Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/12 12:0 a.m.19 views

ABIS BAPSİS 安全漏洞

ABIS BAPSİS is a research information system developed by the Turkish company ABIS, aimed at university research projects, academic budgets, and administrative processes management. Previous versions of ABIS BAPSİS, such as v.202604152042, contained security vulnerabilities. These vulnerabilities...

8.8CVSS5.8AI score0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft Office PowerPoint 访问控制错误漏洞

Microsoft Office PowerPoint is a software tool developed by the American company Microsoft for creating presentation documents PPTs. Microsoft Office PowerPoint has a security vulnerability related to access control. Attackers can exploit this vulnerability to carry out deceptive attacks...

7.1CVSS5.8AI score0.00292EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.24 views

dssrf 安全漏洞

DSSRF is a URL and network verification library developed by RelunSec’s individual developers, designed for defending against SSRF vulnerabilities. Versions of DSSRF prior to 1.3.0 contained security vulnerabilities, which stemmed from the ability to bypass the isurlsafe check for each IPv6...

8.7CVSS5.8AI score0.00349EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Microsoft .NET 输入验证错误漏洞

Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and transparency in networking. There is an input validation vulnerability in Microsoft .NET. Attackers c...

7.3CVSS5.8AI score0.00662EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Microsoft Windows TCP/IP 代码问题漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There are code-related vulnerabilities in Microsoft Windows TCP/IP. Attackers can exploit these vulnerabilities to cause system denial-of-service attacks. The followin...

7.4CVSS5.8AI score0.00528EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.26 views

WordPress plugin Voyage Plus 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.9AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Adobe Illustrator 代码问题漏洞

Adobe Illustrator is a vector-based image creation software developed by Adobe, a company based in America. There is a code vulnerability in Adobe Illustrator, which stems from a null pointer dereferencing. This vulnerability may lead to a denial-of-service attack on the application. The followin...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

WordPress plugin Court Reservation – Manage Your Court Bookings Online SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.5CVSS5.9AI score0.00273EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the Media component after its release, which could allow remote attackers to execute arbitrary code...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.16 views

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. There are security vulnerabilities in Microsoft SQL Server. Attackers can exploit these vulnerabilities to execute code remotely. The following...

8.8CVSS6AI score0.00555EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Microsoft Win32k 资源管理错误漏洞

Microsoft Win32k is a system file used by Microsoft for multi-user management in Windows operating systems. There is a resource management vulnerability in Microsoft Win32k. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windo...

7CVSS5.8AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the Media component after its release, which could allow remote attackers to execute arbitrary code...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by an integer overflow issue in the ANGLE component. This vulnerability could allow remote attackers to execute out-of-bound memory writes...

8.8CVSS6AI score0.00234EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Microsoft Windows TCP/IP 竞争条件问题漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There is a vulnerability related to race conditions in Microsoft Windows TCP/IP. Attackers can exploit this vulnerability to gain elevated privileges. The following...

7.8CVSS5.8AI score0.00205EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

WordPress plugin Forms Rb 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft M365 Copilot 命令注入漏洞

Microsoft M365 Copilot is an AI-driven productivity tool developed by the American company Microsoft. Microsoft M365 Copilot has a command injection vulnerability. Attackers can exploit this vulnerability to alter information...

7.5CVSS5.8AI score0.00399EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

WordPress plugin WP Travel SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.7CVSS5.9AI score0.00209EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

WordPress plugin scratchblocks for WP 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

6.4CVSS5.9AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Core components after their release, which could allow remote attackers with access to the renderin...

8.3CVSS5.9AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs in the SiteIsolation component. It was possible for remote...

4.3CVSS5.8AI score0.00196EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability caused by integer overflow in the GPU component. This vulnerability could allow remote attackers with access to the damaged rendering process to execute a...

8.3CVSS6AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

SAP S/4HANA Condition Maintenance 安全漏洞

SAP S/4HANA Condition Maintenance is a conditional maintenance function module developed by SAP, a German company, dedicated to enterprise sales, procurement, and pricing rule management. There is a security vulnerability in SAP S/4HANA Condition Maintenance. This vulnerability stems from the lac...

6.3CVSS5.8AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Microsoft Windows TCP/IP 代码问题漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There are code-related vulnerabilities in Microsoft Windows TCP/IP. Attackers can exploit these vulnerabilities to cause system denial-of-service attacks. The followin...

7.1CVSS5.8AI score0.00331EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Microsoft Win32k 安全漏洞

Microsoft Win32k is a system file used by Microsoft for multi-user management in Windows operating systems. There are security vulnerabilities in Microsoft Win32k. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versions are affected: Windows 10...

7.8CVSS5.8AI score0.00345EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in the IFrame Sandbox component, which could allow remote attackers to bypass navigation...

4.3CVSS6AI score0.00182EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

kubectl-mcp-server 安全漏洞

kubectl-mcp-server is a tool developed by Rohit Ghumare, a personal developer, for managing Kubernetes clusters using natural language. Version 1.1.1 of kubectl-mcp-server contains a security vulnerability. This vulnerability allows attackers to execute arbitrary code on the victim’s system throu...

9.8CVSS6.2AI score0.00578EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with the release-after-reuse mechanism in the Downloads component, which could allow remote attackers ...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Heym 路径遍历漏洞

Heym is an open-source AI-native workflow automation platform developed by heymrun. Versions of Heym prior to 0.0.21 contained a path traversal vulnerability. This vulnerability stemmed from the file upload endpoint’s lack of protection against path traversal attacks. As a result, authenticated...

7.6CVSS5.9AI score0.00355EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.16 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by improper implementations in the Downloads component. This vulnerability could allow attackers to execute UI deception after users insta...

4.7CVSS5.9AI score0.00134EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

E-Kalite Turboard FOR-S 安全漏洞

E-Kalite Turboard FOR-S is a digital management system developed by the Turkish company E-Kalite, designed for quality management and enterprise process monitoring scenarios. Versions of E-Kalite Turboard FOR-S prior to version 7.01.2026 to 18.02.2026 contained security vulnerabilities. These...

8.8CVSS5.8AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Mozilla Firefox 缓冲区错误漏洞

Mozilla Firefox is an open-source web browser developed by the Mozilla Foundation in the United States. Versions of Mozilla Firefox prior to 150.0.3 contained a buffer error vulnerability, which was caused by a boundary condition error in the JavaScript Engine’s JIT component...

6.5CVSS6AI score0.00244EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Adobe Substance3D Designer 缓冲区错误漏洞

Adobe Substance3D Designer is a texture and material creation software developed by Adobe Inc. Versions of Adobe Substance3D Designer 15.1.0 and earlier contain a buffer error vulnerability, which stems from out-of-buffer writes, potentially allowing arbitrary code to execute in the current user...

7.8CVSS6.3AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Adobe Substance3D Designer 路径遍历漏洞

Adobe Substance3D Designer is a texture and material creation software developed by Adobe Inc. Versions of Adobe Substance3D Designer 15.1.0 and earlier have a path traversal vulnerability. This vulnerability stems from path traversal attacks, which may lead to arbitrary file system access...

6.3CVSS5.9AI score0.00177EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Adobe Connect 代码问题漏洞

Adobe Connect is a software developed by Adobe, a company based in the United States, used to create meeting environments. There is a code vulnerability in Adobe Connect, which stems from deserializing untrusted data, potentially allowing arbitrary code to execute in the current user environment...

9.6CVSS6.2AI score0.00635EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.7 views

JunoClaw 代码问题漏洞

JunoClaw is a decentralized AI proxy platform developed by Dragonmonk111. Versions of JunoClaw prior to 0.x.y-security-1 contained code vulnerabilities. These vulnerabilities stemmed from the computeDataVerify function in the WAVS bridge, which did not validate the protocol, port, or parse the IP...

8.2CVSS5.9AI score0.0023EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

YAML::Syck 安全漏洞

YAML::Syck is a Perl library open-sourced by CPAN authors. Versions of YAML::Syck prior to 1.38 contained security vulnerabilities. These vulnerabilities stemmed from the base60 parsing code in perlsyck.h, which experienced a buffer underflow. When processing the leftmost segment of colon-separat...

7.3CVSS6.1AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.14 views

JunoClaw 操作系统命令注入漏洞

JunoClaw is a decentralized AI proxy platform developed by Dragonmonk111. Versions prior to JunoClaw 0.x.y-security-1 contained an operating system command injection vulnerability. This vulnerability stemmed from a substring blacklist in the plugin-shell command security check, which could be...

8.4CVSS5.8AI score0.00171EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

YAFNET 跨站脚本漏洞

YAFNET is an ASP.NET open-source forum solution developed by YAFNET’s individual developers. Versions of YAFNET prior to 4.0.5 and 3.2.12 contained a cross-site scripting vulnerability. This vulnerability stemmed from insufficient HTML cleaning or output encoding during postings and replies, whic...

7.3CVSS5.7AI score0.00199EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

pam_authnft 缓冲区错误漏洞

pamauthnft is an open-source Linux user session network filtering rule management tool based on nftables, developed by identd-ng. Versions of pamauthnft prior to 0.2.0-alpha contained a buffer error vulnerability. This vulnerability stemmed from excessive heap buffer reading in the peerlookuptcp...

8.7CVSS6AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

VMware Spring AI 安全漏洞

VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities into the Spring ecosystem. VMware Spring AI has a security vulnerability, which stems from problematic default settings in the chat memory...

7.5CVSS5.5AI score0.0026EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

antSword 跨站脚本漏洞

AntSword is a cross-platform website management tool developed by the AntSwordProject. Versions of AntSword prior to 2.1.16 contained a cross-site scripting vulnerability. This vulnerability stemmed from incomplete noxss cleanup, allowing for injection through jQuery.terminal format code, which...

8.8CVSS6.3AI score0.0026EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

changedetection.io 安全漏洞

changedetection.io is a website-based application developed by dgtlmoon, designed for change detection, monitoring, and notification. Versions of changedetection.io prior to 0.55.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of snapshot paths retrieved from back...

7.5CVSS5.8AI score0.00354EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

SUSE kubewarden 安全漏洞

SUSE kubewarden is a policy engine developed by the German company SUSE. SUSE kubewarden has security vulnerabilities. These vulnerabilities stem from attackers who have privileges as AdmissionPolicy or AdmissionPolicyGroup and can exploit the canihost callback. This callback directly executes...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Xibo 代码问题漏洞

Xibo is a digital signage content management tool developed by Dan Garner personally. Versions of Xibo prior to 4.4.1 contained code vulnerabilities. These vulnerabilities stemmed from server-side request forgery attacks, which could allow authenticated users to scan internal infrastructure or...

7.7CVSS5.9AI score0.00369EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

LobeHub 跨站脚本漏洞

LobeHub is an open-source AI dialogue framework developed by LobeHub. Versions of LobeHub prior to 2.1.48 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper filtering during the processing of custom tags, which could lead to cross-site scripting attacks and t...

6.2CVSS5.9AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.14 views

Langflow 路径遍历漏洞

Langflow is an open-source visualization framework developed by Langflow for building multi-agent and RAG applications. Versions of Langflow prior to 1.9.0 contained a path traversal vulnerability. This vulnerability stemmed from the path traversal in the knowledge base API, which could allow...

9.6CVSS5.8AI score0.04417EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Microsoft Visual Studio Code 操作系统命令注入漏洞

Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a vulnerability related to operating system command injection. Attackers can exploit this vulnerability to gain higher privileges...

8.8CVSS5.9AI score0.0052EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft Visual Studio Code 命令注入漏洞

Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a command injection vulnerability. Attackers can exploit this vulnerability to execute code remotely...

7.8CVSS6AI score0.00421EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft .NET 安全漏洞

Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and network transparency. There are security vulnerabilities in Microsoft .NET. Attackers can exploit the...

4.3CVSS5.8AI score0.00711EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

mem0 安全漏洞

mem0 is an open-source benchmark tool for efficient memory algorithms developed by Mem0. Version 1.0.0 of mem0 contains a security vulnerability. This vulnerability stems from the lack of authentication and authorization controls in the memory deletion API endpoint, which could allow remote...

6.5CVSS6AI score0.00386EPSS
Exploits0References2
Total number of security vulnerabilities195539