Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Windows Performance Monitor 数字错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows Performance Monitor has a numerical error vulnerability. Attackers can exploit this vulnerability to execute code. The following products and versions are affected: Windows 1...

8.1CVSS5.9AI score0.0064EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function skbgroreceive, which does not check the zero-copy status during the copy of frags,...

7.8CVSS5.3AI score0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability arises from the vgicitsinvalidatecache function, which incorrectly places an iteration pointer ...

9.3CVSS5.3AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

ARM CPU 竞争条件问题漏洞

The ARM CPU is a series of central processing units developed by the British company ARM. The ARM CPU has a race condition vulnerability, which arises from the possibility of writing to resources with higher exception levels. The following products are affected: C1-Ultra, C1-Premium, Neoverse V3,...

9.1CVSS5.3AI score0.0053EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Adobe InDesign Desktop 安全漏洞

Adobe InDesign Desktop is a page layout software developed by Adobe, a company based in America. Versions of Adobe InDesign Desktop such as 21.3, 20.5.3, and earlier versions have security vulnerabilities. These vulnerabilities stem from stack buffer overflow exploits, which may allow arbitrary...

7.8CVSS6AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

FreeSWITCH 授权问题漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.1, there was an...

5.3CVSS5.4AI score0.00284EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

WordPress plugin KittyCatfish SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS5.8AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

Microsoft Windows Push Notifications 竞争条件问题漏洞

Microsoft Windows Push Notifications is a push notification service provided by the American company Microsoft. It provides a reliable way to deliver new updates. There are compatibility issues with Microsoft Windows Push Notifications. The following products and versions are affected: Windows...

7.8CVSS5.3AI score0.00173EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Exchange Server 代码注入漏洞

Microsoft Exchange Server is a set of email service programs provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There is a code injection vulnerability in Microsoft Exchange Server. Attackers can explo...

8.1CVSS5.6AI score0.00475EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.2AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the wewifiWhiteUserInfo parameter within the formAddWewifiWhiteUser function. It may allow...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from...

7.1CVSS5.3AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

WordPress plugin FV Flowplayer Video Player 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.2CVSS5.3AI score0.00241EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Adobe CAI Content Credentials 输入验证错误漏洞

Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 have a...

6.2CVSS5.4AI score0.00153EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft PC Manager 后置链接漏洞

Microsoft PC Manager is a computer management software developed by Microsoft Corporation. It offers features such as one-click acceleration, system space management, pop-up management, and comprehensive health checks. Microsoft PC Manager has a post-release link vulnerability. Attackers can...

7.8CVSS5.4AI score0.00329EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe Acrobat Reader 安全漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have security vulnerabilities. These...

7.8CVSS6.1AI score0.00174EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Remote Desktop Client 缓冲区错误漏洞

Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There are security vulnerabilities in Microsoft Remote Desktop Client. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected: Windows 10 Version...

8.8CVSS5.9AI score0.01001EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

SQLFluff 安全漏洞

SQLFluff is an open-source SQL linter that features flexible and configurable syntax. Versions of SQLFluff prior to 4.1.0 contained a security vulnerability. This vulnerability stemmed from the parser’s improper handling of maliciously overly nested SQL queries, which could lead to resource...

7.5CVSS5.6AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

NETGEAR多款产品 输入验证错误漏洞

NETGEAR Rax35 and other wireless routers are products of NETGEAR Corporation. Several NETGEAR products have a vulnerability related to input validation. This vulnerability stems from insufficient input validation, which may allow administrators who are connected to the local network to tamper wit...

6.8CVSS5.4AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

bookcars 安全漏洞

BookCars is a car rental management platform developed by Akram El Assas. Version 8.3 of BookCars contains a security vulnerability. This vulnerability stems from the/api/create-car-image component, which has a vulnerability related to arbitrary file uploads. This could allow attackers to execute...

5.4CVSS5.9AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Office 资源管理错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a resource management vulnerability in Microsoft Office. Attackers can exploit this...

8.4CVSS5.5AI score0.00364EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.22 views

Microsoft Windows Ancillary Function Driver for WinSock 竞争条件问题漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a compatibility issue driver developed by Microsoft for Winsock. This driver contains a vulnerability known as a race condition. Attackers can exploit this vulnerability to gain elevated privileges. The following products and versions...

7CVSS5.3AI score0.00179EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Tenda W20E 安全漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a security vulnerability. This vulnerability stems from a buffer overflow in the macAddr parameter of the formDelStaState function, which could allow attackers to cause...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

degit 操作系统命令注入漏洞

Degit is a tool developed by Rich Harris as a quick replication mechanism for Git repositories. Versions of degit prior to 2.8.6, as well as versions 3.0.0 to 3.3.1, contained an operating system command injection vulnerability. This vulnerability stemmed from improper handling of user input for...

8.8CVSS5.9AI score0.01057EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Windows Push Notifications 信息泄露漏洞

Microsoft Windows Push Notifications is a push notification service provided by Microsoft Corporation. It provides a reliable way to deliver new updates. However, Microsoft Windows Push Notifications has information leakage vulnerabilities. Attackers can exploit these vulnerabilities to obtain...

5.5CVSS5.3AI score0.00404EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Taier 授权问题漏洞

Taier is a distributed scheduling system open source by DTStack. It aims to reduce the costs of ETL processes, clarify complex dependencies between tasks, and lower labor costs related to submission, scheduling, and operations. Versions of Taier 1.4.0 and earlier have vulnerabilities related to...

7.5CVSS7.5AI score0.00401EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

Microsoft Visual Studio Code 日志信息泄露漏洞

Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a vulnerability related to information leakage. Attackers can exploit this vulnerability to obtain sensitive information...

6.5CVSS6.6AI score0.00763EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Windows Deployment Services 资源管理错误漏洞

Microsoft Windows Deployment Services are a container for Windows deployment services an updated and redesigned version of Remote Installation Services RIS provided by Microsoft Corporation. These services allow for the setup of new computers through network-based unattended installations...

8.1CVSS5.6AI score0.00589EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

bookcars 安全漏洞

BookCars is a car rental management platform developed by Akram El Assas. Version 8.3 of BookCars contains a security vulnerability. This vulnerability stems from an insecure authentication mechanism in the/api/social-sign-in endpoint, which could allow attackers to bypass authentication using...

9.1CVSS5.3AI score0.00364EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Huawei HarmonyOS 资源管理错误漏洞

Huawei HarmonyOS is an operating system developed by Huawei Technologies Co., Ltd. It is a full-scenario distributed operating system based on a microkernel architecture. There is a resource management vulnerability in HUAWEI HarmonyOS, which stems from a race condition in the IPC module and may...

6.4CVSS5.3AI score0.00133EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.9 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.2AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Spring Framework 跨站脚本漏洞

The Spring Framework is an application development framework developed by Spring in open source. Versions 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 have cross-site scripting vulnerabilities. These vulnerabilities stem from improper escaping of...

7.1CVSS5.1AI score0.00161EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Apptha Slider Gallery 路径遍历漏洞

Apptha Slider Gallery is a website image carousel and gallery display plugin provided by Apptha Corporation. Version 1.0 of Apptha Slider Gallery contains a path traversal vulnerability. This vulnerability stems from improper handling of the imgname parameter, which may allow unauthenticated...

8.7CVSS5.5AI score0.00641EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper handling of file backend mounting by the erofs file system. This issue may allow I/O...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Svelte 安全漏洞

Svelte is an open-source approach to building web applications. Versions of Svelte from 5.51.5 to 5.55.7 contained a security vulnerability. This vulnerability stemmed from the exponential increase in time taken for internal regular expression tests, which could lead to denial-of-service attacks...

7.5CVSS5.3AI score0.00421EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Windows Secure Boot 软件供应链问题漏洞

Microsoft Windows Secure Boot is a security boot mechanism developed by Microsoft Corporation. There are security vulnerabilities associated with Microsoft Windows Secure Boot. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected...

7.9CVSS5.8AI score0.01028EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Tenda G0 安全漏洞

Tenda G0 is a router produced by the Chinese company Tenda. The version 15.11.0.5 of Tenda G0 contains a security vulnerability. This vulnerability stems from a stack overflow issue in the picCropName parameter within the formCropAndSetWewifiPic function. It may allow attackers to cause...

7.5CVSS5.5AI score0.00397EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe InDesign Desktop 代码问题漏洞

Adobe InDesign Desktop is a page layout software developed by Adobe, a company based in America. Versions of Adobe InDesign Desktop such as 21.3, 20.5.3, and earlier versions have code vulnerabilities. These vulnerabilities stem from null pointer dereferencing issues, which can lead to applicatio...

5.5CVSS5.5AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

GPAC MP4Box 处理逻辑错误漏洞

GPAC is an open-source multimedia framework developed by GPAC. Version 2.4 of GPAC contains a security vulnerability. This vulnerability stems from a floating-point exception in the gfopusparsepacketheader function, which could allow attackers to cause denial-of-service attacks through specially...

6.5CVSS5.9AI score0.00296EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The Tenda W15E version 15.11.0.10 has a buffer overflow vulnerability. This vulnerability stems from the faulty handling of the gotoUrl parameter in the formPortalAuth function, which fails to properly validate the length ...

7.5CVSS7.4AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Huawei HarmonyOS 授权问题漏洞

Huawei HarmonyOS is an operating system developed by Huawei Technologies Co., Ltd. It is a full-scenario distributed operating system based on a microkernel architecture. There are vulnerabilities related to authorization in HUAWEI HarmonyOS. These vulnerabilities stem from the permission control...

4.4CVSS5.9AI score0.00075EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability. This...

7.8CVSS7.8AI score0.00257EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Microsoft Windows TCP/IP 缓冲区错误漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There are security vulnerabilities associated with Microsoft Windows TCP/IP. The following products and versions are affected: Windows Server 2022, Windows 11 Version...

5.5CVSS5.8AI score0.00383EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Exchange Server 跨站脚本漏洞

Microsoft Exchange Server is a set of email service programs provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. Microsoft Exchange Server has a cross-site scripting vulnerability. Attackers utilize thi...

6.1CVSS5.1AI score0.00375EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

pretix 安全漏洞

Pretix is a ticketing system developed by the German company Pretix. Pretix has a security vulnerability. This vulnerability stems from including the secrets of connected gift cards during the creation of all reusable media exports. As a result, it is possible for users who create these exports t...

6.9CVSS5.4AI score0.00229EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe Acrobat Reader 缓冲区错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a buffer error vulnerability. This...

5.5CVSS5.7AI score0.00154EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

MongoDB Server 日志信息泄露漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a company based in the United States. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a vulnerability in MongoDB Server related to log...

6.8CVSS5.4AI score0.00119EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Office Sharepoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. Microsoft Office SharePoint has a cross-site scripting vulnerability. Attackers exploit this vulnerability to carry out cross-site scripting attacks. The followi...

5.4CVSS6.9AI score0.00505EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Office Word 缓冲区错误漏洞

Microsoft Office Word is a word processing software developed by Microsoft and open sourced. There are security vulnerabilities in Microsoft Office Word. Attackers can exploit these vulnerabilities to obtain sensitive information. The following products and versions are affected: Microsoft 365 Ap...

3.3CVSS5.8AI score0.00371EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Office 资源管理错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a resource management vulnerability in Microsoft Office, which stems from a heap buff...

8.4CVSS5.9AI score0.00339EPSS
Exploits0References1
Total number of security vulnerabilities195539