Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

Palo Alto Networks Prisma Access Agent 访问控制错误漏洞

Palo Alto Networks Prisma Access Agent is a zero-trust network access client agent developed by Palo Alto Networks. The Palo Alto Networks Prisma Access Agent has a security vulnerability related to access control. This vulnerability stems from multiple authorization bypass issues within the...

8.5CVSS5.8AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

OpenPLC 安全漏洞

OpenPLC is an open-source, programmable logic controller developed by Thiago Alves. It provides low-cost industrial solutions for automation and research purposes. OpenPLC has a security vulnerability, which stems from the binary program compiled from gluegenerator.cpp not verifying the file path...

6.5CVSS5.9AI score0.00387EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

aria2c 信任管理问题漏洞

aria2c is a lightweight multi-protocol command-line download tool developed by aria2. Aria2c has a trust management vulnerability that stems from accepting server certificates with incorrect extension key purposes. This vulnerability could allow attackers to reuse certificates issued for differen...

4.8CVSS5.8AI score0.0011EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

ELECOM多款产品 操作系统命令注入漏洞

ELECOM WRC, etc. are products of the Japanese ELECOM company. ELECOM WRC is a home-use network camera. ELECOM WRC-X1500GSA-B is a wireless router. ELECOM WRC-BE36QS-B is also a wireless router. Several ELECOM products have vulnerabilities related to OS command injection. These vulnerabilities ste...

9.8CVSS7.4AI score0.01633EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

ArduPilot Project 缓冲区错误漏洞

The ArduPilot Project is an open-source autopilot software developed by ArduPilot, supporting control of various unmanned vehicles. The ArduPilot Project has a buffer overflow vulnerability, which stems from buffer overflows in the APMSP::loop, APMSP, and APMSP.cpp components. This vulnerability...

5.5CVSS6AI score0.00102EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

ArduPilot Project 安全漏洞

The ArduPilot Project is an open-source autopilot software developed by ArduPilot, supporting control of various unmanned vehicles. The ArduPilot Project has security vulnerabilities, which stem from buffer overflows in the APInertialSensorADIS1647x.cpp and ArduRover, as well as the ADIS1647x...

6.2CVSS5.9AI score0.00106EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

WordPress plugin ProfileGrid SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.5CVSS5.9AI score0.00269EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

Hiseeu C90 安全漏洞

Hiseeu C90 is a 4MP solar-powered wireless security camera produced by Hiseeu Corporation in China. The Hiseeu C90 version 5.7.15 contains a security vulnerability. This vulnerability stems from improper permission settings, allowing the UART bootloader to be accessed when the battery is...

6.8CVSS5.8AI score0.00169EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

U-SPEED AC1200 安全漏洞

The U-SPEED AC1200 is a Gigabit dual-band Wi-Fi router produced by the U-SPEED company. The U-SPEED AC1200 T18-21K V1.0 version contains a security vulnerability. This vulnerability arises from the incorrect handling of user input in the NTP configuration interface. As a result, authenticated use...

7.2CVSS5.9AI score0.0209EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability stems from virtual...

8.7CVSS5.8AI score0.00324EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a security vulnerability, which stems from permission management issues...

7.1CVSS5.6AI score0.00288EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Canon GUARDIANWALL MailSuite和Canon GUARDIANWALL Mail Security Cloud 安全漏洞

Canon GUARDIANWALL MailSuite and Canon GUARDIANWALL Mail Security Cloud are products of Canon, a Japanese company. Canon GUARDIANWALL MailSuite is an enterprise-level email security and filtering system. Canon GUARDIANWALL Mail Security Cloud is an enterprise-level cloud-based email security...

9.8CVSS7.9AI score0.00472EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by South Korea’s Samsung Corporation, including smartphones and tablets. Versions before Samsung Mobile Devices SMR May-2026 Release 1 contained security vulnerabilities. These vulnerabilities were due to improper permission allocatio...

5.5CVSS5.8AI score0.00093EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

CubeCart 跨站脚本漏洞

CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.7.0 had a cross-site scripting vulnerability. This vulnerability stemmed from a logical flaw in the search function. When only one product was returned during a search, uncleaned user input was...

6.1CVSS5.6AI score0.00697EPSS
Exploits2References3
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.8 views

Grafana OSS 安全漏洞

Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which stems from the Live push endpoint’s ability to cause unlimited memory allocation by sending large or streaming request bodies, potentially leading to insufficient...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

WordPress plugin Cost Calculator Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS5.8AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Joomla com_fabrik 路径遍历漏洞

Joomla comfabrik is an extension developed by the Fabrik team, designed for building data forms, database applications, and business processes for Joomla websites. Version 3.9.11 of Joomla comfabrik contains a path traversal vulnerability. This vulnerability stems from directory traversal issues,...

8.7CVSS5.9AI score0.00716EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Striso Control Firmware 安全漏洞

Striso Control Firmware is an open-source MPE MIDI controller firmware developed by Striso. Version 54c9722 of Striso Control Firmware contains a security vulnerability, which stems from a buffer overflow in the AuxJack function...

7.5CVSS6AI score0.00329EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

qihang-wms 安全漏洞

Qihang-WMS is an intelligent warehousing management system developed by Qiliping’s individual developers. The Qihang-WMS version commit 75c15a contains a security vulnerability. This vulnerability stems from an arbitrary file upload vulnerability present in the ShopOrderImportController.java...

7.3CVSS6.2AI score0.00284EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

ArduPilot Project 安全漏洞

The ArduPilot Project is an open-source autopilot software developed by ArduPilot, supporting control of various unmanned vehicles. The ArduPilot Project has security vulnerabilities, which stem from buffer overflows in components such as APSmartAudio::loop, APSmartAudio, and APSmartAudio.cpp...

6.2CVSS5.9AI score0.00114EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

qihang-wms SQL注入漏洞

Qihang-WMS is an intelligent warehousing management system developed by Qiliping’s individual developers. The Qihang-WMS version 75c15a has a SQL injection vulnerability. This vulnerability stems from the SQL injection vulnerability present in the datascope parameter in the SysUserMapper.xml file...

6.5CVSS5.8AI score0.00275EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.8 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a security vulnerability that stems from improper permission allocation,...

7.1CVSS5.8AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

cPanel 注入漏洞

cPanel is a web-based automated hosting platform developed by cPanel Inc. This platform is primarily used for automating the management of websites and servers. cPanel has a vulnerability known as “injection attack,” which stems from improper cleaning of the status query parameters in the...

8.3CVSS5.9AI score0.00301EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

F5 BIG-IP和F5 BIG-IQ 安全漏洞

F5 BIG-IP and F5 BIG-IQ are both products from the American company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. This...

8.7CVSS6.1AI score0.00156EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by South Korea’s Samsung Corporation, including smartphones and tablets. Versions of Samsung Mobile Devices prior to SMR May-2026 Release 1 contain security vulnerabilities. These vulnerabilities stem from improper input validation in...

8.6CVSS6.2AI score0.00156EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

F5 NGINX Plus和F5 NGINX Open Source 安全漏洞

F5 NGINX Plus and F5 NGINX Open Source are both products of the American company F5. F5 NGINX Plus is a software-based application delivery platform. F5 NGINX Open Source is a high-performance web server, reverse proxy server, load balancer, and API gateway. Both F5 NGINX Plus and F5 NGINX Open...

6.9CVSS5.8AI score0.00367EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

F5 BIG-IQ 路径遍历漏洞

F5 BIG-IQ is a software-based cloud management solution developed by F5 Corporation in the United States. This solution supports the delivery of applications and network services across public and private clouds, traditional data centers, and hybrid environments. F5 BIG-IQ has a path traversal...

8.1CVSS5.8AI score0.00366EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Palo Alto Networks Trust Protection Foundation 代码问题漏洞

Palo Alto Networks Trust Protection Foundation is a machine identity and certificate security management platform provided by Palo Alto Networks. There is a code vulnerability in Palo Alto Networks Trust Protection Foundation, which stems from incorrect authorization. This vulnerability could all...

7.2CVSS5.9AI score0.00277EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Paiement Ecommerce Systempay 安全漏洞

Paiement Ecommerce Systempay is an online payment platform for e-commerce services provided by the French company Paiement. Version 1.0 of Paiement Ecommerce Systempay contains a security vulnerability. This vulnerability stems from weak encryption implementations, which may allow attackers to...

9.8CVSS5.8AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.16 views

Garmin WDU 安全漏洞

Garmin WDU is a wireless data unit developed by Garmin Corporation, designed for data updates and maintenance of aviation electronic devices. Versions 1.1.6 and 2.5.0 of Garmin WDU contain security vulnerabilities. These vulnerabilities stem from the ability to allow symbolic link attacks, which...

7.5CVSS5.8AI score0.00387EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

Angular 路径遍历漏洞

Angular is an open-source development platform created by Angular. It is used to build mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular versions prior to 19.0.0-next.0, 20.3.25, 21.2.9, and 22.0.0-next.7 contain a path traversal vulnerability. This...

6.9CVSS5.8AI score0.00203EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Palo Alto Networks Trust Protection Foundation 安全漏洞

Palo Alto Networks Trust Protection Foundation is a machine identity and certificate security management platform provided by Palo Alto Networks. There is a security vulnerability in Palo Alto Networks Trust Protection Foundation, which stems from an information leakage issue. This vulnerability...

7.4CVSS5.8AI score0.00209EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.14 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics, and it includes features such as analysis of threats to network security and malware analysis. Prior to MISP 2.5.37, there were...

8.6CVSS5.8AI score0.00403EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

F5 BIG-IP和F5 BIG-IQ 信息泄露漏洞

F5 BIG-IP and F5 BIG-IQ are both products from the American company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. This...

6.9CVSS5.8AI score0.00294EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

Advantech多款产品 SQL注入漏洞

Advantech IoTSuite SaaSComposer is a product of Advantech Corporation from Taiwan, China. Advantech IoTSuite SaaSComposer is a low-code visual development tool. Advantech IoTSuite Growth Linux docker is a containerized deployment solution for industrial IoT platforms. Advantech IoTSuite Starter...

7.2CVSS6.1AI score0.00375EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability arises from the...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. This includes smartphones, tablets, etc. Versions of Samsung Mobile devices prior to SMR May-2026 Release 1 contained security vulnerabilities. These vulnerabilities were caused by incorrect...

6.8CVSS5.8AI score0.00092EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

HCL BigFix SCM Reporting 安全漏洞

HCL BigFix SCM Reporting is a security configuration management reporting component developed by the Indian company HCL. HCL BigFix SCM Reporting has a security vulnerability that stems from the use of outdated and unsupported jQuery 1.x libraries. This vulnerability may increase the risk of...

8.3CVSS5.5AI score0.00212EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

OpenThread 输入验证错误漏洞

OpenThread is an open-source implementation of the Thread network protocol stack developed by OpenThread. Versions prior to OpenThread 26a882d contained a vulnerability related to input validation errors. This vulnerability stemmed from improper input validation in the NAT64 converter, allowing...

6CVSS5.8AI score0.00162EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

ELECOM WAB 代码问题漏洞

ELECOM WAB is a series of wireless access points produced by the ELECOM company in Japan. ELECOM WAB has a code vulnerability that stems from the lack of checking whether the language parameter has an appropriate value. This vulnerability may cause administrator pages to be displayed incorrectly ...

5.1CVSS6.2AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

WordPress plugin Powie s WHOIS Domain Check 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.8AI score0.00243EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.8 views

F5 BIG-IP和F5 BIG-IQ 安全漏洞

F5 BIG-IP and F5 BIG-IQ are both products from the American company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. This...

7.1CVSS5.8AI score0.00203EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Joomsky Joomla J2 JOBS SQL注入漏洞

Joomsky Joomla J2 JOBS is a Joomla recruitment and job posting management component provided by Joomsky Inc. Version 1.3.0 of Joomsky Joomla J2 JOBS contains a SQL injection vulnerability. This vulnerability stems from authenticated SQL injection attacks, allowing authenticated attackers to injec...

7.1CVSS5.9AI score0.00273EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

WordPress plugin Charitable SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.5CVSS5.9AI score0.00281EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Zoom Rooms for Windows 代码问题漏洞

Zoom Rooms for Windows is a meeting software developed by the American company Zoom. Versions of Zoom Rooms for Windows prior to 7.0.0 contained a code vulnerability. This vulnerability stemmed from an insecure search path within the installer, which could allow authenticated users to gain elevat...

7.8CVSS5.9AI score0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a security vulnerability, which stems from the fact that highly privilege...

9.1CVSS6AI score0.00272EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

CVAT.ai CVAT 安全漏洞

CVAT.ai CVAT is an open-source data processing tool developed by CVAT.ai. There are security vulnerabilities in the CVAT.ai CVAT versions from 2.5.0 to 2.63.0. These vulnerabilities stem from attacks where attackers can create or edit annotation guides on tasks, and add malicious JavaScript code...

8.5CVSS6.1AI score0.00266EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

NXP moal.ko Wi-Fi driver 安全漏洞

NXP moal.ko Wi-Fi driver is a Wi-Fi kernel driver module developed by NXP for Linux-based wireless network devices, focusing on communication and hardware control. There is a security vulnerability in the NXP moal.ko Wi-Fi driver, which stems from a buffer overflow in the modpara parameter of the...

5.6CVSS6.1AI score0.00183EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

TeamViewer DEX Platform On-Premises 输入验证错误漏洞

The TeamViewer DEX Platform On-Premises is a locally deployed digital employee experience management platform by the German company TeamViewer. Prior to version 9.2 of the TeamViewer DEX Platform On-Premises, there was a vulnerability related to input validation errors. This vulnerability stemmed...

6.3CVSS5.9AI score0.00201EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Bandit 安全漏洞

Bandit is a high-performance HTTP and WebSocket server developed by Mat Trudel. Versions of Bandit from 1.6.1 to 1.11.1 contained security vulnerabilities. These vulnerabilities were caused by infinite loops, which could allow unauthenticated remote attackers to exploit the system through...

8.7CVSS5.8AI score0.00637EPSS
Exploits1References2
Total number of security vulnerabilities195539