Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

PowerDNS Authoritative 安全漏洞

PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has security vulnerabilities, which stem from concurrency and locking flaws in GSS-TSIG...

7.5CVSS5.8AI score0.00264EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Netatalk 操作系统命令注入漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.4 to 4.4.2 of Netatalk contained a vulnerability related to operating system command injection. This vulnerability...

7.5CVSS6.1AI score0.0036EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.15 views

Trend Micro Apex One和TrendAI Vision One Endpoint Security - Standard Endpoint Protection 访问控制错误漏洞

Trend Micro Apex One and TrendAI Vision One Endpoint Security – Standard Endpoint Protection are products of Trend Micro, a US-based company. Trend Micro Apex One is a terminal protection software. TrendAI Vision One Endpoint Security – Standard Endpoint Protection is an enterprise terminal...

7.8CVSS6.7AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Trend Micro Apex One和TrendAI Vision One Endpoint Security - Standard Endpoint Protection 访问控制错误漏洞

Trend Micro Apex One and TrendAI Vision One Endpoint Security – Standard Endpoint Protection are products of Trend Micro, a US-based company. Trend Micro Apex One is a terminal protection software. TrendAI Vision One Endpoint Security – Standard Endpoint Protection is an enterprise terminal...

7.8CVSS6.6AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

TEİAŞ Mobile Application 代码问题漏洞

TEİAŞ Mobile Application is a mobile application developed by the Turkish company TEİAŞ, which provides information and services related to power transmission operations. Versions of the TEİAŞ Mobile Application from 1.6.2 to 1.13 had code vulnerabilities. These vulnerabilities were caused by...

5.7CVSS5.9AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 1.5.0 to 4.4.2 of Netatalk contained security vulnerabilities. These vulnerabilities stemmed from the authentication modul...

5CVSS5.8AI score0.00277EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Netatalk 缓冲区错误漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.0 to 4.4.2 of Netatalk contain a buffer error vulnerability. This vulnerability stems from multiple heap out-of-bound read...

7.1CVSS6AI score0.0029EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There are security vulnerabilities in FreeBSD, which originate from the capnet service. When new restrictions override old ones, the omitted keys are treated as allowing any operation. This can lead to applications that...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

TrendAI Apex One 安全漏洞

TrendAI Apex One is an enterprise security platform provided by TrendAI that offers terminal protection, malware detection, and threat response capabilities. TrendAI Apex One has a security vulnerability that stems from directory traversal. This vulnerability may allow pre-authenticated local...

6.7CVSS6.9AI score0.12682EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Trend Micro Apex One和TrendAI Vision One Endpoint Security - Standard Endpoint Protection 访问控制错误漏洞

Trend Micro Apex One and TrendAI Vision One Endpoint Security – Standard Endpoint Protection are products of Trend Micro, a US-based company. Trend Micro Apex One is a terminal protection software. TrendAI Vision One Endpoint Security – Standard Endpoint Protection is an enterprise terminal...

7.8CVSS6.6AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.0.0 to 4.4.2 of Netatalk contain security vulnerabilities. These vulnerabilities stem from a check on time usage conditions...

3.7CVSS5.8AI score0.00236EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.8 views

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.2 to 4.4.2 of Netatalk contain security vulnerabilities. These vulnerabilities stem from the lack of FORTIFYSOURCE...

3.7CVSS6AI score0.00335EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Concrete CMS 访问控制错误漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier contained a access control vulnerability caused by unvalidated page metadata exposure. This vulnerability could lead to the disclosure of titles, paths, descriptions, and...

6.3CVSS5.8AI score0.00195EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.12 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS from 9 to 9.5.0 had a cross-site request forgeing vulnerability, which originated from the concrete/controllers/dialog/logs/delete file...

8.8CVSS5.7AI score0.00142EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Netatalk 路径遍历漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.1.0 to 4.4.2 of Netatalk contained a path traversal vulnerability. This vulnerability stemmed from incomplete cleanup of...

7.6CVSS5.8AI score0.00322EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.14 views

Trend Micro Apex One 访问控制错误漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has an access control vulnerability, which stems from a source verification error. This vulnerability may allow local attackers to gain elevated privileges...

7.8CVSS7.1AI score0.00337EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Trend Micro Apex One和TrendAI Vision One Endpoint Security - Standard Endpoint Protection 安全漏洞

Trend Micro Apex One and TrendAI Vision One Endpoint Security – Standard Endpoint Protection are products of Trend Micro, a US-based company. Trend Micro Apex One is a terminal protection software. TrendAI Vision One Endpoint Security – Standard Endpoint Protection is an enterprise terminal...

7.8CVSS6.7AI score0.003EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Gmission Web Fax 输入验证错误漏洞

Gmission Web Fax is a network fax management system developed by the South Korean company Gmission. In versions 3.0 to 3.1 of Gmission Web Fax, there was a vulnerability related to input validation errors. This vulnerability stemmed from improper input validation and unrestricted uploading of...

8.6CVSS6.2AI score0.0012EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.13 views

Drupal 安全漏洞

Drupal is an open-source content management system developed using the PHP language by the Drupal community. Versions 7.x-1.0 to 7.x-1.10 of Drupal have security vulnerabilities. These vulnerabilities stem from improper output escaping of term-derived text in Simple Hierarchical Select, which may...

5.4CVSS5.6AI score0.00205EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.12 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system designed for teams. Versions of Concrete CMS 9.5.0 and earlier contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the doupdate method not verifying the CSRF token, which could allow attackers to trigger...

8.8CVSS5.7AI score0.00132EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.12 views

Concrete CMS 安全漏洞

Concrete CMS is an open-source content management system designed for teams. Concrete CMS versions 9.5.0 and earlier have security vulnerabilities. These vulnerabilities stem from a lack of authorization in the bulkuserassignment.php file, which may lead to permissions being granted to...

8.8CVSS5.8AI score0.00301EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Concrete CMS 安全漏洞

Concrete CMS is an open-source content management system designed for teams. Concrete CMS versions 9.5.0 and earlier have a security vulnerability that stems from an authorization bypass in the calendar event front-end dialog box. This vulnerability could lead to cross-calendar data leaks...

6.3CVSS5.8AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

LiteLLM 安全漏洞

LiteLLM is an open-source application developed by Berri AI. It can utilize all LLM APIs in the OpenAI format. Prior to version 1.83.10, LiteLLM had a security vulnerability. This vulnerability stemmed from the lack of restrictions on the fields that could be modified by the /user and /update...

8.8CVSS5.8AI score0.00653EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

tickets 信任管理问题漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a vulnerability related to trust management. This vulnerability stemmed from hardcoding MySQL database credentials in the loader.php file and submittin...

9.2CVSS5.9AI score0.00305EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of multiple POST parameters mdbhost, mdbdb, mdbuser, mdbpassword,...

5.4CVSS5.8AI score0.00212EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.12 views

tickets SQL注入漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a SQL injection vulnerability. This vulnerability stemmed from the offset GET parameters in the ajax/fullsit-incidents.php file being directly...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier had a cross-site request forgeing vulnerability. This vulnerability occurred due to the lack of validation of the CSRF token before processing requests like...

7.5CVSS5.7AI score0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.13 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions prior to Concrete CMS 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability stemmed from the function concrete/controllers/backend/file approveVersion, which was vulnerable to cross-si...

6.5CVSS5.7AI score0.00115EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

tickets 信任管理问题漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a vulnerability related to trust management. This vulnerability stemmed from the hardcoding of a Google Maps API key in the tables.php file, which coul...

6.9CVSS5.9AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.12 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of the id and ticketid GET parameters in the patientw.php file, allowing...

5.4CVSS5.7AI score0.00169EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x have security vulnerabilities. These vulnerabilities stem from a failure to verify the team-level operating permissions for target teams,...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS prior to 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability was exploited through the concrete/controllers/backend/file rescanMultiple function, making it susceptibl...

8.8CVSS5.7AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.13 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system designed for teams. Versions of Concrete CMS prior to 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability stems from the function concrete/controllers/backend/file addFavoriteFolder$id, which is vulnerable to cross-sit...

8.8CVSS5.7AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions prior to Concrete CMS 9.5.0 had a cross-site request forgeing vulnerability, which was exploited through the concrete/controllers/dialog/express/association/reorder module...

8.8CVSS5.7AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

Concrete CMS 安全漏洞

Concrete CMS is an open-source content management system designed for teams. Concrete CMS versions 9.5.0 and earlier have security vulnerabilities, which stem from IDOR. These vulnerabilities may allow unauthorized parties to access confirmation messages and obtain ratings...

6.3CVSS5.8AI score0.00195EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

Concrete CMS 安全漏洞

Concrete CMS is an open-source content management system designed for teams. Concrete CMS versions 9.5.0 and earlier have security vulnerabilities. These vulnerabilities stem from missing identity verification mechanisms, which could allow unauthorized access to internal site structure data...

6.3CVSS5.8AI score0.00202EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Concrete CMS 安全漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier have security vulnerabilities. These vulnerabilities stem from insecure direct object references in the Express Entry Detail block, which may allow unauthorized access to...

6.3CVSS5.8AI score0.00204EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier had a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of validation of CSRF tokens, which could allow attackers to overwrite PHP files...

8.8CVSS5.8AI score0.00171EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Concrete CMS 跨站脚本漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the controller not verifying or cleaning the height parameter, which could lead to storage-based...

7.3CVSS5.7AI score0.00122EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

tickets 信任管理问题漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a vulnerability related to trust management. This vulnerability stemmed from the hardcoding of a Google Maps API key in the settings.inc.php file. This...

6.9CVSS5.9AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of the ref and modeorig POST parameters in oswatch.php, allowing uncleane...

5.4CVSS5.8AI score0.00169EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the failure to clean the frmname and frmid POST parameters in...

5.4CVSS5.8AI score0.00259EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the lack of proper cleaning of multiple POST parameters in the dbloader.php file,...

5.4CVSS5.8AI score0.00212EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

Apache Fory 代码问题漏洞

Apache Fory is a serialization framework developed by the Apache Foundation. Versions of Apache Fory prior to 1.0.0 contained code vulnerabilities. These vulnerabilities stemmed from the ReduceSerializer in PyFory, which might bypass the DeserializationPolicy validation hook during state...

9.8CVSS5.9AI score0.00574EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.14 views

PosCube QR Menu 安全漏洞

PosCube QR Menu is a QR code electronic menu and ordering management system for the catering industry developed by the Turkish company PosCube. The versions of PosCube QR Menu dated back to May 21052026 and earlier contained a security vulnerability. This vulnerability stemmed from an authorizati...

7.5CVSS5.9AI score0.00251EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.8 views

WordPress plugin Mail Mint 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

WordPress plugin HAPPY 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.5CVSS5.8AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has a security vulnerability, which stems from a race condition between the time spent on signature verification and the time used. This condition may allow local attackers to...

7CVSS7.1AI score0.00301EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 1.5.0 to 4.4.2 of Netatalk have security vulnerabilities. These vulnerabilities stem from the use of DES-ECB for authenticatio...

5.9CVSS5.9AI score0.00389EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Honeywell Control Network Module 安全漏洞

The Honeywell Control Network Module is a network communication control module developed by the American company Honeywell, aimed at industrial automation and process control systems. The Honeywell Control Network Module has a security vulnerability that stems from the insertion of sensitive...

5.8AI score0.00041EPSS
Exploits0References1
Total number of security vulnerabilities195539