Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/19 12:0 a.m.9 views

AutoGPT 代码注入漏洞

AutoGPT is an open-source tool developed by AutoGPT. It aims to make AI accessible and usable for everyone. In versions 0.6.34 to 0.6.51 of AutoGPT, there was a code injection vulnerability. This vulnerability stemmed from the use of pickle.loads to deserialize Redis cache data without proper...

7.6CVSS6AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

Drupal Date iCal 安全漏洞

Drupal Date iCal is a Drupal calendar export module developed by the Drupal company. Versions of Drupal Date iCal prior to 4.0.15 contained security vulnerabilities, which were due to lack of authorization and could lead to forced browsing...

9.8CVSS5.8AI score0.00369EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Drupal Translate Drupal with GTranslate 安全漏洞

Drupal Translate Drupal with GTranslate is a Drupal content access control module developed by the Drupal company. Versions of Drupal Translate Drupal with GTranslate prior to version 3.0.5 contained security vulnerabilities; these vulnerabilities stemmed from modifications to assumed immutable...

2.7CVSS5.8AI score0.00236EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Drupal core 跨站脚本漏洞

Drupal Core is a free, open-source content management system developed in PHP by the Drupal community. Versions of Drupal Core prior to 11.3.0 and 11.3.7 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper input validation during web page generation, which cou...

6.1CVSS5.6AI score0.00201EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Mantis Bug Tracker 访问控制错误漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier contained a access control vulnerability. This vulnerability stemmed from insufficient access control checks in the ProjectUsersAddCommand, allowing users...

5.1CVSS5.8AI score0.00427EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

SAMSUNG Escargot 安全漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from a heap buffer overflow, which may lead to buffer...

7.8CVSS6AI score0.00286EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

SAMSUNG Escargot 安全漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from uncontrolled recursion, which may lead to excessive...

5.5CVSS5.8AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

SAMSUNG Escargot 代码问题漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a code vulnerability that stems from improper exception or special case handling, which may lea...

5.5CVSS5.9AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Escargot 缓冲区错误漏洞

Escargot is a lightweight JavaScript engine developed by Samsung for use in resource-constrained embedded devices. Escargot has a buffer overflow vulnerability, which stems from out-of-buffer writes, potentially leading to buffer overflows...

7.8CVSS6.1AI score0.00287EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.9 views

Sparx Systems Sparx Pro Cloud Server 安全漏洞

Sparx Systems' Sparx Pro Cloud Server is a modeling and service platform developed by the Australian company Sparx Systems. It supports remote access to model repositories and collaborative management. Versions of Sparx Pro Cloud Server prior to version 6.1 contained security vulnerabilities. The...

8.8CVSS6.1AI score0.00598EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Pharmacy Manegement System 安全漏洞

Pharmacy Manegement System is a drug sales and inventory management tool developed by Lalana Chamika individually. Version 5c3d028 of Pharmacy Manegement System has a security vulnerability. This vulnerability stems from the lack of an authentication middleware on the API endpoints. It allows...

9.1CVSS5.8AI score0.00545EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Qt 代码问题漏洞

Qt is an open-source, cross-platform application development framework. Qt has code vulnerabilities, which stem from an issue with uncontrolled search path elements in the backend of OpenSSL TLS. This vulnerability allows local attackers to load malicious CA certificates as trusted system...

1.8CVSS5.8AI score0.0009EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.9 views

Nozomi Networks CMC和Nozomi Networks Guardian 跨站脚本漏洞

Nozomi Networks CMC and Nozomi Networks Guardian are both products of Nozomi Networks, a company based in the United States. Nozomi Networks CMC is a network management platform. Nozomi Networks Guardian is a security software. Both Nozomi Networks CMC and Nozomi Networks Guardian have cross-site...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.8 views

Tyler Identity Local 安全漏洞

Tyler Identity Local is a government and public sector identity authentication and local identity management system developed by the American company Tyler. Tyler Identity Local has a security vulnerability, which stems from the use of documented default management credentials. Users do not need ...

9.8CVSS5.8AI score0.00477EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.9 views

WordPress plugin Fortis for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.5CVSS5.8AI score0.00404EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Panabit PAP-XM320 路径遍历漏洞

Panabit PAP-XM320 is an enterprise-level network traffic management and bandwidth control gateway device developed by Panabit Corporation. Versions of Panabit PAP-XM320 prior to v7.7 contain a path traversal vulnerability. This vulnerability stems from the use of a file system existence check bas...

9.8CVSS5.8AI score0.01268EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Technitium DNS Server 安全漏洞

Technitium DNS Server is an open-source authoritative and recursive DNS server developed by the Technitium team. It can be used as a self-hosted DNS server to protect privacy and security. Versions of Technitium DNS Server prior to version 15.0 contained security vulnerabilities. These...

6.9CVSS5.8AI score0.00389EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak itself. Keycloak has a security vulnerability, which stems from low-privilege administrators with the view-clients role being able to exploit the evaluate-scopes management API endpoint by passing arbitrary...

4.9CVSS5.9AI score0.00398EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

8.8CVSS5.8AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.8 views

Mozilla Firefox多款产品 输入验证错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Mozilla多款产品 输入验证错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

7.5CVSS5.9AI score0.00583EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.7 views

Mozilla多款产品 输入验证错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

9.6CVSS5.8AI score0.00417EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

7.5CVSS5.8AI score0.00413EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.9 views

Mozilla多款产品 缓冲区错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

7.5CVSS5.9AI score0.0056EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

WordPress plugin Funnel Builder for WooCommerce Checkout 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

8.7CVSS6AI score0.00457EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

TYPO3 Extension Faceted Search 路径遍历漏洞

TYPO3 Extension Faceted Search is an open-source extension for TYPO3 that enables faceted search. TYPO3 Extension Faceted Search has a path traversal vulnerability. This vulnerability stems from the fact that the file indexer does not normalize the configured directory paths. As a result, backend...

5.9CVSS5.8AI score0.00404EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

9.6CVSS5.8AI score0.00532EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Mozilla Thunderbird 缓冲区错误漏洞

Mozilla Thunderbird is an email client software developed by the Mozilla Foundation in the United States, and it is a separate product from the Mozilla Application Suite. This software supports IMAP and POP email protocols, as well as HTML email formats. Versions 140.10 and 150 of Mozilla...

8.8CVSS6.3AI score0.00332EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Ledger多款产品 安全漏洞

The Ledger Nano X, among others, are products of the French company Ledger. The Ledger Nano X is a hardware wallet for cryptocurrency assets. The Ledger Flex is a touch-screen hardware wallet for cryptocurrency assets. The Ledger Stax is a curved electronic ink-screen hardware wallet for...

5.1CVSS5.9AI score0.0021EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Sparx Systems Sparx Pro Cloud Server 竞争条件问题漏洞

Sparx Pro Cloud Server is a modeling and service platform developed by Sparx Systems in Australia. It supports remote access to model repositories and collaborative management. Versions of Sparx Pro Cloud Server prior to version 6.1 contained a race condition vulnerability. This vulnerability...

7.7CVSS5.9AI score0.00724EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

OpenHarmony 安全漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony 6.0 and earlier contain security vulnerabilities, and attackers can exploit these vulnerabilities to cause information leaks...

5.5CVSS5.8AI score0.00103EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

7.5CVSS5.8AI score0.00332EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

InnoShop 安全漏洞

InnoShop is an open-source e-commerce system based on Laravel 11, developed by InnoShop. Version 0.6.0 of InnoShop has a security vulnerability. This vulnerability stems from improper authorization; attackers can log in to the frontend and directly access the backend application interfaces, leadi...

7.3CVSS5.8AI score0.00248EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

SAMSUNG Escargot 安全漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from excessively large memory allocation values, which may...

5.5CVSS5.8AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.179 contained a resource management vulnerability. This vulnerability stemmed from the reuse of DOM elements after their release, which could allow remote attackers to execute arbitrary code with...

8.8CVSS6.2AI score0.00396EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Sparx Enterprise Architect 安全漏洞

Sparx Enterprise Architect is a modeling and design tool developed by the Australian company Sparx. Versions of Sparx Enterprise Architect prior to 17.1 contained security vulnerabilities. These vulnerabilities stemmed from security features that restricted user actions. Authorized attackers coul...

8.7CVSS5.9AI score0.00401EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.17 views

TYPO3 Extension Content Element Selector 代码问题漏洞

TYPO3 Extension Content Element Selector is an open-source extension for TYPO3 that allows users to select content elements. This extension has a code vulnerability that stems from the extension directly passing cookies controlled by the attacker to the PHP’s unserialize function without proper...

9.2CVSS6.1AI score0.02306EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

8.1CVSS5.8AI score0.00372EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

8.8CVSS5.8AI score0.00373EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

WordPress plugin Contest Gallery SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.5CVSS5.9AI score0.00391EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

Scalar 安全漏洞

Scalar is an interactive API documentation and testing tool developed by Scalar OpenSource. Version 0.1.13 of Scalar contains a security vulnerability. This vulnerability stems from the scalarurl query parameter on the Scalar Proxy endpoint, which involves server-side request forgeing. This could...

9.8CVSS5.8AI score0.00471EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

Sparx Systems Sparx Pro Cloud Server 安全漏洞

Sparx Pro Cloud Server is a modeling and service platform developed by Sparx Systems in Australia. It supports remote access to model repositories and collaborative management. Versions of Sparx Pro Cloud Server prior to version 6.1 contained security vulnerabilities. These vulnerabilities stemme...

7.5CVSS5.9AI score0.00682EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Microsoft Defender 安全漏洞

Microsoft Defender is a threat protection software developed by the American company Microsoft. There is a security vulnerability in Microsoft Defender, which stems from a heap buffer overflow. Unauthorized attackers may execute code through the network as a result of this vulnerability...

8.1CVSS6.2AI score0.00852EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 148.0.7778.179, there was a resource management vulnerability that stemmed from the reuse of GPU resources after they were released. This vulnerability could allow remote attackers to execute arbitrary code within a...

8.8CVSS6.2AI score0.00396EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

8.1CVSS5.8AI score0.0029EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

OpenHarmony 输入验证错误漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony 6.0 and earlier contained a vulnerability related to input validation. Attackers could exploit this vulnerability to cause denial-of-service attacks...

3.3CVSS5.8AI score0.00117EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability, which stems from a session fixation issue in the login endpoint. This vulnerability could allow unauthenticated attackers to intercept the authentication process,...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

TP-Link Archer AX72 安全漏洞

The TP-Link Archer AX72 is a Wi-Fi 6 wireless router produced by TP-Link Corporation. The TP-Link Archer AX72 SG v1 version has a security vulnerability. This vulnerability arises from the improper handling of invalid user inputs by the network diagnostic function, which may lead to limited...

4.6CVSS5.8AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Portrait Displays Dell Color Management 后置链接漏洞

Portrait Displays Dell Color Management is a color management software developed by Portrait Displays Corporation in the United States. Versions of Portrait Displays Dell Color Management prior to version 3.7.0 contained a backlink vulnerability. This vulnerability stemmed from the improper...

5.3CVSS5.8AI score0.00144EPSS
Exploits0References1
Total number of security vulnerabilities195539