Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/25 12:0 a.m.14 views

Splinterware System Scheduler Pro 安全漏洞

Splinterware System Scheduler Pro is a task scheduling management software from Splinterware. A security vulnerability exists in Splinterware System Scheduler Pro version 5.12, which stems from insecure file permissions and could allow a low-privileged user to elevate privileges by modifying the...

8.6CVSS5.8AI score0.00159EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

WordPress plugin NanoCare 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.4CVSS5.8AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Edimax EW-7438RPn 安全漏洞

Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Edimax. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates in the parameter maxConn/timeOut operation of the function formConnectionSetting in the file /goform/formConnectionSetting, and...

9CVSS7.7AI score0.00751EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

PuTTY 安全漏洞

PuTTY is a suite of free Telnet, Rlogin and SSH client software from the individual developer Simon Tatham. The software is primarily used for remote administration of Linux systems. A security vulnerability exists in PuTTY versions prior to 0.84 that stems from using a copy of the PuTTY icon as ...

3.1CVSS5.8AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.23 views

PuTTY 安全漏洞

PuTTY is a suite of free Telnet, Rlogin and SSH client software from the individual developer Simon Tatham. The software is primarily used for remote administration of Linux systems. A security vulnerability exists in PuTTY versions prior to 0.84, which stems from an assertion failure in ECDSA...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

PuTTY 资源管理错误漏洞

PuTTY is a suite of free Telnet, Rlogin and SSH client software from the individual developer Simon Tatham. The software is primarily used for remote administration of Linux systems. A resource management error vulnerability exists in PuTTY versions prior to 0.84, which stems from a double releas...

5.9CVSS5.8AI score0.0032EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setL2tpServerCfg on the parameter enable in the Web Management...

10CVSS7.3AI score0.02005EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Visual Ping 安全漏洞

Visual Ping is a website change monitoring tool from Visual Ping. A security vulnerability exists in Visual Ping version 0.8.0.0, which stems from a buffer overflow in input field handling that could cause a local attacker to crash the application by supplying oversized data...

6.9CVSS6.1AI score0.0017EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Kenik Camera management Panel 路径遍历漏洞

Kenik Camera management Panel is a video surveillance management platform from Kenik. A path traversal vulnerability exists in Kenik Camera management Panel, which stems from a path traversal issue that could allow an unauthenticated attacker to send a GET request with an arbitrary file path to...

8.3CVSS5.9AI score0.00258EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

KLiK SocialMediaWebsite 代码问题漏洞

KLiK SocialMediaWebsite is a simple PHP-based social media website by the individual developer Muhammad Saad. A code issue vulnerability exists in version 1.0 of KLiK SocialMediaWebsite, which stems from the File Handler component's manipulation of the function uniqid in the file upload.inc.php,...

7.5CVSS7.1AI score0.00293EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender from the Taiwan, China-based Xunzhou Edimax Corporation. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the operation of the function formSDHCP in the file /goform/formSDHCP on the parameter...

9CVSS7.7AI score0.00589EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

WordPress plugin Organization chart 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

4.3CVSS5.8AI score0.00122EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.13 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

The TOTOLINK CA750-PoE is a wireless network access device from China's Gion Electronics TOTOLINK. The Totolink CA750-PoE version 6.2c.510 suffers from an OS command injection vulnerability, which originates from an os command injection in the operation of the parameter webWlanIdx by the...

6.5CVSS6.6AI score0.01057EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the parameter of the function setFirewallType in the Web Management Interface component file...

10CVSS7.3AI score0.01732EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK A8000RU version 7.1cu.643b20200521, which originates from the operation of the function setPasswordCfg on the parameter admpass in the Web Management Interfac...

10CVSS7.3AI score0.01909EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.13 views

Acer Care Center 安全漏洞

Acer Care Center is a system care center from Acer China that allows you to back up or restore your system settings and network drivers to prevent the effects of a system failure. A security vulnerability exists in Acer Care Center that stems from a Named Pipe created by the ACCSvc service that h...

6.8CVSS5.8AI score0.00173EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setAccessDeviceCfg on the parameter mac in the Web Management...

10CVSS7.3AI score0.01909EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.15 views

Tiandy Easy7 Integrated Management Platform SQL注入漏洞

Tiandy Easy7 Integrated Management Platform is a video surveillance integrated management platform from China Tiandy Company. A SQL injection vulnerability exists in Tiandy Easy7 Integrated Management Platform version 7.17.0, which originates from the operation of the parameter strTBName in the...

7.5CVSS7.2AI score0.00319EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

WordPress plugin SePay Gateway 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

SourceCodester Simple POS and Inventory System SQL注入漏洞

SourceCodester Simple POS and Inventory System is SourceCodester open source a simple POS and inventory system . SourceCodester Simple POS and Inventory System version 1.0 SQL injection vulnerability , the vulnerability stems from the GET Parameter Handler component /admin/deleteproduct.php file...

5.8CVSS5.9AI score0.00258EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

SourceCodester Student Grades Management System 安全漏洞

SourceCodester Student Grades Management System is a SourceCodester open source student grades management system. A security vulnerability exists in SourceCodester Student Grades Management System version 1.0, which originates from an unknown section and could lead to cross-site request forgery. ...

5.3CVSS5.7AI score0.00187EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Code-Projects Employee Management System 代码注入漏洞

Code-Projects Employee Management System is a Code-Projects open source employee management system . A code injection vulnerability exists in code-projects Employee Management System version 1.0, which stems from manipulation of the parameter ID in the file /changepassemp.php, and could lead to...

5.3CVSS5.3AI score0.00263EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

Cargo 安全漏洞

Cargo is a Rust package manager open-sourced by The Rust Programming Language. A security vulnerability exists in Cargo versions 1.68 through 1.96, which stems from a misnormalization of third-party registry URLs that use the sparse indexing protocol, where an attacker who is able to publish crat...

6.5CVSS5.9AI score0.00328EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.8 views

Apache Shiro 安全漏洞

Apache Shiro is a set of Java security frameworks for performing authentication, authorization, encryption, and session management from the Apache Foundation USA. A security vulnerability exists in Apache Shiro versions 1.0 through 2.1.0 and 3.0.0-alpha-1, which stems from a default configuration...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.14 views

Markdown Downloader MCP Server 路径遍历漏洞

Markdown Downloader MCP Server is a web-to-Markdown downloader from the individual developer Darren Bennett. A path traversal vulnerability exists in Markdown Downloader MCP Server, which originates from the operation of the function downloadmarkdown/listdownloadedfiles/createsubdirectory in the...

6.5CVSS6.6AI score0.00337EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

WordPress plugin B2BKing 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

4.9CVSS5.8AI score0.00254EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

Joomla! Responsive Portfolio SQL注入漏洞

Joomla! Responsive Portfolio is a Joomla! open source Joomla website portfolio extension. A SQL injection vulnerability exists in Joomla! Responsive Portfolio version 1.6.1, which stems from SQL injection of multiple filter parameters, which could lead to an authenticated attacker injecting...

7.1CVSS5.9AI score0.00284EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

twitter-clone SQL注入漏洞

twitter-clone is an application by Fiffe Individual Developers. twitter-clone uses + Vue 3 + light to go development + TailwindCSS + PostgreSQL + recapitulation Twitter-Clone version 1 suffers from a SQL injection vulnerability that stems from the injection of SQL code via the userid parameter in...

8.8CVSS5.9AI score0.00309EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

WordPress plugin WPSubscription 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS5.7AI score0.00122EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

Apache Shiro 安全漏洞

Apache Shiro is a set of Java security frameworks for performing authentication, authorization, encryption, and session management from the Apache Foundation USA. A security vulnerability exists in Apache Shiro versions 2.0-alpha through 2.1.0 and 3.0.0-alpha-1, which stems from a URL redirection...

5.4CVSS5.8AI score0.00383EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

WordPress plugin Smart Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

8.8CVSS5.8AI score0.00389EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Edimax EW-7438RPn 安全漏洞

Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Xunzhou Edimax. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the operation of the function formrefresh on the parameter submit-url in the file /goform/formrefresh, and could le...

9CVSS7.7AI score0.00647EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the function setParentalRules in the Web Management Interface component file /cgi-bin/cstecgi.c...

10CVSS7.3AI score0.01909EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

GNU LibreDWG 安全漏洞

GNU LibreDWG is a C language library for working with DWG files from the US GNU community. A security vulnerability exists in GNU LibreDWG version 0.14 and earlier versions, which stems from a reachable assertion in the decompressR2004section function of the src/decode.c file in the Dwgread Utili...

4.8CVSS6.1AI score0.00144EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Hackney 安全漏洞

Hackney is a program library from Hackney, Inc. A security vulnerability exists in hackney versions prior to 0.13.0 to 4.0.1, which stems from a URL decoding of host components by URL normalization functions that could lead to server-side request forgery...

6.9CVSS5.8AI score0.00201EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.8 views

OpenVSP 安全漏洞

OpenVSP is a parametric vehicle geometry modeling tool open-sourced by NASA. A security vulnerability exists in OpenVSP version 3.16.1, which stems from a buffer overflow in the geometry name field that could cause a local attacker to crash the application by supplying an extra-long string...

6.9CVSS6.1AI score0.00168EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Joomla! Component eXtroForms SQL注入漏洞

Joomla! Component eXtroForms is an open source Joomla! A SQL injection vulnerability exists in Joomla! Component eXtroForms version 2.1.5, which stems from an SQL injection in the filtertypeid, filterpidid, and filtersearch parameters, which could allow an authenticated attacker to extract...

7.1CVSS6.1AI score0.00284EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

twitter-clone 跨站请求伪造漏洞

twitter-clone is an application by Fiffe Individual Developers. twitter-clone uses + Vue 3 + light to go development + TailwindCSS + PostgreSQL + recapitulate A cross-site request forgery vulnerability exists in twitter-clone version 1, which stems from cross-site request forgery and could allow ...

5.3CVSS5.8AI score0.00199EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Tenda F1202 安全漏洞

The Tenda F1202 is a dual-band Wi-Fi router with fifth-generation technology from Tenda, China. A security vulnerability exists in the Tenda F1202 version 1.2.0.20408, which originates from manipulation of the parameter delno of the function fromPPTPUserSetting in the file /goform/PPTPUserSetting...

9CVSS7.6AI score0.00579EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setQosCfg on the parameter enable in the file /cgi-bin/cstecgi.cg...

10CVSS7.3AI score0.01909EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

Edimax EW-7438RPn 安全漏洞

Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Xunzhou Edimax. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the operation of the function formStats in the file /goform/formStats on the parameter submit-url, and could lead t...

9CVSS7.7AI score0.00589EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.7 views

AgataSoft Auto PingMaster 安全漏洞

AgataSoft Auto PingMaster is a network monitoring tool from AgataSoft, Inc. that supports host connectivity detection, latency monitoring and fault alerting. A security vulnerability exists in AgataSoft Auto PingMaster version 1.5, which stems from a stack-based buffer overflow in the Trace Route...

8.6CVSS6.5AI score0.00189EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

WordPress plugin RSVP and Event Management 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

Invoice-System 授权问题漏洞

Invoice-System is an invoice management system development exercise tool by Sushmita Palikhe individual developer. Invoice-System a0a3faa16dee2621b231ae227333f5761607283b and prior versions have an authorization issue vulnerability that stems from a parameter role operation in the User Management...

5.3CVSS5.8AI score0.00198EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

WordPress plugin Export WP Page to Static HTML/CSS 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin...

6.5CVSS5.6AI score0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

Edimax EW-7438RPn 操作系统命令注入漏洞

The Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Edimax. An OS command injection vulnerability exists in the Edimax EW-7438RPn version 1.31, which stems from the manipulation of the parameters of the function formWlanMP in the file /goform/formWlanMP by the Content-Typ...

6.5CVSS6.5AI score0.01158EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

WordPress plugin Smart Coupons for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.5CVSS5.8AI score0.00289EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

GlobalSCAPE CuteFTP 安全漏洞

GlobalSCAPE CuteFTP is a file transfer client from GlobalSCAPE Australia. A security vulnerability exists in GlobalSCAPE CuteFTP version 5.0 XP, which originates from a buffer overflow in the Site Manager tag field and could allow a local attacker to execute arbitrary code by injecting a maliciou...

8.6CVSS6.5AI score0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Krajowa Izba Rozliczeniowa Szafir SDK 安全漏洞

Krajowa Izba Rozliczeniowa Szafir SDK is an electronic signature development kit from Krajowa Izba Rozliczeniowa, Poland. A security vulnerability exists in the Krajowa Izba Rozliczeniowa Szafir SDK that stems from the cryptographic digital signature verification process returning a success statu...

9.3CVSS5.9AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Xunzhou Edimax Corporation. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the manipulation of the parameter of the function formWlanMP in the file /goform/formWlanMP, and ma...

9CVSS7.6AI score0.00445EPSS
Exploits0References4
Total number of security vulnerabilities195539