Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Adobe Dreamweaver Desktop 安全漏洞

Adobe Dreamweaver Desktop is a web design and development software provided by Adobe, a company based in America. Versions of Adobe Dreamweaver Desktop starting from 21.7 and earlier have security vulnerabilities. These vulnerabilities stem from incorrect authorization, which may allow arbitrary...

6.3CVSS5.5AI score0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows DHCP Server 缓冲区错误漏洞

Microsoft Windows DHCP Server is a core service of the American company Microsoft, used for automatically retrieving network configuration information. There is a buffer error vulnerability in Microsoft Windows DHCP Server. Attackers can exploit this vulnerability to obtain sensitive information...

5.5CVSS5.7AI score0.00362EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability that ste...

7.8CVSS7.6AI score0.00285EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

SAP Business Objects 安全漏洞

SAP Business Objects is a business intelligence suite developed by the German company SAP. There is a security vulnerability in SAP Business Objects, which allows unauthorized attackers to access certain endpoints and thereby disclose sensitive information...

3.7CVSS5.2AI score0.00188EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Microsoft Windows Ancillary Function Driver for WinSock 资源管理错误漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a compatibility driver developed by Microsoft for Winsock. There is a resource management vulnerability present in the Microsoft Windows Ancillary Function Driver for WinSock. The following products and versions are affected: Windows...

7CVSS5.2AI score0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Spring Framework 资源管理错误漏洞

The Spring Framework is an application development framework developed by Spring in open source. Vulnerabilities related to resource management exist in versions 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 of the Spring Framework. These vulnerabilities may lead to...

5.9CVSS5.2AI score0.00247EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Windows Projected File System Filter Driver 缓冲区错误漏洞

Microsoft Windows is an operating system used on personal devices by the American company Microsoft. The Microsoft Windows Projected File System Filter Driver has a buffer error vulnerability. The following products and versions are affected: Windows Server 2019 Server Core installation, Windows ...

7.8CVSS6AI score0.00326EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

SAP NetWeaver Application Server ABAP 数据伪造问题漏洞

SAP NetWeaver Application Server ABAP is a platform used by SAP, a German company, for the operation and development of applications written in the ABAP language. There is a vulnerability in SAP NetWeaver Application Server ABAP, which allows authenticated attackers to obtain valid signed message...

9.9CVSS5.3AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft HTTP.sys 缓冲区错误漏洞

Microsoft HTTP.SYS is an HTTP application protocol developed by Microsoft Corporation. There are security vulnerabilities in Microsoft HTTP.SYS. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected: Windows 10 Version 1809 for 32-bit system...

9.8CVSS6.1AI score0.21506EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Mozilla Focus for iOS和Mozilla Klar for iOS 安全漏洞

Mozilla Focus for iOS and Mozilla Klar for iOS are mobile web browsers designed with privacy protection in mind by the American Mozilla Foundation. Both browsers have cross-site scripting vulnerabilities. These vulnerabilities arise due to improper input validation during the Webkit navigation...

7.5CVSS5.8AI score0.00216EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

NETGEAR JR6150 输入验证错误漏洞

NETGEAR JR6150 is a wireless router produced by NETGEAR, a company in the United States. The NETGEAR JR6150 has a vulnerability related to input validation. This vulnerability stems from insufficient input validation, which may allow users connected to the local WiFi network to execute operating...

8CVSS5.5AI score0.00289EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Windows RDP 缓冲区错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows RDP component has a buffer error vulnerability. The following products and versions are affected: Windows 10 Version 1809 for 32-bit systems, Windows 10 Version 1809 for...

7.5CVSS6AI score0.0087EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe Substance3D Sampler 缓冲区错误漏洞

Adobe Substance3D Sampler is a rendering software for 3D scenes developed by Adobe Inc. Versions of Adobe Substance3D Sampler 6.0.0 and earlier contain a buffer error vulnerability. This vulnerability stems from an out-of-bounds write vulnerability, which could allow arbitrary code to be executed...

7.8CVSS6AI score0.00144EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

SQLFluff 资源管理错误漏洞

SQLFluff is an open-source SQL linter that features flexible and configurable syntax. Versions of SQLFluff prior to 4.2.0 contained a resource management vulnerability. This vulnerability stemmed from the parser’s improper handling of malicious long SQL queries, which could lead to resource...

7.5CVSS5.6AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability. This...

7.8CVSS5.9AI score0.00168EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Logseq 跨站脚本漏洞

Logseq is an open-source knowledge management and collaboration platform developed by Logseq. Version 0.10.15 of Logseq contains a cross-site scripting vulnerability. This vulnerability stems from plugins running in a sandbox iframe, which allow arbitrary HTML attributes such as event handlers to...

4.6CVSS5.3AI score0.00139EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

GPAC MP4Box 代码问题漏洞

GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Version 2.4 of GPAC MP4Box has a code vulnerability cause...

7.5CVSS5.3AI score0.00467EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Nemon Trade Energy和Nemon Trade Energy CRM SQL注入漏洞

Nemon Trade Energy and Nemon Trade Energy CRM are both products of the Spanish company Nemon. Nemon Trade Energy is a platform for managing energy retail businesses. Nemon Trade Energy CRM is a platform for managing energy customer relationships. Both Nemon Trade Energy and Nemon Trade Energy CRM...

9.3CVSS6.3AI score0.00349EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Win32k 输入验证错误漏洞

Microsoft Win32k is a system file used by Microsoft for multi-user management in Windows. There is an input validation vulnerability in Microsoft Win32k. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected: Microsoft Excel for Androi...

7.8CVSS5.6AI score0.00437EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.2AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Office 资源管理错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. Microsoft Office has a resource management vulnerability that stems from type confusion, which...

8.4CVSS7.2AI score0.00438EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft DWM Core Library 资源管理错误漏洞

The Microsoft DWM Core Library is a core library of Microsoft Windows from the company Microsoft. There is a resource management vulnerability in the Microsoft DWM Core Library. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected:...

7.8CVSS5.4AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

NETGEAR Routers 缓冲区错误漏洞

NETGEAR Routers are a series of routers produced by NETGEAR, a company in the United States. NETGEAR Routers have a buffer error vulnerability; this vulnerability arises from unauthorized local network users sending specially crafted requests, which may cause the router to become unavailable. The...

7.1CVSS5.7AI score0.00357EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft .NET 后置链接漏洞

Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and network transparency. There is a post-release vulnerability in Microsoft .NET. Attackers can exploit...

6.2CVSS5.3AI score0.00388EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Zephyr 缓冲区错误漏洞

Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. Zephyr has a buffer error vulnerability, which stems from a 2-byte out-of-bounds write during the L2CAP LE CoC SDU recombination process by the Bluetooth host. This vulnerability may cause remote,...

8.8CVSS5.8AI score0.00452EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

WordPress plugin Accordions 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.3AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Adobe InCopy 缓冲区错误漏洞

Adobe InCopy is a professional text editing and typesetting software, primarily used for creating and editing content in collaboration with Adobe InDesign. Adobe InCopy has a security vulnerability that stems from improper handling of malicious files, leading to out-of-bound memory writes...

7.8CVSS6.2AI score0.00139EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Remote Desktop Client 缓冲区错误漏洞

Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There are security vulnerabilities in Microsoft Remote Desktop Client. Attackers can exploit these vulnerabilities to execute code remotely. The following products and versions are affected: Windows...

7.5CVSS5.9AI score0.00434EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Remote Desktop Client 竞争条件问题漏洞

Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There is a vulnerability related to competition conditions in Microsoft Remote Desktop Client. The following products and versions are affected: Remote Desktop client for Windows Desktop, Windows Server...

7.5CVSS5.4AI score0.00473EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

VMware Spring LDAP 授权问题漏洞

VMware Spring LDAP is an LDAP directory service integration framework developed by the American company VMware. There were vulnerabilities related to authorization in versions of VMware Spring LDAP from 2.4.0 to 2.4.4, 3.2.0 to 3.2.17, 3.3.0 to 3.3.7, and 4.0.0 to 4.0.3. These vulnerabilities...

7.4CVSS5.3AI score0.00257EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.25 views

SolarWinds Observability Self-Hosted 输入验证错误漏洞

SolarWinds Observability Self-Hosted is an observability platform developed by the American company SolarWinds. SolarWinds Observability Self-Hosted has a vulnerability related to input validation errors. This vulnerability arises when attackers can provide a specially crafted external URL,...

4.8CVSS5.3AI score0.0021EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

NETGEAR Routers 输入验证错误漏洞

NETGEAR Routers are a series of routers produced by NETGEAR, a company in the United States. NETGEAR Routers have a vulnerability related to input validation. This vulnerability stems from the possibility that authenticated administrators who are connected to the local network may gain elevated...

5.7CVSS5.4AI score0.00219EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Microsoft Defender for Endpoint 安全漏洞

Microsoft Defender for Endpoint is an enterprise endpoint security platform provided by Microsoft Corporation in the United States. It helps protect against advanced persistent threats. There are security vulnerabilities in Microsoft Defender for Endpoint. Attackers can exploit these...

7CVSS5.4AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Office Sharepoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. Microsoft Office SharePoint has a cross-site scripting vulnerability. Attackers exploit this vulnerability to carry out cross-site scripting attacks. The followi...

5.4CVSS6.9AI score0.0051EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

VMware Spring Framework 安全特征问题漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, Inc. This framework helps developers build high-quality applications. Versions of VMware Spring Framework from 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 contain security...

7.5CVSS5.2AI score0.00171EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

VMware Spring HATEOAS 访问控制错误漏洞

VMware Spring HATEOAS is a REST API hypermedia development framework provided by the American company VMware. Vulnerabilities in access control exist in versions 1.5.0 to 1.5.6, 2.3.0 to 2.3.4, 2.4.0 to 2.4.1, 2.5.0 to 2.5.2, and 3.0.0 to 3.0.3 of VMware Spring HATEOAS. This vulnerability stems...

7.5CVSS5.3AI score0.00276EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Windows Ancillary Function Driver for WinSock 竞争条件问题漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a accessibility driver for Winsock developed by Microsoft Corporation. There are vulnerabilities related to race conditions in the Microsoft Windows Ancillary Function Driver for WinSock. Attackers can exploit these vulnerabilities to...

7CVSS5.4AI score0.00179EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

WordPress plugin WP Meta Sort Posts 跨站请求伪造漏洞

WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed on a WordPress site. The WP Meta Sort Posts plugin has a cross-site request...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Office SharePoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. Microsoft Office SharePoint has a cross-site scripting vulnerability. Attackers exploit this vulnerability to carry out cross-site scripting attacks. The followi...

4.6CVSS6.9AI score0.00505EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Tenda W3 安全漏洞

The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 Wireless Router contains a security vulnerability. This vulnerability stems from an stack overflow in the wlradio parameter within the formwrlSSIDget function, which could all...

6.5CVSS5.5AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Elixir 资源管理错误漏洞

Elixir is a functional programming language developed under open source, running on the BEAM virtual machine. Versions of Elixir from 1.5.0 to 1.20.1 contained a resource management vulnerability. This vulnerability stemmed from an uncontrolled resource consumption issue within the Version module...

5.1CVSS5.3AI score0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Windows Shell 信息泄露漏洞

Microsoft Windows Shell is the graphical user interface of the Windows operating system developed by Microsoft Corporation. Key features of the Windows Shell include the desktop, taskbar, start menu, task switcher, and auto-play. There is an information leakage vulnerability present in Microsoft...

6.5CVSS5.3AI score0.00816EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

WordPress plugin Slider Revolution 信息泄露漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Office 缓冲区错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. Microsoft Office has a buffer overflow vulnerability, which stems from out-of-bounds reading,...

5.5CVSS7.3AI score0.00465EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.2AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Windows Cryptographic Services 授权问题漏洞

Microsoft Windows Cryptographic Services are encryption services provided by Microsoft Corporation. There is an authorization issue vulnerability in Microsoft Windows Cryptographic Services. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions ar...

8.4CVSS5.3AI score0.00261EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Tenda G0 安全漏洞

Tenda G0 is a router produced by the Chinese company Tenda. The version 15.11.0.5 of Tenda G0 contains a security vulnerability. This vulnerability stems from multiple buffer overflows in the qqStr and markStr parameters within the Saveqqlist function. It is possible for attackers to exploit this...

7.5CVSS5.6AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

TYPO3 CMS 代码问题漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source framework. Code vulnerabilities existed in versions prior to TYPO3 CMS 10.4.57, as well as in versions 11.0.0 to 11.5.51, 12.0.0 to 12.4.46, 13.0.0 to 13.4.31, and 14.0.0 to 14.3.3. These vulnerabilities stemmed from...

6.3CVSS6.4AI score0.00215EPSS
Exploits0References2
Total number of security vulnerabilities195539