Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

WordPress plugin Visualizer 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

NVIDIA TRT-LLM 代码问题漏洞

NVIDIA TRT-LM is a high-performance inference framework developed by NVIDIA Corporation for optimizing the inference acceleration and deployment of large language models. NVIDIA TRT-LM has code-related vulnerabilities, including deserialization vulnerabilities and insecure serialization handles,...

9.8CVSS5.9AI score0.00379EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

NVIDIA Triton Inference Server 输入验证错误漏洞

NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI in production environments. NVIDIA Triton Inference Server has a vulnerability related to input validation, originating from integer...

9.8CVSS5.9AI score0.00719EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

PhoenixStorybook 安全漏洞

PhoenixStorybook is an open-source component display and interaction debugging UI tool developed by Phenix Digital. Versions of PhoenixStorybook from 0.2.0 to 1.1.0 contained security vulnerabilities. These vulnerabilities stemmed from the unauthorized conversion of user-provided string parameter...

8.2CVSS5.8AI score0.00537EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

Veritas InfoScale VIOM 跨站脚本漏洞

Veritas InfoScale VIOM is an infrastructure monitoring and operations management platform for virtualization environments developed by Veritas Corporation in the United States. Version 9.1.3 of Veritas InfoScale VIOM contains a cross-site scripting vulnerability, which stems from cross-site...

5.4CVSS5.6AI score0.00208EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. ISC BIND 9 has a security vulnerability that stems from an unlimited recursive loop within the resolver’s state machine. This vulnerability could allow remote unauthenticated attackers to cause severe resource...

5.3CVSS5.8AI score0.00551EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

ISC BIND 9 竞争条件问题漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. ISC BIND 9 has a race condition vulnerability, which stems from race conditions that lead to reusing resources after release, potentially causing undefined behaviors. The following versions are affected: 9.20.0 to...

7.5CVSS5.8AI score0.01387EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync prior to 3.4.3 contained security vulnerabilities. These vulnerabilities stemmed from a stack write issue in the establishproxyconnection function. Network...

3.7CVSS5.8AI score0.00337EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

Rsync 缓冲区错误漏洞

Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync 3.4.2 and earlier have a buffer error vulnerability. This vulnerability stems from an array out-of-bounds read in the recvfiles function in receiver.c. A...

6.9CVSS6AI score0.00503EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

Mantis Bug Tracker(MantisBT) 访问控制错误漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker prior to 2.28.1 contained an access control vulnerability. This vulnerability stemmed from allowing authenticated users to upload attachments to private issues that they did n...

4.3CVSS5.8AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

perl-Crypt-SaltedHash 安全特征问题漏洞

perl-Crypt-SaltedHash is a Perl password hashing tool developed by Robert Rothenberg. Versions of perl-Crypt-SaltedHash prior to 0.09 contained security vulnerabilities. These vulnerabilities stemmed from the use of the built-in rand function to generate insecure random salt values. This function...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Plane 安全漏洞

Plane is an open-source, self-hosted project planning tool developed by Plane OpenSource. Versions of Plane 1.3.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from SavedAnalyticEndpoint directly passing user-controlled segment parameters into Django F expressions...

6.5CVSS5.8AI score0.00295EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.13 views

Nimiq 代码问题漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq 1.3.0 and earlier have code vulnerabilities. These vulnerabilities stem from the network discovery process, which accepts signature updates from untrusted peer nodes. When PeerContact contains an empty...

4.3CVSS5.9AI score0.00302EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

perl-Crypt-SaltedHash 安全漏洞

perl-Crypt-SaltedHash is a Perl password hashing tool developed by Robert Rothenberg. Versions of perl-Crypt-SaltedHash prior to 0.09 contained security vulnerabilities. These vulnerabilities stemmed from the use of the built-in Perl eq comparison function; timing differences could be exploited t...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions for analyzing threats to network security and malware analysis. Prior to MISP 2.5.38, there were security...

8.3CVSS5.8AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting vulnerability in the single.php file. It...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting vulnerability in singleunit.php, which...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

PhoenixStorybook 代码注入漏洞

PhoenixStorybook is an open-source component display and interaction debugging UI tool developed by Phenix Digital. Versions of PhoenixStorybook from 0.5.0 to 1.1.0 had a code injection vulnerability. This vulnerability stemmed from uncleaned attribute value interpolation, which led to code...

9.5CVSS6AI score0.00907EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of Tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting flaw in the opena.php file. It could allo...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Trilium Notes 访问控制错误漏洞

Trilium Notes is a hierarchical note application developed by Zadam’s individual developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained an access control vulnerability. This vulnerability stemmed from the Clipper API completely...

8.6CVSS5.8AI score0.00391EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. ISC BIND 9 has a security vulnerability that stems from the parser’s susceptibility to resource exhaustion attacks. If a victim’s parser sends queries to a specially crafted zone, the parser will consume disproportiona...

5.3CVSS5.8AI score0.00406EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

Memcached 安全漏洞

Memcached is a high-performance distributed memory object caching system developed by the Memcached community in the United States. Versions of Memcached prior to 1.6.42 contained a security vulnerability. This vulnerability stemmed from the sequential side channel in the password data used durin...

8.1CVSS5.8AI score0.0055EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Rsync 后置链接漏洞

Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync 3.4.2 and earlier have a post-release vulnerability due to a symbolic link race condition in the path system call. Local attackers can redirect operations to...

7.2CVSS5.8AI score0.00136EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

Trilium Notes 路径遍历漏洞

Trilium Notes is a hierarchical note application developed by Zadam’s individual developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained a path traversal vulnerability. This vulnerability originated from local files and could allow...

6.8CVSS5.9AI score0.00621EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Mantis Bug Tracker 信息泄露漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker prior to 2.28.1 contained a vulnerability related to information leakage. This vulnerability stemmed from allowing incorrect annotators to access the revised pages of...

5.3CVSS5.8AI score0.00372EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

MISP 资源管理错误漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions such as analyzing threats to network security and malware analysis. MISP has a resource management...

7.5CVSS5.8AI score0.00365EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

RabbitMQ AWS infrastructure Plugin 安全漏洞

The RabbitMQ AWS Infrastructure Plugin is an open-source project by amazon-mq, designed for integrating RabbitMQ with AWS infrastructure. Versions of the RabbitMQ AWS Infrastructure Plugin prior to version 0.2.1 contained security vulnerabilities. These vulnerabilities stemmed from debugging code...

8.3CVSS6.1AI score0.00344EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

MISP 授权问题漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes features for analyzing threats to network security and malware analysis. MISP has an authorization vulnerability;...

6CVSS5.8AI score0.00182EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin JaviBola Custom Theme Test 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.8AI score0.00179EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

WordPress plugin TypeSquare Webfonts for ConoHa 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.3CVSS5.7AI score0.00294EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

389 Directory Server 安全漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server, where the getldapmessagecontrolsext function does not set an upper limit on the number of controls in LDAP...

7.5CVSS5.8AI score0.00815EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

ISC BIND 9 输入验证错误漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. ISC BIND 9 has a vulnerability related to input validation errors. This vulnerability stems from defects in handling non-Internet-related DNS messages, which may lead to assertion failures. The following versions are...

7.5CVSS5.8AI score0.0181EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

NVIDIA Triton Inference Server 路径遍历漏洞

NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI in production environments. NVIDIA Triton Inference Server has a path traversal vulnerability, which stems from path traversal issues and...

7.5CVSS5.8AI score0.0065EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.15 views

Yii 输入验证错误漏洞

Yii is a high-performance PHP framework developed by the YII team. It is designed for developing large-scale web applications using components. Yii 2 versions 2.0.54 and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from a logical flaw in the cor...

7.4CVSS6.4AI score0.00442EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

PhoenixStorybook 安全漏洞

PhoenixStorybook is an open-source component display and interaction debugging UI tool developed by Phenix Digital. Versions of PhoenixStorybook from 0.4.0 to 1.1.0 contained security vulnerabilities. These vulnerabilities stemmed from bypassing authorization using user-controlled keys. Attackers...

2.3CVSS5.8AI score0.00449EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

haveged 安全漏洞

Haveged is a random number generation tool developed by Jirka-H. Haveged has a security vulnerability; this vulnerability stems from the sockethandler function not stopping its execution when it detects that the connection user is not a root user. This allows any local non-privileged user to...

7.8CVSS6AI score0.00185EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync prior to 3.4.3 contained security vulnerabilities. These vulnerabilities stemmed from race conditions in the handling of daemon process files, where checks on...

7.3CVSS5.9AI score0.00152EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

NVIDIA Triton Inference Server 资源管理错误漏洞

NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI capabilities in production environments. NVIDIA Triton Inference Server has a resource management vulnerability that stems from uncontroll...

7.5CVSS5.8AI score0.00411EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.19 views

WordPress plugin All in One SEO 信息泄露漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.8AI score0.00285EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.13 views

NVIDIA BioNeMo Core 安全漏洞

NVIDIA BioNeMo Core is a deep learning framework component developed by NVIDIA Corporation for biomedical and protein AI model development. There is a security vulnerability in NVIDIA BioNeMo Core, which stems from the loading of malicious files leading to path traversal. This vulnerability may...

8.8CVSS5.8AI score0.00764EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

Drupal core SQL注入漏洞

Drupal Core is a free, open-source content management system developed in PHP by the Drupal community. Versions of Drupal Core from 8.9.0 to 10.4.10, from 10.5.0 to 10.5.10, from 10.6.0 to 10.6.9, from 11.0.0 to 11.1.10, from 11.2.0 to 11.2.12, and from 11.3.0 to 11.3.10 have SQL injection...

9.8CVSS6.1AI score0.84631EPSS
Exploits14References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

XWiki Platform 安全漏洞

The XWiki Platform is an open-source wiki platform designed for creating web collaboration applications. Vulnerabilities exist in versions of the XWiki Platform prior to 18.1.0-rc-1, as well as versions before 17.10.3, 17.4.9, and 16.10.17. These vulnerabilities stem from improper handling of the...

9.3CVSS5.8AI score0.19538EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 代码注入漏洞

The Mesalvo Meona Client Launcher Component and the Mesalvo Meona Server Component are both products of the Mesalvo company. The Mesalvo Meona Client Launcher Component is a component designed for launching clients of medical information systems and facilitating application access. The Mesalvo...

9CVSS5.9AI score0.00387EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

ISC BIND 9 资源管理错误漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. ISC BIND 9 has a resource management vulnerability, which stems from the reuse of resources after release in the DNS-over-HTTPS implementation. The following versions are affected: 9.20.0 to 9.20.22, 9.21.0 to 9.21.21,...

9.8CVSS5.8AI score0.01844EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.13 views

HCL DominoIQ 安全漏洞

HCL DominoIQ is an intelligent business platform developed by HCL Company in India, which integrates artificial intelligence capabilities with enterprise collaboration functions. HCL DominoIQ has a security vulnerability, caused by ineffective access control, which may allow authentication...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

Trilium Notes 安全漏洞

Trilium Notes is a hierarchical note application developed by Zadam, a personal developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained security vulnerabilities. These vulnerabilities stemmed from Electron configurations that could be...

5.5CVSS5.9AI score0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

WordPress plugin BLOGCHAT Chat System 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.1CVSS5.8AI score0.00174EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. There are security vulnerabilities in the version of NLnet Labs Unbound from 1.14.0 to 1.25.0. These vulnerabilities stem from the truncation of size calculations when encoding multiple NSIDs and/or DNS Cookies, as...

8.7CVSS5.9AI score0.00842EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the DNSSEC verifier failing to account for NSEC3 hash calculation restrictions when querying D...

6.9CVSS5.8AI score0.00339EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from issues with timestamp updates in the jostle logic, which could prevent slow queries from being...

6.9CVSS5.8AI score0.00519EPSS
Exploits0References2
Total number of security vulnerabilities195539