Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

HashiCorp Nomad和HashiCorp Nomad Enterprise 后置链接漏洞

HashiCorp Nomad and HashiCorp Nomad Enterprise are both products from HashiCorp, a company based in the United States. HashiCorp Nomad is a simple and flexible scheduler and orchestrator. It’s used for managing containers and non-containerized applications on both local and cloud environments...

6CVSS5.9AI score0.00169EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Machine Learning Engineering Open Book 安全漏洞

Machine Learning Engineering Open Book is a collection of methodologies for training and fine-tuning large language models developed by Stas Bekman. There is a security vulnerability in Machine Learning Engineering Open Book. This vulnerability arises from the use of the torch-checkpoint-shrink.p...

9.8CVSS6.1AI score0.00486EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Pingvin Share 授权问题漏洞

Pingvin Share is a self-hosted file sharing platform developed by Elias Schneider as an individual project. Versions of Pingvin Share from 1.14.1 to 1.16.2 have vulnerabilities related to authorization. These vulnerabilities stem from critical authentication bypass exploits, which could allow...

9.1CVSS5.9AI score0.00299EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Adobe Connect 安全漏洞

Adobe Connect is a software developed by Adobe in the United States, used to create meeting environments. There is a security vulnerability in Adobe Connect, which stems from incorrect authorization settings. This vulnerability may allow for the execution of arbitrary code within the current user...

9.3CVSS6.2AI score0.00436EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Adobe CAI Content Credentials 资源管理错误漏洞

Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. There is a resource management vulnerability in Adobe CAI Content Credentials; this vulnerability stems fr...

6.2CVSS5.8AI score0.00202EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Intel QAT software drivers for Windows 安全漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions prior to Intel QAT software drivers for Windows 1.13 contain security vulnerabilities. These vulnerabilities stem from...

6.9CVSS6AI score0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a buffer overflow vulnerability, which was caused by an out-of-bounds write issue in the Codecs component. This vulnerability could allow remote attackers to execute a sandbox escap...

8.3CVSS6.2AI score0.00246EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

WordPress plugin Hustle 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Dell PowerScale InsightIQ 安全漏洞

Dell PowerScale InsightIQ is a powerful performance monitoring and reporting tool developed by the American company Dell. Versions 5.0.0 to 6.2.0 of Dell PowerScale InsightIQ contain security vulnerabilities. These vulnerabilities stem from issues with unnecessary permission executions, which cou...

6.7CVSS5.8AI score0.00119EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.14 views

Microsoft Azure Machine Learning 注入漏洞

Microsoft Azure Machine Learning is a machine learning service provided by Microsoft Corporation in the United States. There is an injection vulnerability present in Microsoft Azure Machine Learning. Attackers utilize this vulnerability to carry out phishing attacks...

8.2CVSS5.8AI score0.00498EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Subnet Solutions PowerSYSTEM Center 安全漏洞

Subnet Solutions PowerSYSTEM Center is a power solution offered by Subnet Solutions Corporation. There is a security vulnerability present in Subnet Solutions PowerSYSTEM Center, which stems from the fact that device endpoints allow low-privilege authenticated users to access information that is...

6.9CVSS5.8AI score0.00161EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the Passwords component’s policies, which could allow a remote attacker with access to a broken...

7.5CVSS6.1AI score0.00257EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Adobe Substance3D Designer 缓冲区错误漏洞

Adobe Substance3D Designer is a texture and material creation software developed by Adobe Inc. Versions of Adobe Substance3D Designer 15.1.0 and earlier contain a buffer error vulnerability, which stems from out-of-buffer writes, potentially allowing arbitrary code to execute in the current user...

7.8CVSS6.3AI score0.00149EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

OptiMate 安全漏洞

OptiMate is an AI model optimization tool library developed by Nebuly. There is a security vulnerability in OptiMate. This vulnerability stems from the loadmodel function in the neuralmagictraining.py script, which directly executes the content of the module.py file located in the user-provided...

9.8CVSS6AI score0.00426EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

WordPress plugin FastBots 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.4CVSS5.8AI score0.00195EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

ksmbd 缓冲区错误漏洞

ksmbd is an open-source CIFS/SMB3 server created by Namjae Jeon for the Linux kernel. It implements the SMB/CIFS protocol within the kernel space, used for sharing files and IPC services over a network. ksmbd has a buffer error vulnerability, which stems from remote memory corruption in the ACL...

6.1AI score0.00179EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by an integer overflow issue in the ANGLE component. This vulnerability could allow remote attackers to execute out-of-bound memory writes...

4.3CVSS6AI score0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a race condition vulnerability, which originated from a race condition issue in the Payments component. This vulnerability could allow remote attackers to exploit the system by usin...

8.3CVSS5.8AI score0.00166EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

WordPress plugin Pricing Tables for WP 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.1CVSS5.6AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Microsoft SharePoint 代码问题漏洞

Microsoft SharePoint is a corporate business collaboration platform developed by Microsoft Corporation in the United States. This platform is used for integrating business information and enabling sharing of work, collaboration with others, organization of projects and teams, as well as searching...

8.8CVSS5.9AI score0.01967EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a reuse issue in the Aura component after release, which could allow remote attackers who have breached the...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Microsoft Word 资源管理错误漏洞

Microsoft Word is a word processing software within the Office suite developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft Word. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected: Microsoft...

8.4CVSS6.2AI score0.00605EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

SAP NetWeaver ABAP Platform和SAP NetWeaver Application Server for ABAP 代码注入漏洞

SAP NetWeaver ABAP Platform and SAP NetWeaver Application Server for ABAP are both products of SAP, a German company. SAP NetWeaver ABAP Platform is an integrated technology platform. SAP NetWeaver Application Server for ABAP is a core application server platform. Both SAP NetWeaver ABAP Platform...

4.3CVSS6AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Adobe CAI Content Credentials 输入验证错误漏洞

Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. Versions of Adobe CAI Content Credentials such as 0.78.2, 0.7.0, and earlier versions contained...

6.2CVSS5.8AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

SAP HANA Deployment Infrastructure deploy library SQL注入漏洞

SAP HANA Deployment Infrastructure deploy library is a deployment support library developed by SAP, a German company, for the deployment and lifecycle management of SAP HANA applications. The SAP HANA Deployment Infrastructure deploy library contains a SQL injection vulnerability. This...

3.4CVSS5.9AI score0.00173EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by integer overflow in Skia. This vulnerability could allow remote attackers who have compromised rendering processes to execute...

7.5CVSS6AI score0.00214EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with the reuse of resources after their release, which could allow remote attackers who have breached...

3.1CVSS6AI score0.00158EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with the Tab Groups component regarding the reuse of resources after release. It could allow remote...

7.5CVSS6.2AI score0.00157EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.168 contained security vulnerabilities, which were caused by improper implementation of Views. These vulnerabilities could allow remote attackers to execute UI spoofing through...

4.2CVSS6AI score0.00138EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Ivanti Endpoint Manager 安全漏洞

Ivanti Endpoint Manager EPM is a set of endpoint security managers developed by the American company Ivanti. Versions of Ivanti Endpoint Manager prior to EPM 2024 SU6 contained security vulnerabilities. These vulnerabilities were due to improper delegation of permissions by agents, which could...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.7 views

OptiMate 安全漏洞

OptiMate is an AI model optimization tool library developed by Nebuly. There is a security vulnerability in OptiMate. This vulnerability stems from the loadmodel function in the neuralmagictraining.py script, which loads model files using torch.load, without enabling the weightsonly=True paramete...

8.8CVSS6.2AI score0.00559EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Fortinet FortiDeceptor 参数注入漏洞

Fortinet FortiDeceptor is a network threat detection platform developed by the American company Fortinet. This platform primarily exploits deceptive techniques to uncover network threats. Versions of Fortinet FortiDeceptor, ranging from 6.0.0 to 6.0.2, 5.3.0 to 5.3.3, 5.2.0 to 5.2.1, all versions...

6.5CVSS5.8AI score0.00241EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Intel Data Center Graphics Driver 缓冲区错误漏洞

The Intel Data Center Graphics Driver is a set of graphics drivers developed by Intel Corporation for data center GPUs and graphics acceleration devices. Versions of the Intel Data Center Graphics Driver prior to 2.0.2 contained a buffer error vulnerability. This vulnerability stemmed from...

8.3CVSS6AI score0.0012EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with the reuse of resources after they were released in the Network component. It could allow remote...

8.3CVSS5.9AI score0.00267EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Intel Slim Bootloader 输入验证错误漏洞

Intel Slim Bootloader is a lightweight security bootloader designed by Intel Corporation for the Intel platform. There is an input validation vulnerability in Intel Slim Bootloader, which stems from an integer overflow issue in the UEFI firmware. This vulnerability may lead to privilege escalatio...

8.7CVSS6.1AI score0.00125EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Ivanti Xtraction 安全漏洞

Ivanti Xtraction is a data analysis and visualization reporting platform developed by the American company Ivanti, designed for IT operations and service management scenarios. Versions of Ivanti Xtraction prior to 2026.2 contained security vulnerabilities. These vulnerabilities stemmed from...

9.6CVSS6.1AI score0.00869EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Microsoft Office 访问控制错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is an access control error vulnerability in Microsoft Office. Attackers utilize this...

7.7CVSS5.8AI score0.00222EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient trustworthiness in Skia’s input validation mechanisms, which could allow remote attackers t...

3.1CVSS6AI score0.00134EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Ivanti Secure Access Client 竞争条件问题漏洞

Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Versions of Ivanti Secure Access Client prior to 22.8R6 contained a race condition vulnerability. This vulnerability was caused by race conditions, which could lead to local authenticated users...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by a heap buffer overflow issue in the ANGLE component. This vulnerability could allow remote attackers to exploit the system through...

8.3CVSS6AI score0.00229EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

OptiMate 安全漏洞

OptiMate is an AI model optimization tool library developed by Nebuly. There is a security vulnerability in OptiMate. This vulnerability stems from the loadmodel function in the neuralmagictraining.py script, which loads the statedict.pt file using torch.load, without enabling the weightsonly=Tru...

8.8CVSS6.2AI score0.00559EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Intel QAT software drivers for Windows 代码问题漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions of Intel QAT software drivers for Windows prior to version 1.13 contain a code vulnerability caused by a null pointer...

6.9CVSS5.9AI score0.00101EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by a heap buffer overflow in the WebML component. This vulnerability could allow remote attackers to exploit the compromised heap through...

8.8CVSS6AI score0.00259EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Intel Ethernet 800-Series 资源管理错误漏洞

Intel Ethernet 800-Series is a series of network adapters developed by the American company Intel. Versions prior to 2.3.14 of Intel Ethernet 800-Series contained a resource management vulnerability caused by reusing resources after they were released, which could lead to a denial-of-service atta...

6.8CVSS5.8AI score0.00104EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Cribl 安全漏洞

Cribl is a log analysis tool. Versions of Cribl prior to 4.17.1 have security vulnerabilities. There is currently no information regarding these vulnerabilities. Please stay informed by following CNNVD or the vendor’s announcements...

9.8CVSS5.8AI score0.00889EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Fortinet FortiTokenAndroid 安全漏洞

Fortinet FortiTokenAndroid is a mobile security authentication application developed by Fortinet, Inc. It provides two-factor authentication and dynamic password generation features. There are security vulnerabilities in all versions of Fortinet FortiTokenAndroid, including 6.2, 6.1, and 5.2. The...

5.5CVSS5.8AI score0.00097EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the Google Lens component after its release, potentially allowing remote attackers with access to t...

6.5CVSS5.8AI score0.00229EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability caused by a problem with the Dawn object lifecycle. This vulnerability could allow remote attackers to obtain sensitive information from the process memory...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft Win32k 安全漏洞

Microsoft Win32k is a system file used by Microsoft for multi-user management in Windows operating systems. There are security vulnerabilities in Microsoft Win32k. Attackers can exploit these vulnerabilities to execute code remotely. The following products and versions are affected: Windows 11...

8.8CVSS6AI score0.00427EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

WordPress plugin Coinbase Commerce for Contact Form 7 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References1
Total number of security vulnerabilities195539