Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe InCopy 安全漏洞

Adobe InCopy is a text editing software for creative purposes developed by Adobe, Inc. Versions of Adobe InCopy such as 21.3, 20.5.3, and earlier versions have security vulnerabilities. These vulnerabilities stem from heap buffer overflow exploits, which could allow arbitrary code to execute with...

7.8CVSS6.2AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Spring Framework 访问控制错误漏洞

The Spring Framework is an application development framework developed by Spring in open source. Versions 5.3.0 to 5.3.48 of the Spring Framework contain a security access control vulnerability. This vulnerability arises from potential security bypasses when using the Kotlin Router DSL...

5.3CVSS5.3AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Office Excel 竞争条件问题漏洞

Microsoft Excel is a spreadsheet software within the Office suite developed by the American company Microsoft. There is a code execution vulnerability in Microsoft Excel, and attackers can exploit this vulnerability to execute arbitrary code on the system...

7CVSS7.7AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

WordPress plugin WP ApplicantStack Jobs Display 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.4AI score0.00181EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Tenda O3 Wireless Router 安全漏洞

The Tenda O3 is an outdoor wireless bridge produced by the Chinese company Tenda. Version 1.0.0.54180 of the Tenda O3 Wireless Router contains a security vulnerability. This vulnerability stems from a stack overflow in the domain parameter within the fromNetToolGet function, which could allow...

7.5CVSS5.5AI score0.00397EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Windows NTLM 日志信息泄露漏洞

Microsoft Windows is an operating system used on personal devices by the American company Microsoft. Microsoft Windows NTLM has a vulnerability that allows for information leakage. Attackers can exploit this vulnerability to obtain sensitive information. The following products and versions are...

7.5CVSS6.6AI score0.00662EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Huawei EMUI和Huawei HarmonyOS 授权问题漏洞

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei. Huawei EMUI is a mobile operating system developed based on Android. Huawei HarmonyOS is an operating system that provides a full-scenario distributed operating system based on a microkernel. There are authorization...

6.6CVSS6AI score0.00079EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Apache Airflow 路径遍历漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a path traversal vulnerability in the Apache...

6.5CVSS5.4AI score0.00695EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

NETGEAR Routers 输入验证错误漏洞

NETGEAR Routers are a series of routers produced by NETGEAR, a company in the United States. NETGEAR Routers have a vulnerability related to input validation. This vulnerability stems from insufficient input validation, which may allow administrators who have passed authentication to make...

7.1CVSS5.4AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.25 views

Microsoft Windows Telephony Server 竞争条件问题漏洞

Microsoft Windows Telephony Server is a component of the American company Microsoft. It supports the Telephone Application Programming Interface TAPI, allowing computer programs to communicate with shared telephone services. There are vulnerabilities related to competition conditions in Microsoft...

7CVSS5.3AI score0.00205EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

389 Directory Server 缓冲区错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. 389 Directory Server has a buffer error vulnerability, which stems from the LDIF parser’s tendency to read from the end of the heap buffer when processing attribute typ...

6.5CVSS5.6AI score0.0016EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Dell/Alienware Purchased Apps 后置链接漏洞

Dell/Alienware Purchased Apps is a pre-installed software management tool developed by the American company Dell. Versions of Dell/Alienware Purchased Apps prior to 1.1.32.0 contained a backlink vulnerability. This vulnerability stemmed from improper link resolution before file access, which coul...

6.3CVSS5.5AI score0.00097EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from insufficie...

7.1CVSS5.3AI score0.00368EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Schneider Electric Data Center Expert 代码问题漏洞

Schneider Electric Data Center Expert is a data monitoring software developed by Schneider Electric, a multinational technology company. Schneider Electric Data Center Expert has a code vulnerability caused by improper restrictions on XML external entity references. This vulnerability could allow...

7.1CVSS5.4AI score0.00233EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Apptha Slider Gallery SQL注入漏洞

Apptha Slider Gallery is a website image carousel and gallery display plugin provided by Apptha Corporation. Version 1.0 of Apptha Slider Gallery has a SQL injection vulnerability. This vulnerability stems from insufficient cleaning of the albid parameter, which may allow unauthenticated attacker...

8.8CVSS5.7AI score0.00295EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

VMware Spring Framework 代码问题漏洞

VMware Spring Framework is an open-source Java and JavaEE application framework developed by VMware, Inc. This framework helps developers build high-quality applications. Versions of the VMware Spring Framework prior to 7.0.0, 6.2.0, 6.1.0, and 5.3.0 contain code vulnerabilities. These...

9.8CVSS5.7AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

NETGEAR Routers 输入验证错误漏洞

NETGEAR Routers are a series of routers produced by NETGEAR, a company in the United States. NETGEAR Routers have a vulnerability related to input validation. This vulnerability stems from insufficient input validation, which may allow administrators who are connected to the local network and hav...

6.8CVSS5.3AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

DBI 缓冲区错误漏洞

DBI is a Perl database interface tool developed under the open-source license of perl5-dbi. Versions of DBI prior to 1.648 contained a buffer error vulnerability. This vulnerability stemmed from the lack of length limitation when error messages were written into a 200-byte buffer, which could lea...

9.8CVSS5.7AI score0.00376EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.8 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.2AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

VMware Spring HATEOAS 安全漏洞

VMware Spring HATEOAS is a REST API hypermedia development framework provided by the American company VMware. Vulnerabilities exist in versions 1.5.0 to 1.5.6, 2.3.0 to 2.3.4, 2.4.0 to 2.4.1, 2.5.0 to 2.5.2, and 3.0.0 to 3.0.3 of VMware Spring HATEOAS. These vulnerabilities stem from the...

7.5CVSS5.3AI score0.00299EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Siemens SINEC INS 安全漏洞

Siemens SINEC INS is a software developed by Siemens, a German company, that provides central services for network infrastructure. Versions of Siemens SINEC INS prior to S1.0 SP2 Update 6 contained security vulnerabilities. These vulnerabilities stemmed from the GET /api/sftp/uploadFiles endpoint...

5.3CVSS5.3AI score0.00242EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Windows SDK 数字错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability in input validation of Microsoft Windows. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows 11...

7.8CVSS5.9AI score0.00286EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe Experience Manager Forms 跨站脚本漏洞

Adobe Experience Manager Forms is a form content management solution developed by Adobe, a company based in America. This product includes features for form creation, management, publishing, as well as communication management, document security, and integration analysis. The Adobe Experience...

9.3CVSS5.1AI score0.00243EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Office 缓冲区错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a security vulnerability in Microsoft Office, which stems from type confusion. This...

8.4CVSS7.1AI score0.00438EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Hermes Web UI 操作系统命令注入漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.311 contained a vulnerability related to operating system command injection. This vulnerability stemmed from a problem with remote code execution, which could allow...

8.8CVSS6.3AI score0.00945EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Windows Kernel 资源管理错误漏洞

The Microsoft Windows Kernel is the kernel of the Windows operating system developed by Microsoft Corporation. There is a resource management vulnerability in the Microsoft Windows Kernel. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are...

7.8CVSS5.4AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Remote Desktop Client 资源管理错误漏洞

Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft Remote Desktop Client. Attackers can exploit this vulnerability to execute code. The following products and versions are affected: Windows 10...

8.8CVSS5.6AI score0.00602EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Azure 资源管理错误漏洞

Microsoft Azure is an open enterprise-level cloud computing platform provided by the American company Microsoft. There is a resource management vulnerability in Microsoft Azure. Currently, there is no information regarding this vulnerability. Please stay informed by following CNNVD or the vendor’...

8.2CVSS5.3AI score0.00324EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Skilja Vinna Process Monitor 跨站脚本漏洞

Skilja Vinna Process Monitor is a business process monitoring platform developed by Skilja Corporation. The Skilja Vinna Process Monitor 4.0 Service Pack 1 version contains a cross-site scripting vulnerability. This vulnerability stems from a storage-based cross-site scripting flaw, which could...

9.3CVSS5.1AI score0.00242EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Omnissa Workspace ONE Assist for macOS 路径遍历漏洞

Omnissa Workspace ONE Assist for macOS is an enterprise remote assistance client developed by the American company Omnissa. Omnissa Workspace ONE Assist for macOS has a path traversal vulnerability, which stems from issues with local privilege escalation...

7.8CVSS5.3AI score0.00132EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe InDesign Desktop 安全漏洞

Adobe InDesign Desktop is a professional desktop publishing software, primarily used for page design, printing, and digital publishing. Adobe InDesign Desktop has a heap buffer overflow vulnerability, which stems from improper handling of certain file data, leading to out-of-bound writes to the...

7.8CVSS6.5AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Windows Kernel 缓冲区错误漏洞

The Microsoft Windows Kernel is the kernel of the Windows operating system developed by Microsoft Corporation. There are security vulnerabilities in the Microsoft Windows Kernel. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versions are affecte...

7CVSS5.8AI score0.00251EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Nuance PowerScribe 360 反序列化漏洞

Microsoft Nuance PowerScribe is a medical speech recognition and report generation system for radiologists developed by Microsoft. There are code-related vulnerabilities in Microsoft Nuance PowerScribe. Attackers can exploit these vulnerabilities to execute code remotely. The following products a...

9.8CVSS5.8AI score0.01914EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

VMware Spring Framework 代码问题漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, Inc. This framework helps developers build high-quality applications. VMware Spring Framework versions 7.0.0 and earlier, as well as 6.2.0 and earlier, have code vulnerabilities. These vulnerabilities...

6.5CVSS5.5AI score0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows DHCP Server 缓冲区错误漏洞

Microsoft Windows DHCP Server is a core service of the American company Microsoft, used for automatically retrieving network configuration information. There is a buffer error vulnerability in Microsoft Windows DHCP Server. Attackers can exploit this vulnerability to obtain sensitive information...

6.8CVSS5.7AI score0.00338EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

SAP NetWeaver AS Java 跨站脚本漏洞

SAP NetWeaver AS Java is a platform system developed by the German company SAP. SAP NetWeaver AS Java has a cross-site scripting vulnerability, which stems from reflective cross-site scripting and may allow malicious scripts to be executed...

6.1CVSS4.9AI score0.00199EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Tenda W20E 安全漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a security vulnerability. This vulnerability stems from a buffer overflow in the bindMACAddr parameter of the fromSetDhcpRules function, which could allow attackers to cause...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

NETGEAR Routers 输入验证错误漏洞

NETGEAR Routers are a series of routers produced by NETGEAR, a company in the United States. NETGEAR Routers have a vulnerability related to input validation. This vulnerability stems from insufficient authentication and input validation, which may allow unauthorized users on the local network to...

8.8CVSS5.4AI score0.00235EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Win32k 数字错误漏洞

Microsoft Win32k is a system file used for multi-user management in Windows by Microsoft Corporation. There is an input validation vulnerability in Microsoft Win32k-GRFX. Attackers can exploit this vulnerability to execute code. The following products and versions are affected: Windows 10 Version...

7.8CVSS5.8AI score0.00437EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

FreeSWITCH 授权问题漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.1, there was an...

4.3CVSS5.4AI score0.00172EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Windows 权限许可和访问控制问题漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a access control vulnerability in Microsoft Windows. Attackers can exploit this vulnerability to bypass certain features. The following products and versions are affected: Windows 11...

7.8CVSS5.9AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Huawei HarmonyOS 信息泄露漏洞

Huawei HarmonyOS is an operating system developed by Huawei Technologies Co., Ltd. It is a full-scenario distributed operating system based on a microkernel architecture. HUAWEI HarmonyOS has a vulnerability related to information leakage, which stems from the permission control of the file previ...

5.5CVSS5.3AI score0.00087EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Huawei HarmonyOS 访问控制错误漏洞

Huawei HarmonyOS is a distributed operating system designed for various scenarios, primarily providing seamless experiences across devices and memory management capabilities. There is an access control vulnerability in the package management module of Huawei HarmonyOS. The cause of this...

5.2CVSS5.9AI score0.00078EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Spring Framework 资源管理错误漏洞

The Spring Framework is an application development framework developed by Spring in open source. Vulnerabilities related to resource management exist in versions 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 of the Spring Framework. These vulnerabilities stem from potentia...

7.5CVSS5.2AI score0.00399EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft DWM Core Library 资源管理错误漏洞

The Microsoft DWM Core Library is a core library of Microsoft Windows from the company Microsoft. There is a resource management vulnerability in the Microsoft DWM Core Library. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected:...

7.8CVSS5.4AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

FastApiAdmin 跨站脚本漏洞

FastApiAdmin is a full-stack rapid development platform based on FastAPI, developed by fastapiadmin. Version 2.2.0 of FastApiAdmin contains a cross-site scripting vulnerability. This vulnerability stems from the /system/notice/create endpoint, which has a cross-site scripting vulnerability relate...

6.1CVSS5.4AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

WordPress plugin Simply Poll SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft DWM Core Library 资源管理错误漏洞

The Microsoft DWM Core Library is a core library of Microsoft Windows from the company Microsoft. There is a resource management vulnerability in the Microsoft DWM Core Library. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected:...

7.8CVSS5.4AI score0.00267EPSS
Exploits0References1
Total number of security vulnerabilities195539