Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

WordPress plugin AudioIgniter 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.5CVSS5.8AI score0.01508EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Trimble SketchUp 安全漏洞

Trimble SketchUp is a 3D modeling software developed by Trimble in the United States. It is designed for architects, urban planning experts, producers, game developers, and professionals in related fields. Trimble SketchUp has a security vulnerability that stems from improper handling of dynamic...

9.3CVSS6.4AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

WordPress plugin Location Weather 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.8AI score0.00248EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2026.1.16.0 contained security vulnerabilities. These vulnerabilities stemmed fro...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the insertion of sensitive information into log files, which could lead to resource leaks...

7.5CVSS5.8AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Request Tracker 授权问题漏洞

Request Tracker is a problem and ticket tracking system developed by Request Tracker Inc. Versions of Request Tracker from 5.0.9 and earlier, as well as versions 6.0.0 to 6.0.2, have a permission issue vulnerability. This vulnerability stems from an authentication bypass in RT installations that...

8.1CVSS5.8AI score0.00392EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go. This vulnerability arises from parsing arbitrary HTML and using Render for rendering, which may lead ...

6.1CVSS5.9AI score0.00178EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.8 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go. This vulnerability arises from parsing arbitrary HTML and using Render for rendering, which may lead ...

6.1CVSS5.9AI score0.00178EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go; this vulnerability stems from the possibility of consuming excessive CPU resources when parsing...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from creating ed25519.PrivateKey by forced conversion of format-errorsed bytes in the...

5.3CVSS5.8AI score0.00313EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.7 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the improperly checking the revocation status of the revoked SignatureKey by CA...

9.1CVSS5.8AI score0.00487EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from an integer overflow in the calculation of the internal payload size when writing dat...

9.1CVSS5.9AI score0.00466EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the unserialized constraints when adding keys. This vulnerability may lead to the...

9.1CVSS5.8AI score0.00525EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, where non-empty permissions are silently discarded when an Authentication callback returns...

6.3CVSS5.8AI score0.00314EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from using Render to render arbitrary HTML. This can lead to an unexpected HTML tree, and...

6.1CVSS5.9AI score0.00188EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from an error in the conversion between bytes and integers. This vulnerability may cause ...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from an authorization bypass. If any type of callback other than a public key is passed,...

10CVSS5.8AI score0.0044EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.14 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which occurs when using CertChecker as a public key callback without setting IsUserAuthority or IsHos...

5.3CVSS5.8AI score0.00394EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from keys that accept the ConfirmBeforeUse constraint but never enforce it, resulting in...

9.1CVSS5.8AI score0.0036EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, where the RSA and DSA public key parsers do not enforce size limits on key parameters, which may caus...

7.5CVSS5.8AI score0.00415EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.13 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, where the Verify method does not check the presence flag of the user. This allows signatures generate...

9.1CVSS5.8AI score0.00373EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the ToASCII and ToUnicode functions accepting Punycode encoded tags that are decoded...

9.6CVSS5.8AI score0.00478EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

HP ENVY 5000 Series 安全漏洞

The HP ENVY 5000 Series is a series of integrated inkjet printers from the American company HP that support wireless printing and scanning. The HP ENVY 5000 Series VERBASPP1N003.2237A.00 version has a security vulnerability. This vulnerability stems from improper management of concurrent TCP...

5.9CVSS5.8AI score0.0016EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Microsoft 365 Copilot 命令注入漏洞

Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper of special elements during command injections. This vulnerability could allow unauthorized attackers ...

7.5CVSS5.8AI score0.00503EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Typebot 安全漏洞

Typebot is an open-source chat bot builder developed by Baptiste Arnaud. Versions of Typebot 3.15.2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the getResultLogs API endpoint, which did not verify whether the resultId belonged to a authorized typebotId. This...

6.5CVSS5.9AI score0.00316EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...

3.1CVSS5.8AI score0.00133EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Microsoft Azure Privileged Identity Management 安全漏洞

Microsoft Azure Privileged Identity Management is a cloud-based privilege account and permission lifecycle management service provided by Microsoft. There is a security vulnerability in Microsoft Azure Privileged Identity Management, which stems from bypassing authorization through user-controlle...

8.8CVSS5.8AI score0.00426EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

9front 安全漏洞

9front is an open-source class Unix distributed operating system based on Plan 9. 9front has a security vulnerability, which stems from respecting the default values provided by the website for HTML file upload forms. This vulnerability could allow attackers to create websites with malicious...

8.2CVSS5.8AI score0.00276EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Microsoft Azure Resource Manager 授权问题漏洞

Microsoft Azure Resource Manager is a deployment and management service provided by the American company Microsoft. There is an authorization issue vulnerability in Microsoft Azure Resource Manager, which stems from improper authentication practices. This vulnerability could allow unauthorized...

10CVSS5.8AI score0.00494EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.8 views

Microsoft Entra ID 访问控制错误漏洞

Microsoft Entra ID is a cloud-based identity and management solution provided by Microsoft Corporation. There is an access control vulnerability in Microsoft Entra ID, which stems from a source verification error. This vulnerability could allow unauthorized attackers to escalate their privileges...

10CVSS5.8AI score0.00301EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Microsoft 365 Copilot 命令注入漏洞

Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper of special elements during command injections. This vulnerability could allow unauthorized attackers ...

9.3CVSS5.8AI score0.0042EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...

2.7CVSS6AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Easy Chat Server 安全漏洞

Easy Chat Server is a LAN chat server software developed by Easy Chat Server Inc. Version 3.1 of Easy Chat Server has a security vulnerability. This vulnerability stems from a buffer overflow in the chat message function, which could allow remote attackers to obtain sensitive information and...

7.3CVSS6.3AI score0.00425EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Dell PowerFlex Manager 信任管理问题漏洞

Dell PowerFlex Manager is a management tool developed by Dell, Inc. Versions of Dell PowerFlex Manager prior to 4.6.2 contained a trust management vulnerability. This vulnerability stemmed from improper certificate verification, which could allow unauthenticated attackers with access to adjacent...

6.5CVSS5.8AI score0.00083EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from sending TCP, IL, RUDP, or GRE packets with a packet size smaller than the header size, potentially...

9.2CVSS5.8AI score0.00291EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.28 views

TP-Link多款产品 安全漏洞

TP-Link Archer RE650, among others, are products of the Chinese company TP-Link. The TP-Link Archer RE650 is a dual-band Gigabit wireless signal extender. The TP-Link Archer RE305 is also a dual-band Gigabit wireless signal extender. The TP-Link Archer RE360 is a wireless repeater that supports...

8.8CVSS5.8AI score0.00398EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.1 contained security vulnerabilities; these vulnerabilities were due to insufficient session expiration time, which could lead to session reuse...

9.6CVSS5.8AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Docker Desktop 安全漏洞

Docker Desktop is a desktop software by the American company Docker, based on container technology, designed for lightweight application deployment. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well as...

8.8CVSS7.3AI score0.00211EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Dell PowerFlex Manager 输入验证错误漏洞

Dell PowerFlex Manager is a product of the American company Dell. Versions of Dell PowerFlex Manager prior to 4.6.2 contained a vulnerability related to input validation. This vulnerability stemmed from open redirection, allowing unauthenticated attackers to redirect target application users to...

8.2CVSS5.9AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

WordPress plugin WP ERP Pro SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.5CVSS5.9AI score0.00273EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.16 views

Dell PowerFlex Manager 安全漏洞

Dell PowerFlex Manager is a software-defined infrastructure deployment and lifecycle management platform developed by the American company Dell. Versions of Dell PowerFlex Manager prior to 4.6.2 contain security vulnerabilities. These vulnerabilities stem from the exposure of directory list...

7.5CVSS5.8AI score0.00127EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...

4.3CVSS5.8AI score0.00162EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Dell Unisphere for PowerMax vApp 授权问题漏洞

Dell Unisphere for PowerMax vApp is a virtualization management solution developed by the American company Dell. Versions of Dell Unisphere for PowerMax vApp prior to 10.0.0.2 had an authorization-related vulnerability. This vulnerability stemmed from an attempt to bypass authorization...

7.5CVSS5.8AI score0.00247EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...

2.4CVSS5.8AI score0.00157EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.13 views

Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of default passwords, which could allow attempts using common or default usernames and passwords...

5.1CVSS5.8AI score0.00105EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

ZTE MU5250 安全漏洞

The ZTE MU5250 is a 5G mobile Wi-Fi device produced by ZTE Corporation. The ZTE MU5250 has a security vulnerability, which stems from improper configuration of the access control mechanism. This vulnerability may allow attackers to obtain information without proper authorization, posing a risk of...

5.7CVSS5.8AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...

5CVSS5.9AI score0.00169EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.13 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...

7.1CVSS5.8AI score0.00176EPSS
Exploits0References1
Total number of security vulnerabilities195539