Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/12 12:0 a.m.14 views

Wing FTP Server 代码注入漏洞

Wing FTP Server is an open-source, cross-platform FTP server software developed by Wing FTP Server. Version 8.1.2 of Wing FTP Server has a code injection vulnerability. This vulnerability stems from the session serialization mechanism, where the mydirectory field for domain administrators allows...

8.6CVSS6.1AI score0.02643EPSS
Exploits5References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

AXIS OS 安全漏洞

AXIS OS is an operating system for edge devices developed by Axis, a Swedish company. There is a security vulnerability in AXIS OS, which stems from insufficient input validation in configuration files. This vulnerability may lead to command injection and potentially allow for privilege escalatio...

7.3CVSS5.8AI score0.00396EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability caused by a heap buffer overflow issue in the GPU component. This vulnerability could allow remote attackers to execute out-of-bound memory writes through...

4.3CVSS6.1AI score0.00195EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Ivanti Endpoint Manager(EPM) SQL注入漏洞

Ivanti Endpoint Manager EPM is a set of endpoint security managers developed by the American company Ivanti. Versions of Ivanti Endpoint Manager prior to EPM 2024 SU6 contained a SQL injection vulnerability. This vulnerability stemmed from SQL injections in the web console, and could allow remote...

8.8CVSS6AI score0.00883EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. There is a security vulnerability in Devolutions Server, which stems from a lack of authorization in the PAM module. This...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Microsoft Windows TCP/IP 代码问题漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There are code-related vulnerabilities in Microsoft Windows TCP/IP. Attackers can exploit these vulnerabilities to cause system denial-of-service attacks. The followin...

7.4CVSS5.8AI score0.00401EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a buffer overflow vulnerability. This vulnerability stemmed from an out-of-bounds write issue in the WebRTC component, which could allow remote attackers to execute arbitrary code...

8.8CVSS6.5AI score0.00383EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Siemens Simcenter Femap 安全漏洞

Siemens Simcenter Femap is a cutting-edge engineering simulation application developed by German company Siemens. It is used for creating, editing, and importing/reusing mesh-based finite element analysis models for complex products or systems. Siemens Simcenter Femap has a security vulnerability...

7.3CVSS7.3AI score0.00204EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in the AI component, which could allow remote attackers who have breached the rendering proce...

3.1CVSS5.9AI score0.00174EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

WebPros WHMCS 安全漏洞

WebPros WHMCS is a customer management and automated billing platform provided by the Swiss company WebPros, aimed at hosting providers and domain service providers. There is a security vulnerability in WebPros WHMCS, which stems from insufficient ownership checks in the clientarea.php file. This...

9.1CVSS5.8AI score0.00319EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

WordPress plugin Smart Appointment & Booking 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

5.3CVSS6AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Microsoft Message Queuing 安全漏洞

Microsoft Message Queuing is a solution developed by Microsoft for implementing high-performance asynchronous and synchronous scenarios. There are security vulnerabilities associated with Microsoft Message Queuing. The following products and versions are affected: Windows 10 Version 1809 for 32-b...

8.8CVSS5.8AI score0.00461EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Microsoft Windows SMB Client 资源管理错误漏洞

Microsoft Windows SMB Client is a software application developed by Microsoft Corporation. It is a SMB client. The Microsoft Windows SMB Client has a resource management vulnerability that can be exploited by attackers to gain elevated privileges. The following products and versions are affected:...

7CVSS5.8AI score0.00243EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Fortinet FortiClientWindows 安全漏洞

Fortinet FortiClientWindows is a Windows-based mobile device security solution provided by the American company Fortinet. When connected to the FortiGate firewall device, this solution offers features such as IPsec and SSL encryption, wide-area network optimization, terminal compliance, and...

5.5CVSS5.8AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a reuse issue in the HID component after release, which could allow remote attackers to exploit the situation by...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Microsoft Telnet Client 缓冲区错误漏洞

Microsoft Telnet Client is a network command-line utility built into the Windows operating system by Microsoft. It is commonly used for performing remote login, testing port connectivity, and remote management of systems and devices. Microsoft Telnet Client has a buffer error vulnerability...

5.4CVSS6AI score0.00747EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

WordPress plugin AzonPost 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.1CVSS5.8AI score0.00204EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Intel AI Playground 代码问题漏洞

Intel AI Playground is an online platform operated by Intel Corporation in the United States. Previous versions of Intel AI Playground, including 3.0.0 alpha, had code vulnerabilities that stemmed from uncontrolled search paths, which could lead to privilege escalation...

5.4CVSS5.9AI score0.00089EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a resource management vulnerability in Microsoft Windows. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows 10...

7CVSS5.8AI score0.00199EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Accessibility components after they were released, which could allow a remote attacker with access ...

8.3CVSS6AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Intel Data Center Graphics Driver 缓冲区错误漏洞

Intel Data Center Graphics Driver is a set of graphics drivers developed by Intel Corporation, aimed at data center GPUs and graphics acceleration devices. The Intel Data Center Graphics Driver for versions prior to VMware ESXi 2.0.2 contains a buffer error vulnerability. This vulnerability stems...

8.3CVSS6AI score0.0012EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft Windows TCP/IP 安全漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There are security vulnerabilities in Microsoft Windows TCP/IP. Attackers can exploit these vulnerabilities to bypass certain features. The following products and...

6.5CVSS5.8AI score0.00614EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

GoJobs API 访问控制错误漏洞

The GoJobs API is a high-performance job platform REST API developed by Manav Mahesh Sanger. The GoJobs API has an access control vulnerability, which stems from the lack of authentication and authorization checks in the job retrieval endpoints. This vulnerability may allow unauthorized users to...

5.3CVSS5.8AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

phpseclib 资源管理错误漏洞

phpseclib is an open-source PHP security communication library developed by phpseclib. Versions prior to 1.0.29, 2.0.54, and 3.0.52 contained a resource management vulnerability. This vulnerability stemmed from an issue where bypassing CVE-2024-27355 was possible when loading untrusted ASN1 files...

7.5CVSS5.8AI score0.00201EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

YAFNET 跨站脚本漏洞

YAFNET is an ASP.NET open-source forum solution developed by YAFNET’s developers. Versions of YAFNET prior to 4.0.5 and 3.2.12 contained a cross-site scripting vulnerability. This vulnerability stemmed from the database logging mechanism serializing user agent headers as JSON without encoding the...

8.1CVSS5.6AI score0.00282EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Fortinet FortiMail SQL注入漏洞

Fortinet FortiMail is a suite of email security gateway products developed by the American company Fortinet. This product provides features such as email security protection and data protection. Versions 7.6.0 to 7.6.3, 7.4.0 to 7.4.5, and 7.2.0 to 7.2.8 of Fortinet FortiMail contain SQL injectio...

7.2CVSS6.1AI score0.00359EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Microsoft GitHub Copilot and Visual Studio 注入漏洞

Microsoft GitHub Copilot and Visual Studio are generative AI tools developed by the American company Microsoft. There are injection vulnerabilities in Microsoft GitHub Copilot and Visual Studio. Attackers can exploit these vulnerabilities to bypass certain features...

8.8CVSS5.8AI score0.00861EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Schneider Electric EcoStruxure Panel Server 安全漏洞

Schneider Electric EcoStruxure Panel Server is an IoT gateway developed by Schneider Electric of France, used for data collection and uploading. Schneider Electric EcoStruxure Panel Server has a security vulnerability that stems from the use of insecure default values during resource...

8.2CVSS5.8AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Adobe Commerce 跨站脚本漏洞

Adobe Commerce is a leading global digital business solution for businesses and brands offered by Adobe in the United States. Versions of Adobe Commerce such as 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17, and earlier versions contain a cross-site scripting vulnerability. Thi...

8.7CVSS5.7AI score0.00402EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient GPU policy execution, which could allow remote attackers to exploit the system through specially crafted HTML...

8.3CVSS5.8AI score0.00214EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Zyxel NWA1100-N 安全漏洞

The Zyxel NWA1100-N is a wireless access point produced by the Chinese company Zyxel. The version 1.00AACE.1C0 of the Zyxel NWA1100-N contains a security vulnerability. This vulnerability stems from buffer overflows in the formWep, formWlAc, formPasswordSetup, formUpgradeCert, and formDelcert...

7.5CVSS5.9AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Ivanti Secure Access Client 安全漏洞

Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Vulnerabilities existed in versions of Ivanti Secure Access Client prior to 22.8R6. These vulnerabilities were due to improper permission allocation for critical resources, which could allow locall...

4.4CVSS5.8AI score0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability caused by Fonts integer overflow. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a specially crafted HTM...

8.8CVSS6.3AI score0.00252EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

SAP Financial Consolidation 安全漏洞

SAP Financial Consolidation is a financial reporting solution developed by the German company SAP. This product is primarily used for automating intercompany reconciliations and eliminations, currency conversions, and generating financial reports. There is a security vulnerability in SAP Financia...

4.3CVSS5.8AI score0.0029EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft Windows Common Log File System Driver 安全漏洞

The Microsoft Windows Common Log File System Driver is a high-performance, general-purpose log file system API provided by Microsoft. It allows specialized client applications to utilize this subsystem, enabling multiple clients to share it for optimized log access. There are security...

7.8CVSS5.8AI score0.00304EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.15 views

Microsoft Windows DNS 安全漏洞

Microsoft Windows DNS is a domain name resolution service provided by Microsoft Corporation. The Domain Name System DNS is one of the industry-standard protocol suites that includes TCP/IP. Both DNS clients and DNS servers work together to provide name resolution services, mapping computer names ...

9.8CVSS6.2AI score0.01932EPSS
Exploits4References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

sse-channel 注入漏洞

SSE-Channel is a server-push event channel tool developed by Espen Hovlandsdal, based on Node.js. Versions of SSE-Channel prior to 4.0.1 had an injection vulnerability. This vulnerability stemmed from implementations that allowed users to provide values passed into fields such as event, retry, or...

8.7CVSS5.9AI score0.00478EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Adobe Substance3D Designer 缓冲区错误漏洞

Adobe Substance3D Designer is a texture and material creation software developed by Adobe Inc. Versions of Adobe Substance3D Designer 15.1.0 and earlier contain a buffer error vulnerability, which stems from out-of-buffer writes, potentially allowing arbitrary code to execute in the current user...

7.8CVSS6.3AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

ChurchCRM 跨站请求伪造漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.3.2 contained a cross-site request forgeing vulnerability. This vulnerability originated from a top-level cross-site GET navigation request and could potentially allow logged-in users to delete records...

8.1CVSS5.7AI score0.0012EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Adobe Illustrator 缓冲区错误漏洞

Adobe Illustrator is a vector-based image creation software developed by Adobe Inc. in the United States. Adobe Illustrator has a buffer overflow vulnerability, which stems from out-of-bounds read operations and may lead to sensitive memory leaks. The following versions are affected: version...

5.5CVSS6AI score0.00144EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.7 views

Fortinet FortiAP 操作系统命令注入漏洞

Fortinet FortiAP is a controller designed by the American company Fortinet for managing wireless access point devices. Versions 7.6.0 to 7.6.2, 7.4.0 to 7.4.5, all versions of 7.2, all versions of 7.0, all versions of 6.4, as well as versions 7.0.0 to 7.0.5 of FortiAP-U, all versions of 6.2, and...

6.7CVSS6AI score0.00561EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Heym 安全漏洞

Heym is an open-source AI-native workflow automation platform developed by heymrun. Versions of Heym prior to 0.0.21 contained security vulnerabilities. These vulnerabilities stemmed from authorization bypasses during workflow execution, allowing authenticated users to execute arbitrary workflows...

7.6CVSS6.1AI score0.00293EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.17 views

Microsoft Windows Ancillary Function Driver for WinSock 安全漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a accessibility driver for Winsock from Microsoft Corporation. There are security vulnerabilities associated with the Microsoft Windows Ancillary Function Driver for WinSock. Attackers can exploit these vulnerabilities to gain elevate...

7.8CVSS5.8AI score0.00319EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Siemens blueplanet SQL注入漏洞

Siemens Blueplanet is a series of solar inverter and energy monitoring products developed by German company Siemens, aimed at photovoltaic power generation and energy storage systems. Several Siemens products have SQL injection vulnerabilities, which stem from improper handling of special element...

6CVSS7.4AI score0.00155EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Apache Tomcat 安全漏洞

Apache Tomcat is a lightweight web application server developed by the Apache Foundation in the United States. It supports Servlet and JavaServer Page JSP technologies. Security vulnerabilities exist in versions of Apache Tomcat ranging from 11.0.0-M1 to 11.0.21, from 10.1.0-M1 to 10.1.54, from...

7.5CVSS5.8AI score0.00467EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by a type confusion issue in the V8 component. This vulnerability could allow remote attackers to obtain potentially sensitive information...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

WordPress plugin GWD Connect 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.8CVSS6.3AI score0.00273EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.15 views

Microsoft Word 安全漏洞

Microsoft Word is a word processing software within the Office suite developed by Microsoft Corporation. There are security vulnerabilities in Microsoft Word. Attackers can exploit these vulnerabilities to execute code remotely. The following products and versions are affected: Microsoft SharePoi...

8.4CVSS5.9AI score0.00455EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Adobe Illustrator 缓冲区错误漏洞

Adobe Illustrator is a vector-based image creation software developed by Adobe Inc. of the United States. Adobe Illustrator has a buffer overflow vulnerability, which stems from out-of-bounds writes, potentially allowing arbitrary code to execute in the current user environment. The following...

7.8CVSS6.4AI score0.00138EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Adobe Media Encoder 输入验证错误漏洞

Adobe Media Encoder is a audio and video encoding application developed by Adobe, a company based in the United States. Versions of Adobe Media Encoder such as 26.0.2, 25.6.4, and earlier versions had a vulnerability related to input validation errors. This vulnerability stemmed from integer...

7.8CVSS6AI score0.0017EPSS
Exploits0References1
Total number of security vulnerabilities195539