Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the webAuthWhiteID parameter within the formModifyWebAuthWhiteUser function, which could allow...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Windows Kerberos 异常处理不当漏洞

Microsoft Windows Kerberos is a software developed by Microsoft for authentication in network clusters. As a network authentication protocol, its primary goal is to provide robust authentication services for client/server applications through a key system. There are code-related vulnerabilities i...

6.5CVSS5.8AI score0.00903EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is a distributed operating system designed for various scenarios, primarily providing features such as cross-device collaboration, intelligent connectivity, and secure operation environments. The print module of Huawei HarmonyOS has a permission control vulnerability, which stems...

5.5CVSS6AI score0.00075EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Microsoft Visual Studio Code 路径遍历漏洞

Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. There are security vulnerabilities in Microsoft Visual Studio Code. Attackers can exploit these vulnerabilities to alter information...

6.5CVSS6.7AI score0.00622EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.2AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows NT OS Kernel 缓冲区错误漏洞

The Microsoft Windows NT OS Kernel is the core of the Windows operating system developed by Microsoft Corporation. It is responsible for managing system resources, providing hardware abstraction, and ensuring system security and stability. There are security vulnerabilities in the Microsoft Windo...

7.8CVSS5.8AI score0.05659EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Office Excel 数字错误漏洞

Microsoft Excel is a spreadsheet software within the Office suite developed by the American company Microsoft. There is a code execution vulnerability in Microsoft Excel, and attackers can exploit this vulnerability to execute code locally...

7.8CVSS7.5AI score0.00372EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

WordPress plugin Global Body Mass Index Calculator 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.4AI score0.00188EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows Universal Disk Format File System Driver 缓冲区错误漏洞

The Microsoft Windows Universal Disk Format File System Driver is an open-source Windows file system driver developed by Microsoft. There is a security vulnerability in the Microsoft Windows Universal Disk Format File System Driver, which may allow authorized attackers to gain local privileges...

7.8CVSS5.9AI score0.00339EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Windows Performance Monitor 后置链接漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has a post-release link vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows 10 Version 18...

7.8CVSS7.3AI score0.03028EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows NT OS Kernel 数字错误漏洞

The Microsoft Windows NT OS Kernel is the core of the Windows operating system developed by Microsoft Corporation. It is responsible for managing system resources, providing hardware abstraction, and ensuring system security and stability. There is an input validation vulnerability present in the...

7.8CVSS5.8AI score0.00326EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

NETGEAR多款产品 安全漏洞

NETGEAR Rax35 and other wireless routers are products of NETGEAR Corporation. Several NETGEAR products have security vulnerabilities, which stem from inadequate configuration management. This vulnerability could allow administrators who are connected to the local network to tamper with the system...

6.8CVSS5.4AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Apache Answer 代码问题漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier had code vulnerabilities. These vulnerabilities stemmed from insufficient restrictions on the upload of dangerous types of files. The server did not properly verify the...

6.5CVSS5.6AI score0.00403EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

GPAC MP4Box 安全漏洞

GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Version 2.4 of GPAC MP4Box has a security vulnerability...

5.5CVSS5.3AI score0.00192EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

SEMCMS 跨站请求伪造漏洞

SEMCMS is an open-source content management system CMS for foreign trade websites that supports multiple languages. Version SEMCMS 5.0 has a cross-site request forgeing vulnerability, which stems from improper handling of POST requests directed to /admin/semcmsuser.php. This vulnerability may lea...

6.3CVSS5.1AI score0.00107EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Spring Framework 授权问题漏洞

The Spring Framework is an application development framework developed by Spring in open source. Versions 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 of the Spring Framework contain authorization vulnerabilities. These vulnerabilities stem from the WebFlux application,...

4.2CVSS5.3AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

WordPress plugin Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

6.4CVSS5.4AI score0.00243EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

WordPress plugin WPForms 安全漏洞

WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is a security vulnerability in the WPForms plugin. This vulnerability stems from...

5.3CVSS6AI score0.00197EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Office Sharepoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. Microsoft Office SharePoint has a cross-site scripting vulnerability. Attackers exploit this vulnerability to carry out cross-site scripting attacks. The followi...

7.3CVSS6.9AI score0.00687EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

QNAP QTS 缓冲区错误漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both products of QNAP Systems Corporation. QNAP Systems QTS is an entry-level operating system. QNAP Systems QuTS hero is another operating system. Both QNAP Systems QTS and QNAP Systems QuTS hero have security vulnerabilities; these vulnerabilities...

6.5CVSS6.2AI score0.00445EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

WordPress plugin jQuery Hover Footnotes 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.2AI score0.00145EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Adobe Experience Manager Forms 跨站脚本漏洞

Adobe Experience Manager Forms is a form content management solution developed by Adobe, a company based in America. This product includes features for form creation, management, publishing, as well as communication management, document security, and integrated analysis. The Adobe Experience...

8CVSS5.1AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.2AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Adobe Dreamweaver Desktop 输入验证错误漏洞

Adobe Dreamweaver Desktop is a web design and development software provided by Adobe, a company based in America. Versions of Adobe Dreamweaver Desktop starting from 21.7 and earlier have a vulnerability related to input validation. This vulnerability arises due to improper input validation, whic...

6.3CVSS5.5AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

WordPress plugin kk blog card 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. This platform allows for the creation of personal blogs on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions of...

6.4CVSS5.4AI score0.00181EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...

10CVSS5.8AI score0.08871EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

Microsoft Office Sharepoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. Microsoft Office SharePoint has a cross-site scripting vulnerability. Attackers exploit this vulnerability to carry out cross-site scripting attacks. The followi...

5.4CVSS6.9AI score0.00505EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Windows Performance Monitor 数字错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability in input validation of Microsoft Windows. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected: Windows 11...

8.1CVSS6AI score0.0064EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Ellucian Banner Self-Service 跨站脚本漏洞

Ellucian Banner Self-Service is a higher education self-service platform developed by the American company Ellucian. Versions of Ellucian Banner Self-Service prior to 2025-04-23 had a cross-site scripting vulnerability. This vulnerability stemmed from the course search function not being...

5.4CVSS4.9AI score0.00196EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability. This...

7.8CVSS5.9AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Windows 安全漏洞

Microsoft Windows is an operating system used on personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows, which stem from SecureBoot bypasses. These vulnerabilities could allow attackers with administrative privileges or those capable of modifyi...

7.8CVSS5.9AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

WordPress plugin AJAX Report Comments 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.3AI score0.00124EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Spring Framework 安全漏洞

The Spring Framework is an application development framework developed by Spring in a open-source manner. There are security vulnerabilities in Spring Framework versions 7.0.0 and earlier, 6.2.0 and earlier, 6.1.0 and earlier, and 5.3.0 and earlier. These vulnerabilities stem from the SpEL...

5.3CVSS5.5AI score0.00164EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability that ste...

5.5CVSS4.9AI score0.00254EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Tenda W20E 安全漏洞

Tenda W20E is a router produced by the Chinese company Tenda. The Tenda W20E has a buffer overflow vulnerability in the formCropAndSetWewifiPic function, specifically with respect to the picCropName parameter. An attacker can exploit this vulnerability to cause a denial-of-service attack...

7.5CVSS7.4AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

WordPress plugin PICA Photo Gallery SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability that ste...

7.8CVSS7.6AI score0.00285EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Microsoft Windows Network Controller (NC) 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a resource management vulnerability in Microsoft Windows. Attackers have exploited this vulnerability, causing a denial-of-service attack on the system. The following products and version...

5.5CVSS5.8AI score0.00356EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.2AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft DWM Core Library 缓冲区错误漏洞

The Microsoft DWM Core Library is a core library of Microsoft Windows from the company Microsoft. There is a vulnerability in input validation of the Microsoft DWM Core Library. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected:...

7.8CVSS5.9AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

WordPress plugin WP-Ultimate-Map 跨站请求伪造漏洞

WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed on a WordPress site. The WP-Ultimate-Map plugin has a cross-site request...

6.1CVSS5.9AI score0.00119EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe InDesign Desktop 安全漏洞

Adobe InDesign Desktop is a professional publishing layout and page design software, primarily used for printing and digital publication creation. Adobe InDesign Desktop has a stack buffer overflow vulnerability, which stems from insufficient input validation, leading to out-of-bound writing of...

7.8CVSS6.5AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe Format Plugins 安全漏洞

Adobe Format Plugins is a format plugin developed by Adobe Inc. Versions of Adobe Format Plugins prior to 1.1.2 contained security vulnerabilities; these vulnerabilities were caused by heap buffer overflows, which could allow arbitrary code to be executed in the current user environment...

7.8CVSS7.8AI score0.00281EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Red Hat 389 Directory Server 缓冲区错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server. This vulnerability stems from the checkPrefix function in the pw.c module, which copies the algorithm ID...

4.9CVSS6AI score0.00282EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability that ste...

7.8CVSS7.6AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Microsoft Office 资源管理错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a resource management vulnerability in Microsoft Office, which stems from a heap buff...

8.4CVSS5.9AI score0.00364EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

OSCAL-GUI 跨站脚本漏洞

OSCAL-GUI is a graphical interface tool developed by OSCAL Corporation for creating, editing, viewing, and managing OSCAL compliance data models. OSCAL-GUI has a cross-site scripting vulnerability. This vulnerability stems from the fact that the project request parameters values in oscal-forms.ph...

6.1CVSS5.5AI score0.00168EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

TYPO3 CMS 路径遍历漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source project. Versions of TYPO3 CMS prior to 10.4.57, as well as versions 11.0.0 to 11.5.51, 12.0.0 to 12.4.46, 13.0.0 to 13.4.31, and 14.0.0 to 14.3.3, have a path traversal vulnerability. This vulnerability stems from the...

2.1CVSS5.3AI score0.00356EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

TOTOLINK EX200 安全漏洞

TOTOLINK EX200 is a 2.4G wireless N range extender from TOTOLINK Corporation. It is designed to expand the coverage of an existing Wi-Fi network. The TOTOLINK EX200 version 4.0.3c.7646 contains a security vulnerability. This vulnerability stems from a minor permission violation in the vsftpd.conf...

6.9CVSS5.7AI score0.00285EPSS
Exploits0References1
Total number of security vulnerabilities195539