Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

Twig 安全漏洞

Twig is an open-source PHP template engine developed by Twig contributors. Versions 2.16.x and 3.9.0 to 3.25.x of Twig contain security vulnerabilities. These vulnerabilities stem from sandbox bypasses when using the SourcePolicyInterface, allowing attackers to circumvent sandbox restrictions and...

9.9CVSS6AI score0.00738EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

WordPress plugin Anomify AI 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.4CVSS5.8AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of Tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting vulnerability in the search.php file. It...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

WordPress plugin WpBookingly 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.5CVSS5.8AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin Remove Yellow BGBOX 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.00158EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin Correct Prices 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

6.1CVSS5.7AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

WordPress plugin SureCart SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.3CVSS5.9AI score0.00338EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

WordPress plugin Xpro Addons — 140+ Widgets for Elementor 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.3CVSS5.8AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.13 views

WordPress plugin Read More & Accordion SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.9CVSS5.9AI score0.00448EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 数据伪造问题漏洞

The Mesalvo Meona Client Launcher Component and the Mesalvo Meona Server Component are both products of the Mesalvo company. The Mesalvo Meona Client Launcher Component is a component designed for launching clients of medical information systems and facilitating application access. The Mesalvo...

4.4CVSS5.9AI score0.00089EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.15 views

WordPress plugin Decent Comments 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

5.8CVSS5.8AI score0.00271EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Movable Type 安全漏洞

Movable Type is a content management system developed by Movable Type Inc. There is a security vulnerability in Movable Type, which stems from a lack of authorization verification. This vulnerability may allow users without administrator privileges to log in and perform unexpected updates...

5.3CVSS5.8AI score0.00249EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

Ledger Bitcoin app 安全漏洞

The Ledger Bitcoin app is an open-source application developed by Ledger, which runs on the Ledger hardware wallet. There are security vulnerabilities in the 2.1.0 and 2.1.1 versions of the Ledger Bitcoin app. These vulnerabilities stem from improper handling of miniscripts containing the ‘a’...

4.1CVSS5.8AI score0.0014EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

Beyaz CityPLus 跨站脚本漏洞

Beyaz CityPLus is a comprehensive management information system developed by the Turkish company Beyaz. Versions of Beyaz CityPLus prior to V24.29750.1.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper input during the web page generation process, and coul...

7.6CVSS5.7AI score0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 访问控制错误漏洞

The Mesalvo Meona Client Launcher Component and the Mesalvo Meona Server Component are both products of the Mesalvo company. The Mesalvo Meona Client Launcher Component is a component designed for launching clients of medical information systems and facilitating application access. The Mesalvo...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

NVIDIA TRT-LLM 代码问题漏洞

NVIDIA TRT-LM is a high-performance inference framework developed by NVIDIA Corporation for optimizing the inference acceleration and deployment of large language models. NVIDIA TRT-LM has code-related vulnerabilities, which stem from insecure deserialization in the MPI server. These...

9.8CVSS5.9AI score0.00566EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin Logo Manager For Enamad 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPress...

6.4CVSS5.8AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Altium Enterprise Server 路径遍历漏洞

Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. Altium Enterprise Server has a path traversal vulnerability, which stems from improper handling of path file routing parameters. This vulnerability could allow authenticated use...

9.4CVSS5.8AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

Microsoft Defender 后置链接漏洞

Microsoft Defender is a threat protection software developed by the American company Microsoft. Microsoft Defender has a postback link vulnerability, which stems from improper link resolution before file access. This vulnerability could allow authorized attackers to gain local privileges...

7.8CVSS6AI score0.08371EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

CryptPad 跨站脚本漏洞

CryptPad is an open-source collaboration suite developed by CryptPad. Versions of CryptPad prior to 2026.2.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the HTML cleaner’s incomplete filtering of restricted tag attributes, allowing attackers to inject arbitrary...

6.1CVSS5.8AI score0.00242EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability originated from the patientJF.php file, where there was a reflective cross-site scripting...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin Creative Mail – Easier WordPress & WooCommerce Email Marketing SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.5CVSS5.9AI score0.00391EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

ZKTeco CCTV Cameras 安全漏洞

ZKTeco CCTV Cameras are a series of network video surveillance cameras designed for security monitoring scenarios by ZKTeco Technology Co., Ltd. ZKTeco CCTV cameras have security vulnerabilities; these vulnerabilities stem from an unrecorded configuration export port that can be accessed without...

9.1CVSS5.8AI score0.00507EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

WordPress plugin AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS5.8AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

WordPress plugin ProSolution WP Client 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

9.8CVSS6AI score0.00978EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

WordPress plugin Child Height Predictor by Ostheimer 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.00163EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Esri ArcGIS Server 授权问题漏洞

Esri ArcGIS Server is a web-based enterprise-level software platform provided by Esri that can deliver geographic services. Versions of Esri ArcGIS Server 12.0 and earlier had an authorization vulnerability. This vulnerability stemmed from improperly configured authentication for unrecorded...

5.3CVSS5.8AI score0.0036EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

Taiko AG1000-01A SMS Alert Gateway 跨站脚本漏洞

The Taiko AG1000-01A SMS Alert Gateway is an industrial communication gateway device developed by Taiko Company in Singapore. Both the Rev 7.3 and Rev 8 versions of the Taiko AG1000-01A SMS Alert Gateway contain cross-site scripting vulnerabilities. These vulnerabilities stem from stored-cross-si...

8.4CVSS5.8AI score0.00441EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Cisco ThousandEyes Virtual Appliance 注入漏洞

The Cisco ThousandEyes Virtual Appliance is a virtualization network monitoring device developed by Cisco Corporation. It provides network path monitoring and digital experience observability capabilities. The device has an injection vulnerability, which stems from insufficient user input...

4.7CVSS5.9AI score0.00438EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software is a data center-level operating system software used by switches from the American company Cisco. There are security vulnerabilities in Cisco NX-OS Software. These vulnerabilities stem from the incorrect parsing of BGP attributes, which may allow unauthenticated remote...

6.8CVSS5.8AI score0.00467EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

NVIDIA TRT-LLM 代码问题漏洞

NVIDIA TRT-LM is a high-performance inference framework developed by NVIDIA Corporation for optimizing the inference acceleration and deployment of large language models. NVIDIA TRT-LM has code-related vulnerabilities, which stem from insecure deserialization during RPC tests. These vulnerabiliti...

9.8CVSS5.9AI score0.00594EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.13 views

WordPress plugin SponsorMe 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.1CVSS5.6AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

HCL BigFix Service Management 安全漏洞

HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. There is a security vulnerability in HCL BigFix Service Management. This vulnerability stems from incorrect security configurations. The absence or insecure use of the...

6.5CVSS5.8AI score0.00157EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

WordPress plugin Bigfishgames Syndicate 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.8AI score0.00158EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.15 views

Kieback & Peter多款产品 跨站脚本漏洞

The Kieback & Peter DDC Building Controllers are a series of DDC controllers developed by the German company Kieback & Peter, aimed at building automation and building equipment control. Several products from Kieback & Peter have cross-site scripting vulnerabilities. These vulnerabilities stem fr...

5.3CVSS5.8AI score0.00271EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

NVIDIA DGX OS 安全漏洞

NVIDIA DGX OS is a Linux operating system and cluster management environment for the DGX AI server platform developed by NVIDIA Corporation in the United States. NVIDIA DGX OS contains security vulnerabilities. These vulnerabilities arise from cloning base images during factory configuration...

8.1CVSS5.9AI score0.00586EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

WordPress plugin General Options 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

4.4CVSS5.8AI score0.0023EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

TONNET E-LAN Hybrid Recording System SQL注入漏洞

TONNET E-LAN Hybrid Recording System is a hybrid voice recording management system designed for communication and call center scenarios by Tonnet International TONNET Company, Taiwan, China. The TONNET E-LAN Hybrid Recording System has a SQL injection vulnerability, which can allow unauthorized...

8.7CVSS5.9AI score0.00539EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

WordPress plugin Account Switcher 授权问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS5.8AI score0.00385EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Dell SmartFabric Storage Software 命令注入漏洞

Dell SmartFabric Storage Software is an independent storage software solution provided by the American company Dell. Versions of Dell SmartFabric Storage Software prior to 1.4.5 contained a command injection vulnerability. This vulnerability stemmed from improper handling of special elements with...

6.7CVSS5.8AI score0.00451EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

Cisco Secure Workload 访问控制错误漏洞

Cisco Secure Workload is a software product developed by Cisco Corporation in the United States. It allows users to install software agents on their application workloads. There is an access control vulnerability in Cisco Secure Workload, which stems from insufficient access validation in the...

10CVSS6AI score0.00835EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.18 views

WordPress plugin NextGEN Gallery SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

9.3CVSS5.9AI score0.00287EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin AI Chatbot & Workflow Automation by AIWU 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.8AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

Veritas InfoScale VIOM SQL注入漏洞

Veritas InfoScale VIOM is an infrastructure monitoring and operations management platform for virtualized environments developed by Veritas Corporation in the United States. Versions of Veritas InfoScale VIOM prior to 9.1.3 contained a SQL injection vulnerability. This vulnerability stems from SQ...

6.5CVSS5.9AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin Read More & Accordion 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.8CVSS5.9AI score0.00357EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Altium Enterprise Server 路径遍历漏洞

Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. Altium Enterprise Server has a path traversal vulnerability. This vulnerability stems from the lack of filename cleaning in the Gerber file upload API. As a result, authenticate...

9.4CVSS5.9AI score0.00563EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

MediaInfoLib 安全漏洞

MediaInfoLib is a tool developed by MediaArea for displaying technical information and tag data related to audio and video files. MediaInfoLib has a security vulnerability, which stems from a heap buffer overflow caused by Channel Splitting...

7.8CVSS6AI score0.002EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

WordPress plugin Visualizer 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

NVIDIA TRT-LLM 代码问题漏洞

NVIDIA TRT-LM is a high-performance inference framework developed by NVIDIA Corporation for optimizing the inference acceleration and deployment of large language models. NVIDIA TRT-LM has code-related vulnerabilities, including deserialization vulnerabilities and insecure serialization handles,...

9.8CVSS5.9AI score0.00379EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

NVIDIA Triton Inference Server 输入验证错误漏洞

NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI in production environments. NVIDIA Triton Inference Server has a vulnerability related to input validation, originating from integer...

9.8CVSS5.9AI score0.00719EPSS
Exploits0References1
Total number of security vulnerabilities195539