Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Tenda US_W3V1.0BR 安全漏洞

Tenda USW3V1.0BR is a home-use wireless router firmware product from the Tenda company. Version 1.0.0.3 of Tenda USW3V1.0BR contains a security vulnerability. This vulnerability stems from a stack overflow issue with the Go parameter in the asktoreboot function, which could allow attackers to cau...

7.5CVSS5.5AI score0.00329EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Remote Desktop Client 竞争条件问题漏洞

Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. The Microsoft Remote Desktop Client has vulnerabilities related to race conditions. The following products and versions are affected: Windows 10 Version 1809 for 32-bit systems, Windows 10 Version 1809...

7.5CVSS5.4AI score0.00397EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

Adobe CAI Content Credentials 资源管理错误漏洞

Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 have a resourc...

6.2CVSS5.4AI score0.00153EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Windows Push Notifications 竞争条件问题漏洞

Microsoft Windows Push Notifications is a push notification service provided by the American company Microsoft. It provides a reliable way to deliver new updates. There are vulnerabilities related to competition conditions in Microsoft Windows Push Notifications. Attackers can exploit these...

7.8CVSS5.4AI score0.00185EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Graphics Component 资源管理错误漏洞

The Microsoft Graphics Component is a graphics driver component developed by Microsoft Corporation. There is a resource management vulnerability in the Microsoft Graphics Component. Attackers can exploit this vulnerability to gain elevated privileges. The following products and versions are...

7.8CVSS5.3AI score0.02014EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Windows Attestation 输入验证错误漏洞

Microsoft Windows Attestation is an open-source device certification service based on TPM hardware trust roots, developed by Microsoft in the United States. Microsoft Windows Attestation has a security vulnerability that stems from a violation of trust boundaries, which may allow authorized...

7.8CVSS5.8AI score0.0031EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Malwarebytes EDR 输入验证错误漏洞

Malwarebytes EDR is a terminal detection and response platform provided by the American company Malwarebytes. Version 1.0.11 of Malwarebytes EDR contains a vulnerability related to input validation. This vulnerability arises from truncating data exceeding 4GB during computing hash calculations,...

8.2CVSS5.4AI score0.00123EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Evoluted PHP Directory Listing Script 跨站脚本漏洞

Evoluted PHP Directory Listing Script is a PHP-based directory indexing and file browsing script developed by the British company Evoluted. Versions of Evoluted PHP Directory Listing Script 4.0.5 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from the dir...

5.4CVSS5.2AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

Adobe Experience Manager 输入验证错误漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

3.5CVSS5.4AI score0.00299EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Tenda W3 安全漏洞

Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from a stack overflow issue with the Go parameters in the asktoreboot function, which could allow attackers to cause a...

6.5CVSS5.5AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

MongoDB Server 代码问题漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. Version 8.0 of MongoDB Server contains a code vulnerability. This vulnerability...

7.1CVSS5.3AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

WordPress plugin Helpfulcrowd Product Reviews 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS5.6AI score0.00273EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe Dreamweaver Desktop 安全漏洞

Adobe Dreamweaver Desktop is a web design and development software provided by Adobe, a company based in America. Versions of Adobe Dreamweaver Desktop starting from 21.7 and earlier have security vulnerabilities. These vulnerabilities stem from reliance on vulnerable third-party components, whic...

8.6CVSS5.9AI score0.00177EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Tenda G0 安全漏洞

Tenda G0 is a router produced by the Chinese company Tenda. The version 15.11.0.5 of Tenda G0 contains a security vulnerability. This vulnerability stems from a buffer overflow in the IPMacBindIndex parameter within the formIPMacBindDel function. It could allow attackers to cause denial-of-servic...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Tenda W20E 安全漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a security vulnerability. This vulnerability stems from a buffer overflow in the webAuthWhiteUserInfo parameter within the formAddWebAuthWhiteUser function. It is possible for...

7.5CVSS5.9AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

bookcars 安全漏洞

Bookcars is a car rental management platform developed by Akram El Assas. Version 8.3 of Bookcars contains a security vulnerability. This vulnerability stems from the /api/delete-temp-license/file endpoint, where there is an arbitrary file deletion vulnerability. This could allow unauthenticated...

5.3CVSS5.5AI score0.00511EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Visual Studio Code 授权问题漏洞

Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. There is a access control error vulnerability in Microsoft Visual Studio Code. Attackers can exploit this vulnerability to gain higher privileges...

9.6CVSS5.9AI score0.00591EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

microsoft projected file system 缓冲区错误漏洞

The Microsoft Projected File System is an application system developed by Microsoft Corporation. It projects hierarchical data into the file system, making it appear as files and directories within the file system. There are security vulnerabilities in the Microsoft Projected File System. Attacke...

7.8CVSS5.8AI score0.00326EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Office ClickToRun 资源管理错误漏洞

Microsoft Office ClickToRun is a component developed by Microsoft Corporation that allows for the download and installation of Microsoft Office products. There is a resource management vulnerability in Microsoft Office ClickToRun. Attackers can exploit this vulnerability to gain higher privileges...

7CVSS5.4AI score0.00234EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Siemens多款产品 代码问题漏洞

Siemens SIPROTEC 5 6MD84, among others, are relay devices produced by the German company Siemens. Several Siemens products have code vulnerabilities. These vulnerabilities stem from allowing authenticated users to upload arbitrary files via the DIGSI 5 protocol, which may lead to denial of servic...

6.9CVSS5.8AI score0.00186EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Pure Storage FlashArray Purity 安全漏洞

Pure Storage FlashArray Purity is a driver from the American company Pure Storage. It provides comprehensive data services. There is a security vulnerability in Pure Storage FlashArray Purity, which stems from insufficient filtering of certain data paths. This vulnerability may allow low-privileg...

8.7CVSS5.3AI score0.00279EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

S2OPC OPC UA Toolkit 安全漏洞

S2OPC OPC UA Toolkit is an open-source development toolkit for OPC UA communication, developed by Systerel. The S2OPC OPC UA Toolkit contains a security vulnerability. This vulnerability stems from the CycloneCrypto encryption wrapper, where certificate revocation checks only consider the first...

5.6CVSS5.3AI score0.00108EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

VMware Micrometer 资源管理错误漏洞

VMware Micrometer is an application monitoring metric collection framework developed by the American company VMware. There is a resource management vulnerability in VMware Micrometer; this vulnerability stems from the ability for users to submit custom HTTP requests, which may lead to denial of...

7.5CVSS5.4AI score0.00623EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Office Word 缓冲区错误漏洞

Microsoft Office Word is a word processing software developed by Microsoft. There is a security vulnerability in Microsoft Office Word, which stems from an unreliable pointer dereferencing. This vulnerability may allow unauthorized attackers to execute code locally...

7.8CVSS7.1AI score0.00457EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from the BSON...

8.7CVSS5.3AI score0.00345EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Office 缓冲区错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a security vulnerability in Microsoft Office, which stems from a heap buffer overflow...

7.8CVSS7.4AI score0.00457EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Spring Reactor Netty 信任管理问题漏洞

VMware Reactor Netty is a product of the US company VMware, which provides non-blocking and backpressure-compliant TCP/HTTP/UDP/QUIC clients and servers based on the Netty framework. Security vulnerabilities exist in versions 1.0.0 to 1.0.51, 1.1.0 to 1.1.35, 1.2.0 to 1.2.17, and 1.3.0 to 1.3.5 o...

6.1CVSS5.8AI score0.00172EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.22 views

image-size 资源管理错误漏洞

image-size is a lightweight image size retrieval tool developed by image-size. Versions of image-size from 1.1.0 to 1.2.1 and from 2.0.0 to 2.0.2 contained security vulnerabilities. These vulnerabilities stemmed from the findBox function, which had a denial-of-service vulnerability when processin...

8.7CVSS5.9AI score0.0064EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Dynamics 365 安全漏洞

Microsoft Dynamics 365 is a ERP business solution developed by the American company Microsoft, designed for multinational enterprises. It is used for financial management, production management, and business intelligence management, among other purposes. There are security vulnerabilities in...

8.8CVSS5.4AI score0.0063EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the webAuthUserInfo parameter within the formAddWebAuthUser function. It could allow attackers ...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

devalue 安全漏洞

devalue is an enhanced JavaScript object serialization library developed by Svelte. Versions of devalue from 5.6.3 to 5.8.1 contained a security vulnerability. This vulnerability stemmed from excessive memory allocation during the deserialization of sparse arrays, which could lead to excessive...

7.5CVSS5.4AI score0.00393EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

WordPress plugin jQuery Hover Footnotes 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. WordPress...

6.4CVSS5.3AI score0.00253EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Exchange Server 跨站脚本漏洞

Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. Microsoft Exchange Server has a cross-site scripting vulnerability. Attackers exploit this...

8.1CVSS5.1AI score0.00353EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows Boot Manager 处理逻辑错误漏洞

Microsoft Windows Boot Manager is a UEFI application provided by Microsoft Corporation, used to configure the boot environment. There are security vulnerabilities in Microsoft Windows Boot Manager. Attackers can exploit these vulnerabilities to bypass certain functions. The following products and...

7.9CVSS5.8AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

VMware Spring Framework 安全漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, Inc. This framework helps developers build high-quality applications. Versions 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 of the VMware Spring Framework contain security...

7.5CVSS5.3AI score0.00317EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Logseq 操作系统命令注入漏洞

Logseq is an open-source knowledge management and collaboration platform developed by Logseq. Version Logseq v0.10.15 contains a vulnerability related to operating system command injection. This vulnerability stems from the IPC handler allowing renderer processes to execute shell commands, and...

8.7CVSS6.4AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

WordPress plugin ePaperFlip Publisher 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.2AI score0.00192EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Siemens SINEC INS 安全漏洞

Siemens SINEC INS is a software developed by Siemens, a German company, that provides central services for network infrastructure. Versions of Siemens SINEC INS prior to S1.0 SP2 Update 6 contained security vulnerabilities. These vulnerabilities stemmed from the system containing binary files...

8.8CVSS5.3AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Spring Framework 安全漏洞

The Spring Framework is an application development framework developed by Spring in a open-source manner. Versions of the Spring Framework such as 7.0.0 and earlier, 6.2.0 and earlier, 6.1.0 and earlier, and 5.3.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the...

7.5CVSS5.3AI score0.0036EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Remote Desktop Client 缓冲区错误漏洞

Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There are security vulnerabilities in Microsoft Remote Desktop Client. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected: Windows 10 Version...

7.5CVSS5.9AI score0.00461EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

FreeSWITCH 安全漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.1, there was a security...

9.8CVSS5.7AI score0.00394EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Apache Answer 安全漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from insufficient authorization checks for time-line-related APIs, which could allow ordinary...

6.1CVSS5.4AI score0.00406EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

AMD uProf 安全漏洞

AMD uProf is a cross-platform performance analysis tool developed by AMD, a company specializing in semiconductors. AMD uProf has a security vulnerability that stems from improper access control. This vulnerability could allow local attackers with user privileges to write to the kernel’s shared...

6.8CVSS5.4AI score0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, Inc. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which arises from triggering invariant...

7.1CVSS5.3AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Microsoft Office Sharepoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. Microsoft Office SharePoint has a cross-site scripting vulnerability. Attackers utilize this vulnerability to carry out phishing attacks. The following products...

6.1CVSS6.9AI score0.00522EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft DWM Core Library 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a resource management vulnerability in the Microsoft Windows DWM Core Library. The following products and versions are affected: Windows 11 Version 26H1 for ARM64-based Systems, Windows 1...

7.8CVSS5.8AI score0.02014EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

QNAP qumagie 授权问题漏洞

QNAP Systems QuMagie is an AI-powered photo management software developed by QNAP Systems, a company based in Taiwan, China. Versions of QNAP Systems QuMagie prior to version 2.9.1 contained security vulnerabilities. These vulnerabilities were caused by user-controlled keys that allowed...

9.8CVSS5.8AI score0.0046EPSS
Exploits0References1
Total number of security vulnerabilities195539