSS6AI score0.00109EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.15 views

Microsoft Windows Resilient File System 缓冲区错误漏洞

Microsoft Windows Resilient File System ReFS is an elastic file system developed by Microsoft Corporation. The Microsoft Windows Resilient File System ReFS contains a buffer error vulnerability. Attackers can exploit this vulnerability to gain elevated privileges. The following products and...

7.8CVSS6AI score0.00383EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.15 views

Parse Server 安全漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. There were security vulnerabilities in versions of Parse Server from 9.3.1-alpha.3 to 9.5.0-alpha.10. These vulnerabilities stemmed from a bypass of interception...

6.9CVSS5.9AI score0.00278EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.15 views

WordPress plugin WP All Import 代码注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.1CVSS6AI score0.00215EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.15 views

WordPress plugin Widget Options 代码注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

9CVSS5.9AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.15 views

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞

Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are products of Cisco, a US company. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Both...

7.7CVSS5.8AI score0.00282EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.15 views

Hardware Read & Write Utility 安全漏洞

The Hardware Read & Write Utility is a hardware register modification tool developed by Nil Hardware Editor’s individual developers. Versions of the Hardware Read & Write Utility prior to v1.25.11.26 contained security vulnerabilities. These vulnerabilities stemmed from defects in the HwRwDrv.sys...

9.8CVSS5.9AI score0.00641EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.15 views

Free CRM 安全漏洞

Free CRM is a customer relationship management software developed by go2ismail’s individual developers. Free CRM has a security vulnerability; this vulnerability arises from operations on the Administrative Interface of components, which may lead to redirection and subsequent execution...

8.8CVSS6.6AI score0.00415EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.15 views

SonicWALL SonicOS 安全漏洞

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A buffer overflow vulnerability exists in SonicWALL SonicOS. The vulnerability stems from improper API endpoint boundary checking and can be exploited by an attacker to execute arbitrar...

4.9CVSS6.4AI score0.00322EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/23 12:0 a.m.15 views

Tenable Security Center 安全漏洞

Tenable Security Center is a security center provided by the American company Tenable. There is a security vulnerability present in Tenable Security Center, which stems from an insecure direct object reference in the owner parameter, potentially leading to privilege escalation...

8.8CVSS5.8AI score0.00205EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.15 views

Tanium Asset 安全漏洞

Tanium Asset is an IT asset inventory and management software developed by the American company Tanium. Tanium Asset has a security vulnerability, which stems from improper handling of SQL injections...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.15 views

WordPress plugin YayMail – WooCommerce Email Customizer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS5.8AI score0.00307EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.15 views

JIZHICMS(极致CMS) 安全漏洞

JIZHICMS is an open-source content management system developed by JIZHI Corporation in China. Version 2.5.6 of JIZHICMS contains a security vulnerability. This vulnerability arises from the lack of validation for the data parameters in functions like Article/deleteAll and Extmolds/deleteAll, whic...

7.2CVSS5.9AI score0.00311EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.15 views

WordPress plugin Magic Login Mail or QR Code 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00466EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.15 views

HP App 安全漏洞

HP App is an integrated management tool developed by the American company Hewlett-Packard HP. There is a security vulnerability in HP App, which stems from the use of outdated versions. This vulnerability may lead to cross-site scripting attacks...

5.1CVSS5.6AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.15 views

Intel NPU Drivers 代码问题漏洞

Intel NPU Drivers are driver programs for Intel’s Neural Network Processing Units. There are code vulnerabilities in Intel NPU Drivers, which stem from improper firmware conditional checks. These vulnerabilities may lead to denial-of-service attacks...

6.8CVSS5.9AI score0.00098EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.15 views

AMD多款产品 安全漏洞

AMD EPYC and other products are developed by American semiconductor company AMD. AMD EPYC is a high-performance server processor. Amd Epyc™ Embedded Processors are embedded processors. AMD EPYC Processors are a series of multi-core processors. Several AMD products have security vulnerabilities;...

5.9CVSS5.8AI score0.00157EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.15 views

WukongCRM 授权问题漏洞

WukongCRM is a Customer Relationship Management CRM system developed by Wukong Corporation in China. Versions of WukongCRM 11.3.3 and earlier contained an authorization vulnerability. This vulnerability stemmed from incorrect handling of a file in the component’s URL Handler, specifically the...

8.8CVSS6.6AI score0.00362EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.15 views

OpenSTAManager SQL注入漏洞

OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager prior to v2.9.8 contained a SQL injection vulnerability. This vulnerability stemmed from insufficient validation of the idrecords array in the batch operation...

8.7CVSS5.9AI score0.00356EPSS
Exploits4References1
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.15 views

OpenSTAManager SQL注入漏洞

OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager 2.9.8 and earlier contained a SQL injection vulnerability. This vulnerability stemmed from the ajaxselect.php endpoint during componenti operations, allowing...

8.8CVSS5.9AI score0.00423EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.15 views

TeamViewer Host和TeamViewer Full 安全漏洞

TeamViewer Host and TeamViewer Full are remote control software products developed by the German company TeamViewer. Versions of TeamViewer Host and TeamViewer Full prior to version 15.74.5 contained security vulnerabilities. These vulnerabilities were due to improper access control mechanisms,...

7.2CVSS5.8AI score0.00272EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.15 views

Mitsubishi Electric FREQSHIP-mini 安全漏洞

Mitsubishi Electric FREQSHIP-mini is an automatic power supply shutdown software developed by Mitsubishi Electric, a Japanese company. There are security vulnerabilities in the versions of Mitsubishi Electric FREQSHIP-mini from 8.0.0 to 8.0.2. These vulnerabilities stem from improper default...

8.8CVSS7.3AI score0.00148EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.15 views

WordPress plugin SportsPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS6.1AI score0.0075EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.15 views

OpenVPN security vulnerabilities

OpenVPN is a software package developed by OpenVPN Inc. in the United States, used to create encrypted VPN tunnels. It utilizes the OpenSSL library to encrypt data and control information, and allows the created VPNs to use public keys, electronic certificates, or username/password for...

7CVSS5.8AI score0.00323EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.15 views

ibaPDA security vulnerabilities

ibaPDA is an industrial process data acquisition and analysis system developed by the German company iba. There is a security vulnerability in ibaPDA, which allows unauthorized operations on the file system under certain conditions. This vulnerability may affect the confidentiality, integrity, or...

10CVSS5.8AI score0.00409EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.15 views

DynamicWeb security vulnerabilities

DynamicWeb is a full-stack digital experience platform developed by the American company DynamicWeb. Versions of DynamicWeb prior to 9.12.8 contained security vulnerabilities. These vulnerabilities were caused by logical issues that allowed new administrator users to be added, potentially leading...

9.8CVSS5.8AI score0.40739EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.15 views

WordPress Plugin Lawyer Directory Security Vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS5.8AI score0.0042EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.15 views

Incus path traversal vulnerability

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.21.0 contained a path traversal vulnerability. This vulnerability stemmed from directory traversal or symbolic link issues within the template functionality, which could lead to arbitrary file...

8.7CVSS6AI score0.00731EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.15 views

NVIDIA CUDA toolkit code issues and vulnerabilities

The NVIDIA CUDA toolkit is a toolset developed by NVIDIA Corporation in the United States. It provides a development environment for creating high-performance GPU-accelerated applications. The CUDA toolkit has code vulnerabilities that stem from defects in the application’s DLL loading mechanism...

6.7CVSS5.8AI score0.00156EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.15 views

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved security vulnerabilities

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of the American company Juniper Networks. Juniper Networks Junos OS is a network operating system specifically designed for the company’s hardware devices. This operating system provides secure programming interface...

8.7CVSS6AI score0.00367EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.15 views

Microsoft Windows Cloud Files Mini Filter Driver 安全漏洞

Microsoft Windows Cloud Files Mini Filter Driver is a cloud file filter driver from Microsoft USA. An elevation of privilege vulnerability exists in Microsoft Windows Cloud Files Mini Filter Driver, which can be exploited by an attacker to elevate privileges...

7.8CVSS5.8AI score0.00453EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.15 views

Microsoft Windows Shell 安全漏洞

The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft USA.Easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. On some versions of Windows, featur...

4.6CVSS5.9AI score0.00712EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/12 12:0 a.m.15 views

xmall 安全漏洞

XMall is a distributed e-commerce shopping mall based on SOA architecture by the individual developer of Exrick. A security vulnerability exists in version 1.1 of xmall, which stems from improper access control of the /member/orderList API, and could lead to an attacker accessing other users' ord...

8.2CVSS6.6AI score0.00206EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.15 views

Red Hat Undertow 安全漏洞

Red Hat Undertow is a Java-based embedded web server from Red Hat, Inc. and is the default web server for Wildfly Java Application Server. A security vulnerability exists in Red Hat Undertow that stems from not properly validating the Host header, which could lead to cache poisoning, internal...

9.6CVSS6.6AI score0.01179EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.15 views

libsodium 安全漏洞

libsodium is a cryptographic software library by the individual developer Frank Denis. A security vulnerability exists in libsodium, which stems from the inclusion of a vulnerable version of libsodium that could lead to improper validation of elliptic curve points...

9.8CVSS6.5AI score0.00228EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.15 views

WordPress plugin WING WordPress Migrator 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

9.6CVSS5.7AI score0.00171EPSS
Exploits0References1
Total number of security vulnerabilities5000