Lucene search
+L

195539 matches found

cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a project overflow during snapshot subvolume reception, causing transaction suspension and...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.16 views

zebra 数据伪造问题漏洞

Zebra is an open-source Zcash implementation built with Rust by the Zcash Foundation. Versions of Zebra prior to 4.4.0 had a data forgery vulnerability, which stemmed from insufficient error handling when sighash types were invalid, potentially leading to consensus splits...

9.3CVSS5.8AI score0.00188EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

plunk 跨站脚本漏洞

Plunk is an open-source email sending and management platform developed by Plunk. Versions of Plunk prior to 0.9.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of React’s dangerouslySetInnerHTML method for rendering email body content without HTML...

5.4CVSS5.7AI score0.00176EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mctpflowprepareoutput function in the mctp route component. This function does not hold a...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an overflow in the processing of long HMAC keys in the crypto CAAM driver, and an issue where the kmemd...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of upper-bound checks on user input in the amdgpuuserqwaitioctl function. This...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.12 views

Alkacon OpenCMS 跨站脚本漏洞

Alkacon OpenCMS is a content management system developed by Alkacon Corporation. Versions of Alkacon OpenCMS prior to version 16 contained a cross-site scripting vulnerability, which was caused by the updateModelGroups.jsp file allowing for cross-site scripting attacks...

6.1CVSS5.6AI score0.00149EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.14 views

Brave CMS 跨站脚本漏洞

Brave CMS is a blog and news content management system developed by Razvan Zamfir, based on Laravel. Brave CMS has a cross-site scripting vulnerability, which stems from the fact that the message text entered in the contact form was not escaped properly, potentially allowing for arbitrary tag...

7.1CVSS5.8AI score0.00271EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.14 views

Bitrix24 代码问题漏洞

Bitrix24 is an enterprise social platform developed by the American company Bitrix. This platform includes features such as online communication, calendar management, and CRM Customer Relationship Management. Versions of Bitrix24 prior to 25.100.300 contained a code vulnerability. This...

6.3CVSS6.2AI score0.01028EPSS
Exploits3References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.9 views

RELATE 安全漏洞

RELATE is a web-based course package developed by Andreas Klöckner. RELATE has a security vulnerability, which stems from the checksigninkey function in course/auth.py, making it susceptible to timing attacks...

9CVSS5.8AI score0.00362EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.12 views

pgx SQL注入漏洞

pgx is a PostgreSQL driver and toolkit for Go language. Versions of pgx prior to 5.9.2 have a SQL injection vulnerability. This vulnerability occurs when using a non-default simple protocol; placeholders in dollar quotation string literals may be misinterpreted incorrectly, leading to SQL injecti...

9.8CVSS5.8AI score0.00356EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the on-the-fly decryption of ESP inputs within shared skb fragments, potentially leading to data...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the lereadfeaturescomplete function in Bluetooth HCI sync. This function allows for...

8.8CVSS5.8AI score0.00219EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a timing error during DMA error cleanup in e1000/e1000e, potentially leading to DMA mapping leaks...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from inconsistent lock order in the spidev driver’s spiLock and bufLock functions, potentially leading...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.16 views

Gitroom Postiz 代码注入漏洞

Gitroom Postiz is an open-source social media scheduling tool developed by Gitroom. Previous versions of Gitroom Postiz had a code injection vulnerability. This vulnerability stemmed from a Pwn Request vulnerability present in the workflow for building and publishing PR Docker images, which could...

10CVSS6.2AI score0.00504EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.10 views

IP 跨站脚本漏洞

IP is an open-source IP address query and display tool developed by th30d4y. Versions of IP from 1.0.1 to 2.0.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from insufficient cleaning of user input, which could lead to cross-site scripting attacks based on DOM...

6.1CVSS5.6AI score0.00181EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.13 views

wlc 跨站脚本漏洞

WLC is an open-source command-line client developed by Weblate. Versions of WLC prior to 2.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTML output formats that did not escape API response data, which could lead to cross-site scripting attacks...

5.1CVSS5.6AI score0.00174EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the XDP multiple buffer fragment count in the net mlx5e RX component. This count is not properly...

7.5CVSS5.9AI score0.00402EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.10 views

AnythingLLM 信息泄露漏洞

AnythingLLM is an integrated AI application developed by Mintplex. Versions of AnythingLLM prior to 1.12.1 contained a vulnerability related to information leakage. This vulnerability stemmed from the GET /api/workspace/:slug/tts/:chatId route, which verified workspace membership but did not...

4.3CVSS5.8AI score0.00301EPSS
Exploits1References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.13 views

pygeoapi 路径遍历漏洞

pygeoapi is a geospatial data API server developed by Geopython. In versions 0.23.0 to 0.23.3 of pygeoapi, there was a path traversal vulnerability. This vulnerability originated from a raw string concatenation vulnerability in the STAC FileSystemProvider plugin, which could lead to the exposure ...

7.5CVSS5.8AI score0.0051EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.12 views

FastGPT 代码问题漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT prior to 4.14.17 contained code vulnerabilities. These vulnerabilities stemmed from inconsistent SSRF protections in the handling of MCP tool URLs, which...

6.3CVSS5.9AI score0.00235EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.15 views

NornicDB 安全漏洞

NornicDB is a fusion database developed by TJ Sweet, which supports graph, vector, and historical data queries. Versions of NornicDB prior to 1.0.42-hotfix contained security vulnerabilities. These vulnerabilities stemmed from the Bolt listener always binding to wildcard addresses, ignoring user...

9.8CVSS5.8AI score0.0044EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.20 views

Dapr 路径遍历漏洞

Dapr is a portable, serverless, event-driven runtime developed by Dapr Open Source. Versions of Dapr from 1.3.0 to 1.15.14, as well as versions from 1.16.0-rc.1 to 1.16.14 and from 1.17.0-rc.1 to 1.17.5, have a path traversal vulnerability. This vulnerability stems from the use of reserved URL...

8.1CVSS5.8AI score0.00325EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.14 views

OpenMcdf 安全漏洞

OpenMcdf is an open-source .NET library for manipulating compound file binary formats. Versions of OpenMcdf prior to 3.1.3 contained security vulnerabilities, which stemmed from undetected loops in the red-black tree used to manage directory entries, potentially leading to infinite loops...

6.2CVSS5.8AI score0.00187EPSS
Exploits1References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.12 views

WordPress plugin User Frontend 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.8CVSS6AI score0.00951EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.14 views

Gitroom Postiz 跨站脚本漏洞

Gitroom Postiz is an open-source social media scheduling tool developed by Gitroom. Versions of Gitroom Postiz from 2.21.6 to 2.21.7 contained a cross-site scripting vulnerability. This vulnerability allowed any authenticated user to store arbitrary HTML in post content by manipulating saved...

9CVSS5.8AI score0.00258EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.15 views

zrok 路径遍历漏洞

Zrok is a secure internet sharing tool developed by OpenZiti. Versions of Zrok prior to 2.0.2 contained a path traversal vulnerability. This vulnerability stemmed from the WebDAV driver’s backend, which restricted path traversal through lexical normalization but did not prevent symbolic links fro...

8.7CVSS5.8AI score0.0033EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the netfilter nftables component failing to properly avoid duplicate device registrations when...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the MCTP driver failing to release the USB device reference when detection fails, resulting in a...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.32 views

i18next-fs-backend 路径遍历漏洞

i18next-fs-backend is an open-source backend layer developed by i18next for Node.js and Deno environments. It is used to load translation resources from the file system. Versions of i18next-fs-backend prior to 2.6.4 contained a path traversal vulnerability. This vulnerability arises from directly...

8.2CVSS5.8AI score0.00292EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.10 views

WordPress plugin Auto Affiliate Links 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.2CVSS5.8AI score0.00366EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.17 views

Magnitude Simba Amazon Redshift JDBC Driver 安全漏洞

The Magnitude Simba Amazon Redshift JDBC Driver is a JDBC driver provided by the American company Magnitude. It enables database connection through the standard JDBC Application Programming Interface API available in the Java Platform Enterprise Edition. Versions of the Magnitude Simba Amazon...

9.2CVSS6.1AI score0.00573EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

Electerm 信息泄露漏洞

Electerm is a SSH/SFTP client developed by ZXDong262 from China, based on Electron. Versions of Electerm 3.8.15 and earlier contained an information leakage vulnerability. This vulnerability stemmed from the getConstants IPC processor, which serialized the entire process.env object and sent it to...

5.5CVSS5.8AI score0.00103EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.15 views

ASUS System Control Interface 缓冲区错误漏洞

ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a buffer overflow vulnerability in the ASUS System Control Interface. This vulnerability arises from reading sizes that exceed the size of the buffer within the IOCTL handler, which...

6.8CVSS6.1AI score0.00137EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.16 views

YARD 路径遍历漏洞

YARD is a Ruby documentation generation tool developed by Loren Segal. Versions of YARD prior to 0.9.42 contained a path traversal vulnerability. This vulnerability stemmed from the use of the yard server’s path traversal feature, which could allow uncleaned HTTP requests to access arbitrary file...

7.5CVSS5.9AI score0.00388EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the rtw8822bsetantenna function being called during chip power-off conditions. This may trigger a...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xprtrdma component failing to decrement ep-rereceiving when rpcrdmapostrecvs fails or exits...

7.5CVSS5.8AI score0.0038EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the serial CAIF component not properly holding the tty-link reference during operations like...

7.8CVSS5.8AI score0.00117EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ASoC soc-core component not refreshing its delayed operations before removing DAI and widgets...

7.3CVSS5.8AI score0.00113EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a type confusion in the bonding component’s bondsetupbyslave function, potentially leading to...

7.8CVSS5.8AI score0.00157EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the pipapo Drop function in the netfilter nftsetpipapo component. During each iteration, the rulemapi+1...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an out-of-bounds read issue during option traversal in netfilter xtables, potentially leading to...

8.2CVSS5.8AI score0.00443EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.25 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an out-of-bounds read issue in the fnnlcthelperdumptable function within netfilter nfnetlink. Thi...

7.1CVSS5.8AI score0.00132EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the usb class CCDC-WDM driver’s ability to reorder the update of desc-length during code reading,...

7.1CVSS5.9AI score0.00132EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function qla2x00elsdcmdspfree, where the fcport variable is released twice after the krefput...

9.8CVSS5.8AI score0.0038EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of boundary checks on message frames in the processmessageheader function, potentially...

9.1CVSS5.8AI score0.00502EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.18 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of signed integers in bloblen and nummon functions within cephmonmapdecode. This can lead...

7.5CVSS5.8AI score0.0049EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.15 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of a non-constant time for the MAC comparison of tcp-md5, potentially leading to timing attacks...

9.4CVSS5.8AI score0.00443EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the pointer opinfo obtained through rcudereference in smb2open being rereferenced after rcureadunlock,...

9.8CVSS5.8AI score0.00308EPSS
Exploits0References1
Total number of security vulnerabilities195539