Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

389 Directory Server 缓冲区错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server, which stems from type confusion during the processing of SSO token extensions. As a result, some stack trace...

4.3CVSS5.8AI score0.00179EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe CAI Content Credentials 资源管理错误漏洞

Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 have a resourc...

6.2CVSS5.4AI score0.00153EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

Microsoft Office Word 缓冲区错误漏洞

Microsoft Office Word is a word processing software developed by Microsoft and open sourced. There are security vulnerabilities in Microsoft Office Word. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected: Microsoft 365 Apps for Enterpris...

7.8CVSS5.8AI score0.00372EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team, capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure hash...

3.7CVSS5.4AI score0.0035EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Office Sharepoint Server 输入验证错误漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. There is a vulnerability in input validation of Microsoft Office SharePoint. Attackers exploit this vulnerability to execute cross-site scripting attacks. The...

5.4CVSS6.9AI score0.00505EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a backport of patch ea52cb24cd3f. This patch improperly handled the hugetlb VMA lock allocation,...

5.5CVSS5.3AI score0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, where the access mode flag is set using an OR operation instead of a replacement. This vulnerability may prevent...

7.7CVSS5.3AI score0.00121EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an error in the use of comparison operators, which may lead to out-of-bounds access to arrays...

7.8CVSS5.3AI score0.00112EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Tenda O3 安全漏洞

The Tenda O3 is an outdoor wireless bridge produced by the Chinese company Tenda. The Tenda O3v3 1.0.0.5 version contains a security vulnerability. This vulnerability stems from a stack overflow issue in the savelistdata parameter of the formSetCfm function, which could allow attackers to cause...

7.5CVSS5.5AI score0.00397EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

bookcars 安全漏洞

Bookcars is a car rental management platform developed by Akram El Assas. Version 8.3 of Bookcars contains a security vulnerability. This vulnerability stems from the/api/create-user component, which has an unlimited file renaming vulnerability. This could allow authenticated attackers to use...

8.8CVSS6.2AI score0.00998EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Adobe InDesign Desktop 资源管理错误漏洞

Adobe InDesign Desktop is a page layout software developed by Adobe, a company based in America. Versions of Adobe InDesign Desktop such as 21.3, 20.5.3, and earlier versions have a resource management vulnerability. This vulnerability stems from a release-after-reuse flaw, which could allow...

7.8CVSS5.7AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

LIGHTNINGLINK X-VPN 安全漏洞

LIGHTNINGLINK X-VPN is a virtual private network service client provided by LIGHTNINGLINK Corporation. Versions 77.0 to 77.5 of LIGHTNINGLINK X-VPN contain security vulnerabilities. These vulnerabilities stem from race conditions and symbolic link operations within the isolation and recovery...

7.3CVSS5.3AI score0.00085EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

OpenSSL 加密问题漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

5.3CVSS5.8AI score0.00262EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

WordPress plugin MailerPress – Email Marketing, Newsletter, Email Automation & WooCommerce Emails 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.3AI score0.00234EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe InCopy 安全漏洞

Adobe InCopy is a text editing software for creative purposes developed by Adobe, Inc. Versions of Adobe InCopy such as 21.3, 20.5.3, and earlier versions have security vulnerabilities. These vulnerabilities stem from stack buffer overflow exploits, which could allow arbitrary code to execute...

7.8CVSS6.3AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Office Sharepoint Server 路径遍历漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. There is a path traversal vulnerability present in Microsoft Office SharePoint. Attackers can exploit this vulnerability to execute code remotely. The following...

8.8CVSS7.1AI score0.0163EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

OpenSSL 加密问题漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables the implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure has...

9.1CVSS5.8AI score0.00237EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

WordPress plugin Blocksy 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.8CVSS6.2AI score0.00849EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

OpenSSL 资源管理错误漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Windows Hotpatch Monitoring Service 缓冲区错误漏洞

Microsoft Windows is an operating system used on personal devices by the American company Microsoft. The Microsoft Windows Hotpatch Monitoring Service has a buffer error vulnerability. The following products and versions are affected: Windows Server 2025 Server Core installation, Windows 11 Versi...

7.8CVSS6AI score0.00286EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

tmux 缓冲区错误漏洞

tmux is an open-source terminal multiplexer developed by tmux. Versions of tmux 3.6a and earlier contained a buffer error vulnerability. This vulnerability stemmed from the imagefree function in image.c, which allowed reusing memory after it had been freed, potentially leading to local attacks...

4.5CVSS5.1AI score0.00124EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Malwarebytes 安全漏洞

Malwarebytes is an application software developed by the American company Malwarebytes, which provides anti-malware capabilities for devices. This software is designed to protect against viruses, spyware, Trojan horses, worms, dialers, and other malicious software. Versions of Malwarebytes 4.x an...

7.5CVSS5.7AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

WordPress plugin Product Filter Widget for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

6.1CVSS5.2AI score0.00205EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability. This vulnerability stems from the reu...

7.8CVSS5.9AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

TYPO3 CMS 安全漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source framework. There is a security vulnerability in TYPO3 CMS, which stems from unauthorized backend users having access to write operations on the root directory of active files. This can lead to unauthorized moves,...

7.2CVSS5.4AI score0.00238EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system developed by Chinese company Huawei. It is a full-scenario distributed operating system based on a microkernel architecture. There is a security vulnerability in Huawei HarmonyOS, which stems from a logic bypass in the file system. This vulnerability may...

2.4CVSS5.2AI score0.0011EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...

9.1CVSS5.8AI score0.00555EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Office Sharepoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. Microsoft Office SharePoint has a cross-site scripting vulnerability. Attackers utilize this vulnerability to carry out phishing attacks. The following products...

5.4CVSS6.9AI score0.00505EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Fortinet多款产品 操作系统命令注入漏洞

FortiSandbox is a security sandbox product provided by Fortinet, primarily used for detecting and analyzing malware. Fortinet FortiSandbox has a vulnerability related to OS command injection. This vulnerability stems from an inability to properly neutralize the special elements used in OS command...

9.8CVSS7.4AI score0.23393EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

AMD uProf 安全漏洞

AMD uProf is a cross-platform performance analysis tool developed by AMD, Inc. for AMD processor architecture. AMD uProf has a security vulnerability; this vulnerability stems from unlimited resource allocation, which may lead to excessive consumption of system resources and resulting in usabilit...

6.8CVSS5.4AI score0.00098EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Function Discovery Service (fdwsd.dll) 竞争条件问题漏洞

The Microsoft Function Discovery Service is a background service provided by Microsoft Corporation. There are competition-related vulnerabilities in the Microsoft Function Discovery Service fdwsd.dll. The following products and versions are affected: Windows 11 Version 26H1 for ARM64-based System...

7CVSS5.8AI score0.00198EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Tenda W15E 安全漏洞

Tenda W15E is a wireless router produced by the Chinese company Tenda. The Tenda W15E has a buffer overflow vulnerability in the webAuthWhiteUserInfo parameter. Attackers can exploit this vulnerability to cause denial-of-service attacks through specially crafted HTTP requests...

7.5CVSS7.5AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Office Excel 缓冲区错误漏洞

Microsoft Office Excel is a spreadsheet software developed by Microsoft in the United States. There is a security vulnerability in Microsoft Office Excel, which stems from integer underflow. This vulnerability may allow unauthorized attackers to execute code locally...

7.8CVSS5.8AI score0.00372EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe InDesign Desktop 安全漏洞

Adobe InDesign Desktop is a professional desktop publishing application, primarily used for page layout design in print and digital media. Adobe InDesign Desktop has a buffer overflow vulnerability that stems from improper handling of malicious files during user interactions. Attackers can exploi...

7.8CVSS6.5AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.8 views

Apache Answer 信息泄露漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier had an information leakage vulnerability. This vulnerability stemmed from the lack of access restrictions on direct API endpoints, which allowed authenticated users to...

6.5CVSS5.3AI score0.00325EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Microsoft Kinect 权限许可和访问控制问题漏洞

The Microsoft Kinect is a motion input device developed by Microsoft Corporation. The Microsoft Kinect has an access control vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows Server 2025, Windows 10 Version...

7.8CVSS5.8AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

SAP ODP Data Replication APIs 安全漏洞

SAP ODP Data Replication APIs are a set of enterprise data replication interfaces provided by the German company SAP. There is a security vulnerability in SAP ODP Data Replication APIs, which stems from the lack of identification of callers for allowed internal SAP applications. If these APIs are...

6.6CVSS5.3AI score0.00219EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Office Sharepoint Server 反序列化注入漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. There are code-related vulnerabilities in Microsoft Office SharePoint. Attackers can exploit these vulnerabilities to gain higher privileges. The following...

8.8CVSS7AI score0.01982EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

OSCAL-GUI 跨站脚本漏洞

OSCAL-GUI is a graphical interface tool developed by OSCAL Corporation for creating, editing, viewing, and managing OSCAL compliance data models. OSCAL-GUI has a cross-site scripting vulnerability, which stems from the failure to clean up malicious inputs injected through project request...

6.1CVSS5.5AI score0.00199EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Hermes Web UI 安全漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.269 contained security vulnerabilities. These vulnerabilities were caused by a configuration file isolation bypass issue, which could allow authenticated users to acces...

7.1CVSS5.3AI score0.00272EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Microsoft Windows Ancillary Function Driver for WinSock 竞争条件问题漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a supplementary function driver for Winsock developed by Microsoft Corporation. There are vulnerabilities related to race conditions in the Microsoft Windows Ancillary Function Driver for WinSock. Attackers can exploit these...

7CVSS5.3AI score0.00179EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.2AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

OpenSSL 异常处理不当漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

7.5CVSS5.9AI score0.00684EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

FreeSWITCH 安全漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.0, there were security...

7.5CVSS5.4AI score0.00343EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Office Excel 处理逻辑错误漏洞

Microsoft Office Excel is a spreadsheet software developed by Microsoft and open source. There are security vulnerabilities in Microsoft Office Excel. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected: Microsoft 365 Apps for...

3.3CVSS5.8AI score0.00371EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Adobe Acrobat Reader 缓冲区错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a buffer error vulnerability. This vulnerability stems from...

5.5CVSS5.5AI score0.00154EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

FreeSWITCH 输入验证错误漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.0, there was a...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...

8.1CVSS5.3AI score0.0039EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Windows Universal Disk Format File System Driver (UDFS) 数字错误漏洞

The Microsoft Windows Universal Disk Format File System Driver is an open-source Windows file system driver developed by Microsoft. There is a security vulnerability in the Microsoft Windows Universal Disk Format File System Driver, which may allow authorized attackers to gain local privileges...

7.8CVSS5.9AI score0.00298EPSS
Exploits0References1
Total number of security vulnerabilities195539