Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Grafana OSS 安全漏洞

Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which stems from vulnerabilities in SQL expressions. This vulnerability could allow authenticated attackers to read arbitrary files from the Grafana server’s file system...

6.3CVSS6AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

U-SPEED AC1200 安全漏洞

The U-SPEED AC1200 is a Gigabit dual-band Wi-Fi router produced by the U-SPEED company. The U-SPEED AC1200 Gigabit Wi-Fi Router T18-21K V1.0 version has a security vulnerability. This vulnerability stems from improper access control; the UART interface exposed by the device lacks an authenticatio...

6.8CVSS5.8AI score0.00299EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability arises from the use ...

8.7CVSS5.8AI score0.003EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

Palo Alto Networks Prisma Browser 代码注入漏洞

Palo Alto Networks Prisma Browser is an enterprise-level security browser developed by Palo Alto Networks. The Prisma Browser has a code injection vulnerability, which stems from an inability to properly restrict access to the AppleScript interface. This vulnerability may allow unauthorized...

7.3CVSS5.9AI score0.00144EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

ELECOM多款产品 安全漏洞

ELECOM WRC-BE72XSD-B is a wireless router produced by the ELECOM company. Several ELECOM products have security vulnerabilities. This vulnerability stems from the ability to access specific URLs without authentication, which may allow devices to be operated without proper authorization. The...

9.8CVSS7.3AI score0.00491EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

ELECOM多款产品 安全漏洞

ELECOM WAB-MAT, among others, are products of the ELECOM company. ELECOM WAB-MAT is a management tool for enterprise access points. ELECOM WAB represents a series of wireless access points. ELECOM WAB-S300 is a wireless access point. Several ELECOM products have security vulnerabilities; these...

5.1CVSS6.2AI score0.00186EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

VMware ESXi 安全漏洞

VMware ESXi is a server virtualization platform developed by the American company VMware, which can be directly installed on physical servers. VMware ESXi has a security vulnerability that stems from unreliable pointer dereferencing. This vulnerability could allow attackers to access kernel memor...

7.2CVSS5.8AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

WordPress plugin Tutor LMS 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.3CVSS5.8AI score0.00304EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

Bandit 安全漏洞

Bandit is a high-performance HTTP and WebSocket server developed by Mat Trudel. Versions of Bandit from 1.4.0 to 1.11.1 contained security vulnerabilities. These vulnerabilities stemmed from unlimited resource allocation, which could allow unauthenticated remote attackers to cause denial-of-servi...

8.7CVSS5.8AI score0.00642EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

curl 安全漏洞

curl is an open-source tool developed by cURL for transferring data from or to a server. There is a security vulnerability in curl, which stems from a failure in OCSP binding detection. This failure may lead to an incorrect assumption that the server’s certificate is valid...

5.3CVSS5.8AI score0.00267EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

WordPress plugin Avada Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

6.5CVSS5.9AI score0.00473EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a security vulnerability, which stems from a directory traversal...

6.9CVSS5.8AI score0.00886EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

ShellHub 安全漏洞

ShellHub is an open-source remote device access and management platform developed by ShellHub. Versions of ShellHub prior to 0.24.2 contained security vulnerabilities. These vulnerabilities stemmed from the GET /api/devices/:uid request, which returned the complete device object for any...

6.5CVSS5.9AI score0.00246EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

Grafana OSS 安全漏洞

Grafana OSS is an open-source visualization dashboard developed by Grafana. There are security vulnerabilities in Grafana OSS; these vulnerabilities stem from the Auth Proxy feature, which defaults to using /32 addresses when an IPv6 allowlist is applied, potentially leading to configuration issu...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Grafana OSS 安全漏洞

Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which arises from the possibility of users continuing to perform operations within a short period after their token permissions for service accounts have been revoked. Thi...

5.9CVSS5.8AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Firmament 安全漏洞

Firmament is an open-source autonomous pilot system developed by Firmament-Autopilot. There is a security vulnerability in Firmament, which stems from a buffer overflow in the taskmavobcentry function located in /comm/taskcomm.c...

7.3CVSS6AI score0.00235EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

ELECOM WRC 操作系统命令注入漏洞

ELECOM WRC is a home-use network camera produced by the Japanese company ELECOM. The ELECOM WRC has a vulnerability related to OS command injection. This vulnerability stems from an OS command injection flaw during the processing of the pingipaddr parameter, which may allow arbitrary OS commands ...

8.6CVSS7.2AI score0.01308EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.19 views

Playwright Capture 代码问题漏洞

Playwright Capture is an open-source web capture tool based on Playwright developed by Lookyloo. Versions of Playwright Capture prior to 1.39.6 contained code vulnerabilities. These vulnerabilities stemmed from insufficient restrictions on navigation and resource requests initiated by rendered...

8.7CVSS5.9AI score0.00319EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Corporation in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a security vulnerability, which stems from unpublicized requests made by...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.15 views

Bytello Share 代码问题漏洞

Bytello Share is a wireless screen-sharing and classroom collaboration software developed by Bytello Corporation. Bytello Share has a code vulnerability that stems from insecure loading of dynamic link libraries. This vulnerability could allow attackers to execute arbitrary code when a specially...

8.4CVSS7.5AI score0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.18 views

CKAN 安全漏洞

CKAN is an open-source data management system developed by CKAN itself. It is used to power data centers and data portals. Versions of CKAN prior to 2.10.10 and 2.11.5 contained security vulnerabilities. These vulnerabilities stemmed from a vulnerability in datastoresearchsql, which allowed...

9.1CVSS5.8AI score0.00367EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Hono 安全漏洞

Hono is a web framework written in TypeScript for the Hono community. Versions of Hono prior to 4.12.18 contained security vulnerabilities. These vulnerabilities stemmed from improper validation of the JWT NumericDate field in the hono/utils/jwt directory, allowing non-compliant declaration value...

3.8CVSS5.8AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Hono 安全漏洞

Hono is a web framework built in TypeScript for the Hono community. Versions of Hono prior to 4.12.18 contained security vulnerabilities. These vulnerabilities stemmed from the caching middleware not skipping the caching of responses that declared differences per user. This could result in cached...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.14 views

protobuf.js 代码注入漏洞

protobuf.js is an open-source implementation of the Protocol Buffers protocol, written entirely in JavaScript. It supports Node.js and browsers with TypeScript. It’s easy to use, extremely fast, and can be used out of the box through.proto files. Versions prior to 7.5.6 and 8.0.2 of protobuf.js h...

8.8CVSS5.9AI score0.00392EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Hono 注入漏洞

Hono is a web framework written in TypeScript for the Hono community. Versions of Hono prior to 4.12.18 had an injection vulnerability. This vulnerability stemmed from the JSX renderer’s tendency to escape HTML values of style property objects without escaping them with CSS. As a result, unexpect...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Hono 注入漏洞

Hono is a web framework written in TypeScript for the Hono community. Versions of Hono prior to 4.12.16 had an injection vulnerability. This vulnerability stemmed from improper handling of JSX element tag names in hono/jsx, allowing unvalidated tag names to be directly inserted into the generated...

6.1CVSS5.8AI score0.0014EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Hono 资源管理错误漏洞

Hono is a web framework built in TypeScript for the Hono community. Versions of Hono prior to 4.12.16 contained a resource management vulnerability. This vulnerability stemmed from the fact that the bodyLimit function did not reliably enforce the maxSize for requests without an available...

6.5CVSS5.8AI score0.00219EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

F5 BIG-IP和F5 BIG-IQ 安全漏洞

F5 BIG-IP and F5 BIG-IQ are both products from the American company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. This...

7.1CVSS5.8AI score0.00203EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Palo Alto Networks Prisma Access Agent 信任管理问题漏洞

Palo Alto Networks Prisma Access Agent is a zero-trust network access client agent developed by Palo Alto Networks. There are vulnerabilities in the Trust Management section of the Palo Alto Networks Prisma Access Agent for Android and Chrome OS. These vulnerabilities stem from improper certifica...

8.6CVSS5.8AI score0.00107EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Next.js 安全漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js from 13.4.6 to 15.5.16, as well as versions before 16.2.5, have security vulnerabilities. These vulnerabilities stem from deployments that rely on shared caching and have insufficient response partitioning. A cache corruption...

3.7CVSS5.8AI score0.00203EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Huawei HG630 信任管理问题漏洞

The Huawei HG630 is a home broadband wireless router gateway device produced by the Chinese company Huawei. The Huawei HG630 V2 has a trust management vulnerability; this issue stems from an authentication bypass mechanism, which allows unauthorized attackers to obtain administrative access by...

8.7CVSS5.8AI score0.00356EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.16 views

Fleet 安全漏洞

Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. There is a security vulnerability in Fleet, which stems...

9.9CVSS5.9AI score0.00379EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the shared bit fields for the claimed and retune control flags. This vulnerability may lead to unexpect...

5.8AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

Garmin WDU 安全漏洞

Garmin WDU is a wireless data unit developed by Garmin Corporation, designed for data updates and maintenance of aviation electronic devices. Both the Garmin WDU v1 1.4.6 version and v2 5.0 version contain security vulnerabilities. These vulnerabilities stem from authentication bypasses, allowing...

7.3CVSS5.9AI score0.00297EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

F5 BIG-IP 资源管理错误漏洞

F5 BIG-IP is an application delivery platform developed by F5 Networks in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a resource management vulnerability in F5 BIG-IP. This vulnerability arises when P...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

SQLBot 安全漏洞

SQLBot is an intelligent data querying system developed by DataEase, based on large models and RAG techniques. Versions of SQLBot prior to 1.8.0 contained security vulnerabilities. These vulnerabilities stemmed from cross-workpace IDOR and authorization bypasses in the...

8.6CVSS5.8AI score0.00249EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. This includes smartphones, tablets, etc. Versions of Samsung Mobile devices prior to SMR May-2026 Release 1 contained security vulnerabilities. These vulnerabilities were due to improper input...

6.8CVSS5.8AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Corporation in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability arises from the...

6.3CVSS5.8AI score0.00293EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

CubeCart 代码注入漏洞

CubeCart is an open-source e-commerce software developed by CubeCart. Prior to version 6.7.3, there was a code injection vulnerability in CubeCart. This vulnerability stemmed from administrators with document editing privileges being able to save raw PHP code in the invoice editor. As a result,...

7.2CVSS5.9AI score0.00306EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Palo Alto Networks Prisma SD-WAN ION 信任管理问题漏洞

Palo Alto Networks Prisma SD-WAN ION is a series of next-generation software-defined enterprise branch devices from the American company Palo Alto Networks, capable of integrating 4G or 5G cellular network access. There is a vulnerability in Palo Alto Networks Prisma SD-WAN ION related to trust...

7.7CVSS5.8AI score0.00107EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Flight SQL注入漏洞

Flight is a PHP microframework developed by Mike Cao. Versions of Flight prior to 3.18.1 contained an SQL injection vulnerability. This vulnerability occurred because the methods SimplePdo::insert, SimplePdo::update, and SimplePdo::delete directly concatenated the $table parameter and the keys fr...

8.8CVSS5.8AI score0.00396EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Garmin WDU 安全漏洞

Garmin WDU is a wireless data unit developed by Garmin Corporation, designed for data updates and maintenance of aviation electronic equipment. Versions 1.1.6 and 2.5.0 of Garmin WDU contain security vulnerabilities. These vulnerabilities stem from allowing reflective cross-site scripting attacks...

5CVSS5.9AI score0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a security vulnerability, which stems from an undisclosed TMOS Shell...

6.7CVSS5.8AI score0.00083EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.14 views

Cowlib 安全漏洞

Cowlib is a web protocol message parsing and building library developed by Nine Nines. Versions of Cowlib from 0.1.0 to 2.16.1 contained security vulnerabilities. These vulnerabilities were due to improper handling of highly compressed data. The cowspdy:inflate/2 function did not limit the output...

8.2CVSS5.8AI score0.00511EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP, which stems from the possibility for...

8.7CVSS5.8AI score0.0048EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

F5 BIG-IP和F5 BIG-IQ 安全漏洞

F5 BIG-IP and F5 BIG-IQ are both products from the American company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. This...

8.7CVSS5.9AI score0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Corporation in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability stems from a flaw in...

8.7CVSS6.1AI score0.00235EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

urllib3 安全漏洞

urllib3 is an open-source Python HTTP library developed by urllib3. This product features a thread-safe connection pool and support for file publishing. There were security vulnerabilities in the versions of urllib3 from 2.6.0 to 2.7.0. These vulnerabilities stemmed from the possibility of...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

Flight 安全漏洞

Flight is a PHP microframework developed by Mike Cao. Versions of Flight prior to 3.18.1 contained security vulnerabilities. These vulnerabilities stemmed from the unconditional acceptance of the X-HTTP-Method-Override header and the$REQUESTmethod parameter by the Request::getMethod method. This...

7.5CVSS5.8AI score0.0031EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

MISP 输入验证错误漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics, and it includes features such as analysis of threats to network security and malware analysis. Prior to MISP 2.5.37, there was a...

5.3CVSS5.8AI score0.00178EPSS
Exploits0References1
Total number of security vulnerabilities195539