Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

Veritas InfoScale CmdServer 访问控制错误漏洞

Veritas InfoScale CmdServer is a command execution and remote management service component provided by Veritas Corporation in the US, designed for InfoScale cluster environments. Versions of Veritas InfoScale CmdServer prior to 7.4.2 contained an access control vulnerability, which was caused by...

8.8CVSS6AI score0.00375EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

WordPress plugin Boost SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.9AI score0.00366EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

WordPress plugin Faces of Users 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

6.4CVSS5.8AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

Progress Software MOVEit 安全漏洞

Progress Software MOVEit is a secure hosted file transfer software developed by Progress Software Corporation in the United States. Versions of Progress Software MOVEit prior to 2025.0.11, as well as versions from 2025.1.0 to 2025.1.7, contained security vulnerabilities. These vulnerabilities wer...

7.5CVSS5.8AI score0.00348EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 安全漏洞

The Mesalvo Meona Client Launcher Component and the Mesalvo Meona Server Component are both products of the Mesalvo company. The Mesalvo Meona Client Launcher Component is a component designed for launching clients of medical information systems and facilitating application access. The Mesalvo...

6CVSS5.8AI score0.00101EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

wordpress plugin Image Photo Gallery Final Tiles Grid 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. WordPress plugins are additional applications that can b...

4.3CVSS5.8AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

NVIDIA TensorRT 缓冲区错误漏洞

NVIDIA TensorRT is a software development toolkit provided by NVIDIA Corporation for the optimization of deep learning model inference and high-performance deployment. NVIDIA TensorRT has a buffer error vulnerability, which stems from out-of-bounds writes, potentially leading to data corruption...

8.2CVSS6AI score0.00377EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

WordPress plugin YITH WooCommerce Product Add-Ons SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.6CVSS5.9AI score0.00289EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

WordPress plugin Bottom Bar 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

Siber Systems RoboForm Password Manager 安全漏洞

Siber Systems RoboForm Password Manager is a password manager offered by Siber Systems. There is a security vulnerability in Siber Systems RoboForm Password Manager. This vulnerability arises from insufficient URL validation, user confirmation, or notification when processing Android intentions. ...

4.6CVSS5.8AI score0.00132EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the DNSSEC verifier failing to account for NSEC3 hash calculation restrictions when querying D...

6.9CVSS5.8AI score0.00339EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

NLnet Labs Unbound 访问控制错误漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. In versions 1.16.2 to 1.25.0 of NLnet Labs Unbound, there is an access control vulnerability. This vulnerability stems from a phantom domain attack. It allows attackers to control phantoms and query the vulnerable...

8.7CVSS5.7AI score0.00171EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from unbound name compression operations when handling large RRsets, which could lead to performanc...

6.9CVSS5.8AI score0.00556EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. There are security vulnerabilities in the version of NLnet Labs Unbound from 1.14.0 to 1.25.0. These vulnerabilities stem from the truncation of size calculations when encoding multiple NSIDs and/or DNS Cookies, as...

8.7CVSS5.9AI score0.00842EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from issues with timestamp updates in the jostle logic, which could prevent slow queries from being...

6.9CVSS5.8AI score0.00519EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

NLnet Labs Unbound 缓冲区错误漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. In versions 1.6.2 to 1.25.0 of NLnet Labs Unbound, there is a buffer error vulnerability. This vulnerability stems from a potential stack overflow during the DNSCrypt packet reading process. Malicious attackers can...

8.2CVSS6AI score0.00337EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound from 1.14.0 to 1.25.0 contain security vulnerabilities. These vulnerabilities stem from inconsistent locking mechanisms, and under certain conditions, they may lead to heap reclamation...

8.2CVSS5.8AI score0.00255EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

Progress Software MOVEit 安全漏洞

Progress Software MOVEit is a secure hosted file transfer software developed by Progress Software Corporation in the United States. Versions of Progress Software MOVEit prior to 2025.0.11, as well as versions from 2025.1.0 to 2025.1.7, contained security vulnerabilities due to unlimited resource...

7.5CVSS5.8AI score0.00395EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability that stems from cross-session verification proofs, which rely solely on local user IDs and IdP aliases without binding actual verified upstream identities. This...

6.4CVSS5.8AI score0.00312EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Dell PowerFlex Manager 安全漏洞

Dell PowerFlex Manager is a software-defined infrastructure deployment and lifecycle management platform developed by the American company Dell. Versions of Dell PowerFlex Manager prior to 4.6.2 contain security vulnerabilities. These vulnerabilities stem from the exposure of directory list...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

HP Linux Imaging and Printing Software 安全漏洞

HP Linux Imaging and Printing Software is a software package developed by American company HP, designed for the installation, use, and management of HP printers and scanners. There is a security vulnerability in HP Linux Imaging and Printing Software, which stems from integer overflows during the...

9.8CVSS6.1AI score0.01333EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.13 views

Frappe 路径遍历漏洞

Frappe is a web development framework based on Python and Mariadb, with integrated front-end pages, developed by the Indian company Frappe. Versions of Frappe prior to 15.105.0 and 16.15.0 have a path traversal vulnerability. This vulnerability arises from the possibility that path traversal may...

8.7CVSS5.9AI score0.01279EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Rsync versions 3.4.2 and earlier have security vulnerabilities. These vulnerabilities stem from an authorization bypass in the access control list based on hostnames during chroo...

6.3CVSS5.8AI score0.00282EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

TeleJSON 跨站脚本漏洞

TeleJSON is an open-source JSON extension library developed by Storybook that supports complex data types. Versions of TeleJSON prior to 6.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a DOM-based cross-site scripting vulnerability within the parse function...

6.1CVSS5.8AI score0.00358EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

Frappe Learning Management System 路径遍历漏洞

Frappe Learning Management System is an easy-to-use open-source learning management system developed by Frappe. Versions of the Frappe Learning Management System 2.50.0 and earlier had a path traversal vulnerability, which occurred when users uploaded SCORM ZIP packages, potentially leading files...

9.4CVSS5.8AI score0.00303EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting vulnerability in the streetview.php file...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting flaw in the addnote.php file. It could...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

Trilium Notes 跨站脚本漏洞

Trilium Notes is a hierarchical note application developed by Zadam, a personal developer. It focuses on building large-scale personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from deficiencies such as...

6.8CVSS6.3AI score0.00288EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

XWiki Platform 安全漏洞

The XWiki Platform is an open-source wiki platform used for creating web collaboration applications. Vulnerabilities exist in versions of the XWiki Platform prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17. These vulnerabilities stem from the POST /wikis/wikiName API not performing...

9.3CVSS5.8AI score0.00594EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.7 views

NVIDIA Triton Inference Server 路径遍历漏洞

NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI in production environments. NVIDIA Triton Inference Server has a path traversal vulnerability, which stems from path traversal issues and...

7.5CVSS5.8AI score0.0065EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

Cisco ThousandEyes Enterprise Agent 操作系统命令注入漏洞

Cisco ThousandEyes Enterprise Agent is an application developed by Cisco, a US-based company. It provides extended visibility, automated insights, and seamless workflows. There is a vulnerability in the Cisco ThousandEyes Enterprise Agent that involves operating system command injection. This...

6.3CVSS6.1AI score0.00416EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

libsolv 安全漏洞

Libsolv is a library in OpenSUSE that is used for checking software package dependencies. Libsolv has a security vulnerability; this vulnerability stems from a heap buffer overflow that occurs when the repoaddsolv function processes specially crafted.solv files, potentially leading to a...

6.5CVSS6AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

libsolv 安全漏洞

Libsolv is a library in OpenSUSE that is used for checking software package dependencies. Libsolv has a security vulnerability, which stems from a stack buffer overflow in the Debian metadata parser when processing specially crafted Debian repository metadata. This could lead to memory corruption...

6.5CVSS6AI score0.00399EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.13 views

EPSON L14150 安全漏洞

The EPSON L14150 is a multifunctional printer from the Japanese company EPSON. It supports A3+ format printing and wireless connectivity. The EPSON L14150 FL27PB version has a security vulnerability. This vulnerability stems from a buffer overflow issue in the RAW Printing Service JetDirect on po...

7.5CVSS6.4AI score0.00648EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin os-diagnosis-generator 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.8AI score0.00308EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

Progress Software MOVEit 安全漏洞

Progress Software MOVEit is a secure hosted file transfer software developed by Progress Software Corporation in the United States. Versions of Progress Software MOVEit prior to 2025.0.11, as well as versions from 2025.1.0 to 2025.1.7, contained security vulnerabilities. These vulnerabilities wer...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

WordPress plugin Boost 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

9.8CVSS6.1AI score0.00573EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

WordPress plugin Slider Revolution 信息泄露漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS5.8AI score0.00332EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

WordPress plugin Games Catalog 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.8AI score0.00163EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

MongoDB Compass 安全漏洞

MongoDB Compass is a free interactive tool provided by the American company MongoDB. It is used for querying, optimizing, and analyzing MongoDB data. There is a security vulnerability in MongoDB Compass, which stems from prototype pollution. This vulnerability may allow certain users to access...

5.3CVSS6AI score0.00411EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

wordpress plugin Gift Cards For WooCommerce Pro 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

10CVSS5.9AI score0.00282EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

NVIDIA TRT-LLM 安全漏洞

NVIDIA TRT-LM is a high-performance inference framework developed by NVIDIA Corporation for optimizing the inference acceleration and deployment of large language models. NVIDIA TRT-LM contains a security vulnerability, which stems from unchecked return values leading to null pointer dereferencin...

7.5CVSS5.8AI score0.00468EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

WordPress plugin PDF for Elementor Forms + Drag And Drop Template Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5CVSS5.8AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Taiko AG1000-01A SMS Alert Gateway 访问控制错误漏洞

The Taiko AG1000-01A SMS Alert Gateway is an industrial communication gateway device developed by Taiko Company in Singapore. Both the Rev 7.3 and Rev 8 versions of the Taiko AG1000-01A SMS Alert Gateway contain access control vulnerability issues. This vulnerability stems from an authentication...

9.8CVSS5.8AI score0.00481EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

WordPress plugin Amazon Scraper 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.00191EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Progress Software MOVEit 安全漏洞

Progress Software MOVEit is a secure hosted file transfer software developed by Progress Software Corporation in the United States. Versions of Progress Software MOVEit prior to 2025.0.11, as well as versions from 2025.1.0 to 2025.1.7, contained security vulnerabilities. These vulnerabilities wer...

7.5CVSS5.8AI score0.00364EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.16 views

HCL BigFix Service Management 安全漏洞

HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. HCL BigFix Service Management has a security vulnerability, which stems from configuration issues. Using outdated or insecure base images may introduce known vulnerabilitie...

9.8CVSS5.8AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

WordPress plugin BLOGCHAT Chat System 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.1CVSS5.8AI score0.00174EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin Advanced Database Cleaner – Premium 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS6AI score0.00755EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.16 views

Veritas Technologies Infoscale Operations Manager 跨站请求伪造漏洞

Veritas Technologies Infoscale Operations Manager is a software developed by Veritas Technologies in the United States, used for managing the entire InfoScale deployment. This software offers features such as multi-cluster management, custom interfaces, and centralized audit logging. Version 9.1....

8.8CVSS5.7AI score0.00198EPSS
Exploits0References1
Total number of security vulnerabilities195539