Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

TYPO3 CMS 代码问题漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source framework. Code vulnerabilities existed in versions prior to TYPO3 CMS 10.4.57, as well as in versions 11.0.0 to 11.5.51, 12.0.0 to 12.4.46, 13.0.0 to 13.4.31, and 14.0.0 to 14.3.3. These vulnerabilities stemmed from...

6.3CVSS6.4AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Microsoft Windows UI Automation Manager (uiamanager.dll) 竞争条件问题漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability related to the Microsoft Windows UI Automation Manager uiamanager.dll. Attackers can exploit this vulnerability to gain higher privileges. The following products and...

7CVSS5.9AI score0.00186EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Office Sharepoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by the American company Microsoft. Microsoft Office SharePoint has a cross-site scripting vulnerability, which stems from improper input during the web page generation process. This...

5.4CVSS6.9AI score0.00505EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Office Sharepoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by the American company Microsoft. Microsoft Office SharePoint has a cross-site scripting vulnerability, which stems from improper input during the web page generation process. This...

5.4CVSS6.9AI score0.0051EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

NETGEAR Routers 代码注入漏洞

NETGEAR Routers are a series of routers produced by NETGEAR, a company in the United States. NETGEAR Routers have a code injection vulnerability, which stems from insufficient input validation in the rbe970 model. This vulnerability could allow administrators who are connected to the local networ...

6.8CVSS5.4AI score0.00168EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Microsoft Windows Storage 权限许可和访问控制问题漏洞

Microsoft Windows Storage is a data storage solution provided by the American company Microsoft. There are code-related vulnerabilities in Microsoft Windows Storage. Attackers can exploit these vulnerabilities to gain elevated privileges. The following products and versions are affected: Windows ...

7CVSS5.8AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Tenda PW201A 安全漏洞

The Tenda PW201A is a power line network adapter produced by the Chinese company Tenda. Version 1.0.5 of the Tenda PW201A contains a security vulnerability. This vulnerability stems from a buffer overflow in the page parameter of the SafeMacFilter function, which could allow attackers to cause...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Adobe Campaign Classic 安全漏洞

Adobe Campaign Classic is a enterprise-level marketing automation and campaign management platform developed by Adobe Inc. Adobe Campaign Classic 7.4.3 build 9394 and earlier versions have a security vulnerability that stems from improper authorization, which may allow for the execution of...

10CVSS5.9AI score0.00553EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Azure Attestation service and Device Health Attestation Service 输入验证错误漏洞

Microsoft Azure is an open enterprise-level cloud computing platform provided by Microsoft Corporation in the United States. The Microsoft Azure Attestation service and Device Health Attestation Service have vulnerabilities related to input validation. Attackers can exploit these vulnerabilities ...

3.9CVSS5.8AI score0.00319EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS6.1AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

openssl 异常处理不当漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team, capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure hash...

5.9CVSS5.8AI score0.00595EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Windows NTFS 缓冲区错误漏洞

Microsoft Windows NTFS is a file system provided by the American company Microsoft for managing computer files. This file system features error alerts, disk self-repair functions, and logging capabilities. There is an input validation vulnerability in Microsoft Windows NTFS. Attackers can exploit...

7.8CVSS6AI score0.00411EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability. This...

7.8CVSS7.8AI score0.00257EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Dell Inventory Collector Client 安全漏洞

Dell Inventory Collector Client is a terminal asset inventory tool developed by the American company Dell. Versions of Dell Inventory Collector Client prior to version 13.8.0 contained security vulnerabilities. These vulnerabilities were caused by improper link resolution before file access, whic...

6.3CVSS5.5AI score0.00085EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

Microsoft HTTP.sys 资源管理错误漏洞

Microsoft HTTP.SYS is an HTTP application protocol developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft HTTP.SYS. Attackers can exploit this vulnerability to cause a denial-of-service attack on the system. The following products and versions are affected:...

7.5CVSS5.9AI score0.48438EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Pure Storage FlashArray Purity 安全漏洞

Pure Storage FlashArray Purity is a driver from the American company Pure Storage. It provides comprehensive data services. There is a security vulnerability in Pure Storage FlashArray Purity, which stems from improper permission allocation in the management interface. This vulnerability may allo...

8.6CVSS5.3AI score0.00279EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

SQLite 安全漏洞

SQLite is a lightweight database developed under the open-source SQLite project. It is an ACID-compliant relational database management system. There was a security vulnerability in versions of SQLite prior to 3.53.2. This vulnerability stemmed from a heap buffer overflow issue in the FTS5...

8.5CVSS6.2AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

WordPress plugin FastPicker 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.3AI score0.00124EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Remote Desktop Client 安全漏洞

Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There are security vulnerabilities present in Microsoft Remote Desktop Client. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected: Windows 10...

7.5CVSS5.6AI score0.00461EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Waves Central 安全漏洞

Waves Central is an audio software license and product management tool provided by the Waves company. There are security vulnerabilities in the version of Waves Central for macOS from 13.0.9 to 16.5.5. These vulnerabilities stem from the Privilege Assistant service using process identifiers to...

8.1CVSS5.9AI score0.00323EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

WordPress plugin Insert PHP 代码注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

9.8CVSS6AI score0.00559EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from the...

8.1CVSS5.4AI score0.00298EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Exchange Server 服务端请求伪造漏洞

Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...

5CVSS5.8AI score0.00464EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Ivanti EPMM 操作系统命令注入漏洞

Ivanti EPMM is a product developed by the American company Ivanti. It enables IT departments to create policies for mobile devices, applications, and content. Versions of Ivanti EPMM prior to 12.9.0.1, 12.8.0.3, and 12.7.0.2 contained a vulnerability related to operating system command injection...

7.2CVSS5.9AI score0.01634EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Microsoft Azure Stack Edge 输入验证错误漏洞

Microsoft Azure Stack Edge is a Azure-hosted device by Microsoft that integrates Azure computing, storage, and intelligent features at the edge. There are security vulnerabilities present in Microsoft Azure Stack Edge. Attackers can exploit these vulnerabilities to execute code remotely...

9.8CVSS5.9AI score0.00753EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Microsoft Office Word 缓冲区错误漏洞

Microsoft Office Word is a word processing software developed by Microsoft and open sourced in the United States. There is a buffer error vulnerability in Microsoft Office Word. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected:...

7.8CVSS5.9AI score0.00372EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Hyper-V 信息泄露漏洞

Microsoft Hyper-V is an application developed by Microsoft Corporation in the United States. It is a system management program that enables desktop virtualization. Microsoft Hyper-V has a vulnerability related to information leakage. Attackers can exploit this vulnerability to obtain sensitive...

5.5CVSS5.3AI score0.00459EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

Apache Answer 代码问题漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier had code vulnerabilities. These vulnerabilities stemmed from insufficient restrictions on the upload of dangerous types of files. Custom TIFF images might trigger...

6.5CVSS5.4AI score0.00479EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows Mark of the Web (MOTW) 处理逻辑错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows Mark of the Web MOTW. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are...

5.4CVSS5.8AI score0.00423EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows Application Identity (AppID) Subsystem 日志信息泄露漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has information leakage vulnerabilities. Attackers can exploit these vulnerabilities to obtain sensitive information. The following products and versions are affected: Windows...

5.5CVSS6AI score0.00404EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Apptha Mac Photo Gallery 路径遍历漏洞

Apptha Mac Photo Gallery is a PHP-based website image display system developed by Apptha Corporation. Version 3.0 of Apptha Mac Photo Gallery has a path traversal vulnerability. This vulnerability stems from improper handling of the albid parameter, allowing unauthenticated attackers to download...

8.7CVSS5.5AI score0.00641EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the uninitialized spitransfer structure in the mprls0025pa pressure sensor driver. This could lea...

8.4CVSS5.3AI score0.00132EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability that ste...

7.8CVSS7.6AI score0.00285EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Netcad E-İmar SQL注入漏洞

Netcad E-İmar is a GIS-based urban planning information query platform developed by the Turkish company Netcad. Versions of Netcad E-İmar from 2.10.1.0 to 3.0.2 contained a SQL injection vulnerability. This vulnerability stemmed from improper handling of special elements within SQL commands, whic...

9.8CVSS5.7AI score0.00275EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Spring Framework 环境问题漏洞

The Spring Framework is an application development framework developed by Spring in open source. Versions of the Spring Framework such as 7.0.0 and earlier, 6.2.0 and earlier, 6.1.0 and earlier, and 5.3.0 and earlier have environmental vulnerabilities. These vulnerabilities stem from the fact tha...

5.3CVSS5.4AI score0.00186EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Svelte 跨站脚本漏洞

Svelte is an open-source approach to building web applications. Versions of Svelte prior to 5.55.7 contained a cross-site scripting vulnerability. This vulnerability stemmed from DOM pollution of internal framework states, which could lead to cross-site scripting attacks...

8.1CVSS4.9AI score0.00319EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Tenda W20E 安全漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a security vulnerability. This vulnerability stems from a buffer overflow in the wewifiWhiteUserInfo parameter within the formAddWewifiWhiteUser function. It may allow attackers to...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

WordPress plugin Car Park Booking Plugin 13 October SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

VMware Spring Framework 安全漏洞

VMware Spring Framework is an open-source Java and JavaEE application framework developed by VMware, Inc. This framework helps developers build high-quality applications. Versions of the VMware Spring Framework prior to 7.0.0, 6.2.0, 6.1.0, and 5.3.0 contain security vulnerabilities. These...

7.5CVSS5.3AI score0.0036EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Windows UEFI 处理逻辑错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows UEFI. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected: Windows 11...

7.8CVSS5.8AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Siemens SIMATIC WinCC Unified PC Runtime 安全漏洞

Siemens SIMATIC WinCC Unified PC Runtime is an industrial automation and SCADA system interface and monitoring platform developed by Siemens, a German company. Versions of Siemens SIMATIC WinCC Unified PC Runtime such as V16, V17, V18, V19, V20, and V21 Update 2 contain security vulnerabilities...

8.2CVSS5.4AI score0.00057EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

WordPress plugin Events Calendar for GeoDirectory 安全漏洞

WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the functionality of WordPress. There is a security vulnerability in the Events Calendar...

8.8CVSS5.9AI score0.00275EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows Push Notifications 信息泄露漏洞

Microsoft Windows Push Notifications is a push notification service provided by Microsoft Corporation. It provides a reliable way to deliver new updates. However, Microsoft Windows Push Notifications has information leakage vulnerabilities. The following products and versions are affected: Window...

5.5CVSS5.3AI score0.00459EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

Microsoft Exchange Server 服务端请求伪造漏洞

Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...

8.8CVSS5.8AI score0.00465EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

WordPress plugin User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.4AI score0.00153EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Logseq 安全漏洞

Logseq is an open-source knowledge management and collaboration platform developed by Logseq. Version Logseq v0.10.15 contains a security vulnerability. This vulnerability stems from the Electron preloaded scripts, which expose an API method. This allows the rendering process to call IPC handlers...

8.7CVSS5.3AI score0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is a distributed operating system designed for various scenarios, primarily providing seamless collaboration across devices. The IPC module of Huawei HarmonyOS has a out-of-bounds write vulnerability. This vulnerability arises from improper handling of certain input data. Attacke...

5.3CVSS6AI score0.00072EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.23 views

FreeSWITCH 输入验证错误漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.1, there was a...

9.1CVSS5.3AI score0.0031EPSS
Exploits0References2
Total number of security vulnerabilities195539