Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

Apple Private Cloud Compute Server Software 输入验证错误漏洞

Apple Private Cloud Compute Server Software is a privacy-protective cloud-based AI computing platform software developed by Apple Inc. Versions prior to Apple Private Cloud Compute Server Software Release 5E290.3 contained a vulnerability related to input validation errors. This vulnerability...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

Edimax BR-6428nS 缓冲区错误漏洞

The Edimax BR-6428nS is a wireless router produced by Edimax Corporation. The Edimax BR-6428NS v41.10 version has a buffer overflow vulnerability. This vulnerability stems from the function formPPTPSetup in the POST Request Handler component, which handles the parameter pptpUserName and results i...

9CVSS7.6AI score0.00445EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

litemall 注入漏洞

Litemall is a small shopping system developed by Linlinjava’s developers. Versions of Litemall 1.8.0 and earlier had a injection vulnerability. This vulnerability originated from a function in the Front-end WeChat API, specifically the list function in the...

7.5CVSS7.1AI score0.00259EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

tinyMQTT 资源管理错误漏洞

tinyMQTT is a pre-sorted tree traversal algorithm library developed by 0x7C9A. There is a resource management vulnerability in tinyMQTT; this vulnerability stems from improper protocol handling during the parsing of CONNECT packets, which may lead to exhaustion of server resources. The following...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

WordPress plugin Feeds for YouTube 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.4CVSS5.8AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

litemall 注入漏洞

Litemall is a small shopping system developed by Linlinjava’s individual developers. Versions of Litemall 1.8.0 and earlier had a injection vulnerability. This vulnerability stemmed from the function backup/load in the Database Setting Handler component’s file...

5.8CVSS5.8AI score0.00244EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.12 views

WordPress plugin WP Photo Album Plus SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

8.6CVSS6AI score0.00472EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

Summarize 安全漏洞

Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.15.1 contain security vulnerabilities. These vulnerabilities stem from a path traversal issue in the /v1/summarize daemon’s endpoints. This issue could allow authenticated users t...

7.1CVSS5.8AI score0.00396EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

ngrok 命令注入漏洞

Ngrok is a security internal network penetration and application access platform developed by the US company Ngrok. Versions 4.3.3 and 5.0.0-beta.2 of Ngrok contain command injection vulnerabilities, which are vulnerable to command injection attacks...

8.8CVSS5.8AI score0.00981EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.12 views

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions 11.5, 11.1.5, 10.13.11, and 11.3.4.0 of Mattermost Plugins have security vulnerabilities. These...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

AutoGPT 安全漏洞

AutoGPT is an open-source tool developed by AutoGPT. It aims to make AI accessible and usable for everyone. Versions 0.6.36 to 0.6.50 of AutoGPT contain security vulnerabilities. These vulnerabilities stem from the lack of verification of session ownership at the PATCH...

7.1CVSS5.8AI score0.00384EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

FacturaScripts 跨站脚本漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to 2025.7 contained a cross-site scripting vulnerability. This vulnerability occurred due to the fsNick cookie parameter value being reflected directly into HTML, which...

3.9CVSS5.6AI score0.00104EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

Dokploy 操作系统命令注入漏洞

Dokploy is an open-source software developed by Dokploy itself. Versions of Dokploy 0.26.6 and earlier contained a vulnerability related to operating system command injection. This vulnerability stemmed from insufficient cleanup of the appName parameter input, lack of pattern validation, and dire...

9.9CVSS5.8AI score0.00985EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

webdriverio 操作系统命令注入漏洞

WebdriverIO is an open-source automation testing framework for browsers and mobile devices developed by WebdriverIO. Versions of WebdriverIO prior to 9.24.0 had a vulnerability related to operating system command injection. This vulnerability stemmed from the getGitMetadataForAISelection function...

9.8CVSS6.2AI score0.02799EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.16 views

Claude HUD 路径遍历漏洞

Claude HUD is a Claude Code plugin developed by Jarrod Watts, which displays context usage, tool states, and progress. Versions of Claude HUD prior to 0.0.12 contained a path traversal vulnerability. This vulnerability stemmed from path traversal issues, allowing attackers to read arbitrary files...

4.8CVSS6AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.9 views

Summarize 安全漏洞

Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.15.1 contain security vulnerabilities. These vulnerabilities stem from insecure file permissions in the configuration rewritepath without refreshing, allowing local users to acces...

6.8CVSS5.8AI score0.00137EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

SimpleSAMLphp-casserver 输入验证错误漏洞

SimpleSAMLphp-casserver is an open-source CAS protocol-compatible single-signpoint login server module developed by SimpleSAMLphp. Versions prior to 6.3.1 and 7.0.0 of SimpleSAMLphp-casserver contained a vulnerability related to input validation errors. This vulnerability occurred because the...

6.1CVSS5.8AI score0.00269EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.8 views

DumbAssets 路径遍历漏洞

DumbAssets is a physical asset tracking and management tool developed by DumbWare. Versions of DumbAssets 1.0.11 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the POST /api/delete-file endpoint and the path traversal issues in the filesToDelete array...

9.1CVSS5.8AI score0.00626EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.12 views

NetBSD 输入验证错误漏洞

NetBSD is an open-source Unix-like operating system developed by the NetBSD Foundation. Prior to version ec8451, there was a vulnerability related to input validation. This vulnerability stemmed from the fact that the local variable iovlen was declared as a signed integer in the cryptodevop...

5.7CVSS5.9AI score0.00109EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.12 views

dify 安全漏洞

Dify is an open-source LLM application development platform created by LangGenius. Versions of Dify prior to 1.14.1 contained security vulnerabilities. These vulnerabilities were due to an authorization bypass issue, which allowed authenticated users to modify user settings and enable tracking...

9.3CVSS5.8AI score0.00453EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

sglang 代码问题漏洞

SGLang is a programming language and runtime system developed by SGL-project, aimed at accelerating large model inference. SGLang has code vulnerabilities; one of these vulnerabilities stems from the fact that the ROUTER socket, which handles multi-modal generation during runtime scheduling, is...

9.8CVSS6.5AI score0.00399EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.13 views

Mattermost 信息泄露漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have a vulnerability related to information leakage. This...

7.6CVSS5.8AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.12 views

Mattermost 信息泄露漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have a vulnerability related to information leakage. This...

8.7CVSS5.8AI score0.0029EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.13 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...

4.3CVSS5.8AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.12 views

Mattermost 代码问题漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series as well as 10.11.13 and earlier 10.11.x series have code vulnerabilities. These vulnerabilities stem from the lack of validation of the...

5CVSS5.9AI score0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

Mattermost Desktop App 安全漏洞

The Mattermost Desktop App is a desktop application for message communication developed by the American company Mattermost. Versions 6.1, 6.0.1, and 5.4.13.0 of the Mattermost Desktop App have security vulnerabilities. These vulnerabilities stem from a failure to prevent invalid URLs from being...

6.5CVSS5.8AI score0.00184EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.13 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.12 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series as well as 10.11.13 and earlier 10.11.x series have security vulnerabilities. These vulnerabilities stem from the lack of mandatory...

3.8CVSS5.9AI score0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.8 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series as well as 10.11.13 and earlier 10.11.x series have security vulnerabilities. These vulnerabilities stem from the lack of verification...

4.3CVSS5.9AI score0.00142EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.13 views

Tencent WeKnora 授权问题漏洞

Tencent WeKnora is an enterprise-level LLM knowledge base and RAG platform developed by Tencent, a Chinese technology company. Versions of Tencent WeKnora prior to 0.3.6 contained an authorization vulnerability. This vulnerability stemmed from the function getKnowledgeBaseForInitialization in the...

6.5CVSS6.6AI score0.00269EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.14 views

Continue 路径遍历漏洞

“Continue” is an open-source AI code review tool that can enforce checks during CI processes. Versions of “continue” prior to 1.2.22 contain a path traversal vulnerability. This vulnerability stems from the function “lsTool” in the component’s JSON-RPC Server, where the function “lsTool” processe...

4.8CVSS6AI score0.00258EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

SOGo SQL注入漏洞

SOGo is a highly fast and scalable modern collaboration suite open source by Alinto. It offers calendar management, address book management, a fully functional webmail client, as well as features for resource sharing and permission handling. Version 5.12.7 of SOGo contains a SQL injection...

8.6CVSS6AI score0.00316EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.16 views

Claude HUD 安全漏洞

Claude HUD is a Claude Code plugin developed by Jarrod Watts, which displays context usage, tool states, and progress. Versions of Claude HUD prior to 0.0.12 contained security vulnerabilities. These vulnerabilities stemmed from the use of raw cwd and branchUrl values to construct OSC 8 terminal...

4.6CVSS6.1AI score0.00104EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.14 views

NetBSD 竞争条件问题漏洞

NetBSD is an open-source Unix-like operating system developed by the NetBSD Foundation. Prior to version ec8451, there was a race condition vulnerability in NetBSD. This vulnerability stemmed from a race condition in the cryptodevop function within the opencrypto subsystem, which could lead to...

5.7CVSS5.8AI score0.00082EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.12 views

dify 安全漏洞

dify is an open-source LLM application development platform by LangGenius. Versions of dify prior to 1.14.1 have security vulnerabilities. These vulnerabilities stem from path traversal issues, which may allow authenticated users to manipulate requests redirected to the plugin daemon’s internal...

9.4CVSS5.8AI score0.00509EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.9 views

sglang 代码问题漏洞

SGLang is a programming language and runtime system developed by SGL-project, aimed at accelerating large model inference. SGLang has code vulnerabilities; these vulnerabilities arise when the --enable-custom-logit-processor option is enabled, resulting in unvalidated deserialization of Python...

9.8CVSS6.2AI score0.00585EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.13 views

Mattermost Desktop App 代码问题漏洞

The Mattermost Desktop App is a desktop application for message communication developed by the American company Mattermost. Versions 6.1, 6.0.1, and 5.4.13.0 of the Mattermost Desktop App have code vulnerabilities. These vulnerabilities stem from a failure to prevent servers from rendering conten...

3.5CVSS5.9AI score0.00171EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series as well as 10.11.13 and earlier 10.11.x series have security vulnerabilities. These vulnerabilities stem from the lack of checks during...

4.3CVSS5.8AI score0.00143EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.16 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.16 views

cramfs-tools 后置链接漏洞

cramfs-tools is a compression read-only file system tool developed by Nicolas Pitre. Versions of cramfs-tools prior to 2.2 had a post-installation link vulnerability. This vulnerability stemmed from the operation of the changefilestatus function in the cramfsck.c file, which allowed symbolic link...

4.6CVSS5.8AI score0.00157EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.14 views

amf 缓冲区错误漏洞

AMF is an open-source library under the Apache License, developed by Free5GC. Versions of AMF such as 2.1.3-dev and earlier contain a buffer error vulnerability. This vulnerability stems from unknown functions in the ngap/dispatcher.go file within the NGAP Message Handler component, which can lea...

5.3CVSS6AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

amf 缓冲区错误漏洞

AMF is an open-source library under the Apache License, developed by Free5GC. Versions of AMF such as 2.1.3-dev and earlier contain a buffer error vulnerability. This vulnerability arises from the operation of the NGSetupRequest function in the ngap/handler.go file, which leads to memory corrupti...

5.3CVSS6AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.9 views

Summarize 安全漏洞

Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.15.1 contain security vulnerabilities. These vulnerabilities stem from an issue with authorization deficiencies, which could allow attackers to execute browser automation operatio...

5.4CVSS5.9AI score0.00227EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.13 views

Edimax BR-6228NC 注入漏洞

The Edimax BR-6228NC is a wireless broadband router produced by Edimax Corporation. Version 1.22 of the Edimax BR-6228NC has a vulnerability known as “injection flaw.” This flaw arises from the function mp in the POST Request Handler component, which processes the command parameter. The improper...

6.5CVSS6.7AI score0.01182EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

Open Source Point of Sale 加密问题漏洞

Open Source Point of Sale is an open-source sales point system based on the Open Source Point of Sale framework. Versions of Open Source Point of Sale 3.4.2 and earlier had encryption-related vulnerabilities. These vulnerabilities stemmed from a function in the Employee Login component called...

6.3CVSS5.8AI score0.00182EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.9 views

litemall 注入漏洞

Litemall is a small shopping system developed by Linlinjava’s developers. Versions of Litemall 1.8.0 and earlier had a injection vulnerability, which originated from an unknown function in the Admin Endpoint component. This vulnerability could lead to SQL injection attacks. The attacks can be...

5.8CVSS5.8AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

FacturaScripts 信息泄露漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to version 2026 contained a vulnerability related to information leakage. This vulnerability stemmed from the Library module not clearing the EXIF/XMP/IPTC metadata...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.16 views

amf 安全漏洞

AMF is an open-source library under the Apache License, developed by Free5GC. Versions of AMF such as 2.1.3-dev and earlier contain security vulnerabilities. These vulnerabilities stem from unknown functions in the NGAP Message Handler component, specifically in the file ngap/handler.go, which...

5.3CVSS5.8AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

Microsoft Azure Resource Manager和Microsoft Azure Local 授权问题漏洞

Microsoft Azure Resource Manager and Microsoft Azure Local are both products of Microsoft Corporation in the United States. Microsoft Azure Resource Manager is a service for deploying and managing resources. Microsoft Azure Local is a hybrid cloud infrastructure platform. There are authorization...

10CVSS5.8AI score0.00494EPSS
Exploits0References2
Total number of security vulnerabilities195539