Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities; these...

8.1CVSS5.8AI score0.00304EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

Apple多款产品 安全漏洞

Apple iOS and other products are owned by the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

6.5CVSS5.8AI score0.00389EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.16 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple VisionOS is an operating system designed for AR glasses. Several Apple products have security...

8.8CVSS7.3AI score0.00602EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

pyLoad 路径遍历漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev100 contained a path traversal vulnerability. This vulnerability stemmed from insufficient cleanup of package folder names, which could lead to path traversal attacks...

6.5CVSS5.8AI score0.00342EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

WSO2 Identity Server 资源管理错误漏洞

WSO2 Identity Server is an identity authentication server developed by the American company WSO2. There is a resource management vulnerability in WSO2 Identity Server. This vulnerability arises from accepting multiple invalid authentication requests without proper rate limiting or resource contro...

8.6CVSS5.8AI score0.00317EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities; these...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities; these...

6.5CVSS5.8AI score0.00462EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

pyLoad 信任管理问题漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev100 contained a trust management vulnerability. This vulnerability stemmed from the fact that the allowlist did not include the general.sslverify option in the setconfigvalue API method. As a resul...

6.8CVSS5.8AI score0.00174EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

docuForm FSM Server 跨站脚本漏洞

The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The version 11.11c of the docuForm FSM Server contains a cross-site scripting vulnerability. This vulnerability originates from the...

7.3CVSS5.9AI score0.00292EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

Cradle eCommerce 跨站脚本漏洞

Cradle eCommerce is an e-commerce platform developed by Cradle Corporation, which integrates content management and online shopping features. Cradle eCommerce has a cross-site scripting vulnerability. This vulnerability arises from insecurely reflecting user-controlled inputs in HTML output,...

5.1CVSS5.9AI score0.00318EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.23 contained security vulnerabilities. These vulnerabilities stemmed from improper access control in the gateway tools config.apply and config.patch, allowing compromised models...

8.8CVSS5.9AI score0.00489EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

WWBN AVideo 代码注入漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained a code injection vulnerability. This vulnerability stemmed from incomplete mitigation measures for the autoEvalCodeOnHTML evaluation function in YPTSocket, allowin...

7.2CVSS6.1AI score0.00238EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the function smfnsmfhandlecreateddatainvsmf in the SMF component...

6.5CVSS5.8AI score0.00372EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

Apple多款产品 安全漏洞

Apple iOS and other products are owned by the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

5.4CVSS6.2AI score0.07112EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

WordPress plugin Custom css-js-php 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

7.3CVSS6.2AI score0.00753EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to version 29 contain code vulnerabilities. These vulnerabilities stem from an unvalidated donation notification Webhook URL, which may allow attackers to access internal or cloud...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

WSO2 Identity Server 安全漏洞

WSO2 Identity Server is an identity authentication server developed by the American company WSO2. WSO2 Identity Server has a security vulnerability that stems from the lack of verification of user account status. This vulnerability may allow locked accounts to be successfully authenticated throug...

7.3CVSS5.8AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.18 views

Vaultwarden 授权问题漏洞

Vaultwarden is an alternative implementation of the Bitwarden server API, developed by Daniel García. Versions of Vaultwarden prior to 1.35.5 had an authorization vulnerability. This vulnerability stemmed from a lack of enforcement that ensured that the groupsusers.usersorganizationsuuid entry...

8.7CVSS5.9AI score0.00289EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities originate from the ogsnnrfnfmhandlenfprofile function in the...

6.5CVSS5.8AI score0.00378EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

Apple多款产品 安全漏洞

Apple iOS and other products are owned by the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

4.3CVSS5.8AI score0.00389EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

Grav 安全漏洞

Grav is a scalable content management system CMS developed by the Grav open-source community, suitable for use in personal blogs, small content publishing platforms, and single-page product displays. Versions of Grav prior to 2.0.0-beta.2 contained security vulnerabilities. These vulnerabilities...

6.5CVSS5.8AI score0.0029EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.14 views

Grav 代码注入漏洞

Grav is a scalable content management system CMS developed by the Grav open-source community, suitable for use in personal blogs, small content publishing platforms, and single-page product displays. Versions of Grav prior to 2.0.0-beta.2 contained a code injection vulnerability. This vulnerabili...

9.1CVSS6AI score0.03934EPSS
Exploits4References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.20 contained security vulnerabilities. These vulnerabilities were caused by incorrect message classification in the Feixi Card operation callback, which could allow attackers to...

5.4CVSS5.8AI score0.00265EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

Tookie-OSINT 路径遍历漏洞

Tookie-OSINT is a cross-platform username discovery tool developed by Alfredredbird. Versions prior to Tookie-OSINT 4.1fix contained a path traversal vulnerability. This vulnerability stemmed from the use of user-input directly as file names in the auxiliary functions writetxt, writecsv, writejso...

6.7CVSS5.7AI score0.00145EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

D-Link DNS-320 命令注入漏洞

The D-Link DNS-320 is a NAS Network Attached Storage device produced by D-Link Corporation. The D-Link DNS-320 version 2.06B01 has a command injection vulnerability. This vulnerability stems from functions in the file /cgi-bin/networkmgr.cgi, namely...

7.2CVSS5.8AI score0.04637EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Binaryen 安全漏洞

Binaryen is a WebAssembly open-source compiler framework and toolchain library written in C++. There are security vulnerabilities in Binaryen 117 and earlier versions, which stem from a reach assertion issue in the IRBuilder::makeBrOn function in the BrOn Parser component...

5.5CVSS5.8AI score0.00159EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

bitwarden 安全漏洞

Bitwarden is an open-source password management backend service developed by Bitwarden. Versions of Bitwarden prior to 2026.4.0 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authorization checks, allowing users of the provider service to add any organization a...

9.1CVSS5.8AI score0.00596EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

WeGIA 信息泄露漏洞

WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.7.0 contained an information leakage vulnerability. This vulnerability stemmed from the overly detailed error messages displayed by atendido/familiardocfamiliar.php, which could lead to...

6.9CVSS5.8AI score0.00253EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

docuForm FSM Server 代码问题漏洞

The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The version 11.11c of the docuForm FSM Server contains a code vulnerability caused by arbitrary file upload support in the pmupdate.p...

6.3CVSS6AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

MinIO 路径遍历漏洞

MinIO is an open-source object storage server developed by the American company MinIO. This product supports the creation of infrastructures for machine learning, analysis, and application data workloads. Versions of MinIO from RELEASE.2022-07-24T01-54-52Z to RELEASE.2026-04-14T21-32-45Z had a pa...

6.9CVSS5.8AI score0.08457EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

docuForm FSM Server 跨站脚本漏洞

The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The version 11.11c of the docuForm FSM Server contains a cross-site scripting vulnerability. This vulnerability originates from the...

7.3CVSS5.9AI score0.00292EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. There were security vulnerabilities in versions of Apple iOS before 18.7.7, as well as versions before 26.4,...

4.9CVSS5.8AI score0.0032EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

HireFlow 安全漏洞

HireFlow is an online interview management platform developed by StratonWebDesigners as a personal developer project. Version 1.2 of HireFlow contains a security vulnerability. This vulnerability stems from the direct concatenation of user inputs into SQL queries through endpoints like /login and...

9.8CVSS5.9AI score0.00495EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.8 views

Wellbia XIGNCODE3 安全漏洞

Wellbia XIGNCODE3 is a client-side anti-cheat solution for online gaming security provided by the South Korean company Wellbia. There is a security vulnerability in Wellbia XIGNCODE3, which stems from providing access to the IRPMJREITS command interface. This allows any user process to request...

7.8CVSS5.8AI score0.00176EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.19 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS prior to Sequoia 15.7.7, Sonoma 14.8.7, and Tahoe 26.5 contain security vulnerabilities. These vulnerabilities stem from issues with state handling, which may allow...

7.8CVSS5.8AI score0.00149EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. There is a security vulnerability in Apple macOS, which stems from issues with path processing logic, potentially allowing applications to access unprotected user data. The following versions...

7.5CVSS5.8AI score0.00311EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

WebDyne::Session 安全特征问题漏洞

WebDyne::Session is a server-side component developed by ASPEER’s individual developers, used for session management in web applications. Versions of WebDyne::Session 2.075 and earlier contained security vulnerabilities. These vulnerabilities stemmed from insecure session ID generation. The sessi...

6.5CVSS5.8AI score0.00304EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities; these...

7.3CVSS5.8AI score0.00274EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

docuForm FSM Server 安全漏洞

The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The docuForm FSM Server version 11.11c contains a security vulnerability, which stems from directory traversal attacks. This...

7.5CVSS5.9AI score0.00641EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

Grav CMS 安全漏洞

Grav CMS is an open-source file-based content management system developed by Grav. Versions of Grav CMS prior to 1.0.0-beta.15 contained security vulnerabilities. These vulnerabilities were caused by insecure direct object references and logical flaws, which could allow authenticated users to...

8.8CVSS5.8AI score0.0035EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

QuickJS 安全漏洞

QuickJS is a small and embeddable JavaScript engine developed by the QuickJS open-source project. Version 0.12.1 of QuickJS contains a security vulnerability, which stems from a problem with the jsmappedargumentsmark function. This vulnerability could allow attackers to execute arbitrary code...

7.3CVSS6.1AI score0.00233EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from heap-based out-of-bound reads during DNSSEC verification. This vulnerability allows remote attackers to cause denial-of-service attacks through specially crafted DNS packets...

5.3CVSS5.8AI score0.06226EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

libcaca 安全漏洞

libcaca is an open-source software library developed by cacalabs. It allows for converting images into color ASCII art. Versions of libcaca 0.99.beta20 and earlier contain security vulnerabilities. These vulnerabilities stem from integer overflows in the canvas import function. Attackers could...

7.8CVSS6.1AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

pyLoad 路径遍历漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev100 contained a path traversal vulnerability. This vulnerability stemmed from the uncleaned folder names in the setpackagedata API function, which could allow users with Perms.MODIFY permissions to...

8.1CVSS5.8AI score0.00395EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

WSO2多款产品 安全漏洞

WSO2 API Manager, among others, are products of the American company WSO2. WSO2 API Manager is a set of API lifecycle management solutions. WSO2 API Control Plane is a control panel. WSO2 Traffic Manager is a component designed to regulate and manage API traffic. Several WSO2 products have securi...

8.8CVSS5.8AI score0.00174EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

DeepChat 跨站脚本漏洞

DeepChat is an intelligent assistant developed by ThinkInAIXYZ as open source. Versions of DeepChat prior to v1.0.4-beta.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the discrepancy between the backend validation layer and the front-end browser rendering engin...

9.3CVSS5.9AI score0.00306EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

CosyVoice 安全漏洞

CosyVoice is an open-source voice generation and AI voice cloning platform developed by FunAudioLLM. There was a security vulnerability in the previous version of CosyVoice. This vulnerability stemmed from the model loading component using torch.load to load model weight files without enabling th...

5.7CVSS6.2AI score0.00112EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

alien-freeimage 安全漏洞

alien-freeimage is a development file auxiliary module developed by the KMX individual developer for building and installing the FreeImage library. Versions of alien-freeimage 1.001 and earlier contain security vulnerabilities, which stem from the inclusion of multiple libraries that have known...

7.3CVSS5.8AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe prior to 26.4 contained a security vulnerability caused by an issue with permission checks, which could allow malicious applications to access arbitrary files...

3.3CVSS5.9AI score0.00119EPSS
Exploits0References1
Total number of security vulnerabilities195539