Lucene search
+L

195539 matches found

CNNVD
CNNVD
added 2026/05/06 12:0 a.m.12 views

WatchGuard Agent 安全漏洞

WatchGuard Agent is a terminal security protection and device management agent provided by the American company WatchGuard. There is a security vulnerability in WatchGuard Agent, which stems from improper resource permission allocation in the patch management component. This vulnerability may all...

7.8CVSS5.8AI score0.00103EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mptcp kernel path manager not always setting IDs as available when deleting endpoints, potentially...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.14 views

Masa CMS 输入验证错误漏洞

Masa CMS is a digital experience platform operated by Masa CMS organization. Masa CMS has a vulnerability related to input validation errors. This vulnerability stems from improper handling of relative URLs, which may allow attackers to redirect victims to sites controlled by external attackers...

5.3CVSS5.8AI score0.00328EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the SMU to handle null pointers when DRM and PM are disabled. This could lead to a null...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the IPMB event handler not being initialized. This issue may cause i2c to read uninitialized valu...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between the userref functions in iouring/zcrx during the scrub and refill...

4.7CVSS5.8AI score0.00088EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, where the listening address is bound to 0.0.0.0, allowing malicious parties on the same network to...

8.8CVSS6.2AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.21 views

PhpSpreadsheet 跨站脚本漏洞

PhpSpreadsheet is a PHP library developed by PHPOffice, designed for reading and writing spreadsheet files. Versions prior to PhpSpreadsheet 5.7.0, 3.10.5, 2.4.5, 2.1.16, and 1.30.4 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTML writers skipping...

5.4CVSS5.8AI score0.00225EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.12 views

Paramiko 加密问题漏洞

Paramiko is an open-source implementation of the SSHv2 protocol, written entirely in Python. It provides both client and server functionality. Versions of Paramiko prior to 4.0.0 have vulnerabilities related to encryption, which stem from the use of the SHA-1 algorithm in the rsakey.py module...

3.4CVSS5.8AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.15 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an out-of-bound array access in the camss vfe driver’s vfeisrregupdate function, potentially...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.18 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fsl-imx8mq-usb phy driver not setting the platform driver data correctly. This may result in...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that xfrmpolicyfini does not wait for the RCU reader to complete before releasing the...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of handling of msc-input in the HID MagicMouse, potentially leading to crashes...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the tcpv6synrecvsock function. This vulnerability may allow sub-sockets to us...

9.8CVSS5.8AI score0.00298EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of validation for the len parameter in dlm functions, potentially leading to out-of-boun...

9.8CVSS5.8AI score0.00426EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the direct reading of the option length without verifying the remaining length in the netfilter...

8.2CVSS5.8AI score0.00463EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the brcmffwehhandleifevent function not verifying the bsscfg index range, potentially leading to...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.17 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the handling of resources by the mtk-mdp driver’s probe function. This error occurs...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect use of a wrong DMA handle in the dmafreecoherent function during an erroneous path...

8.8CVSS5.8AI score0.0012EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

Masa CMS 跨站请求伪造漏洞

Masa CMS is a digital experience platform operated by Masa CMS organization. Versions of Masa CMS 7.5.2 and earlier contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the createBundle method in csettings.cfc, which did not properly validate the anti-CSRF token...

7.1CVSS5.7AI score0.00156EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.52 views

Gotenberg 参数注入漏洞

Gotenberg is an open-source, developer-friendly API developed by Gotenberg. It is used to convert various document formats into PDF files. Versions of Gotenberg 8.30.1 and earlier contained a parameter injection vulnerability. This vulnerability stemmed from the fact that the metadata writing...

10CVSS5.9AI score0.00611EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities stemmed from arbitrary file reading in the QQBot media tag, allowing attackers to reference local paths on hosts...

8.9CVSS5.9AI score0.00369EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient execution of DevTools policies, which could allow remote attackers to execute sandbox escape through malicious...

8.1CVSS6AI score0.00256EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

WordPress plugin Forminator 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.3CVSS5.8AI score0.00367EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Claude Code 输入验证错误漏洞

Claude Code is a native AI programming tool developed by Anthropic. In versions 2.1.63 to 2.1.83 of Claude Code, there is a vulnerability related to input validation errors. This vulnerability arises from the lack of validation for the content of the git worktree commondir file in the folder trus...

8.8CVSS5.9AI score0.00281EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ext4mbfindbygoal function potentially allocating blocks from a damaged group, which could lea...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

OpenStack Horizon 安全漏洞

OpenStack Horizon is an OpenStack-based project built using Django. It aims to provide a complete OpenStack dashboard along with a scalable framework for building new dashboards from reusable components. Versions 25.6, 25.7, and prior to 25.7.3 of OpenStack Horizon contained security...

5.3CVSS5.8AI score0.00365EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.15 views

PaperCut MF 输入验证错误漏洞

PaperCut MF is a multi-functional printer control software developed by the Australian company PaperCut. There is an input validation vulnerability in PaperCut MF, which stems from race conditions when processing card data from certain HP multifunctional devices. Under specific network conditions...

8.1CVSS5.8AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.14 had code vulnerabilities. These vulnerabilities stemmed from the browser SSRF policy, which allowed private network navigation by default. This configuration flaw could enabl...

7.7CVSS5.9AI score0.0028EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

WordPress plugin MoreConvert Pro 授权问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

9.8CVSS5.8AI score0.00458EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Sandboxie-Plus 安全漏洞

Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contained security vulnerabilities. These vulnerabilities were caused by a stack buffer overflow in the RunSbieCtrl processor of the SbieIniServer module, which could lead...

7.8CVSS6.1AI score0.00172EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.18 views

PhpSpreadsheet 代码问题漏洞

PhpSpreadsheet is a PHP library developed by PHPOffice, designed for reading and writing spreadsheet files. Code vulnerabilities exist in versions 1.30.2 and earlier, as well as versions 2.0.0 to 2.1.14, 2.2.0 to 2.4.3, 3.3.0 to 3.10.3, and 4.0.0 to 5.5.0 of PhpSpreadsheet. These vulnerabilities...

9.8CVSS6.4AI score0.00712EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

Fiber 安全漏洞

Fiber is an open-source web framework written in Go. Versions of Fiber 3.1.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the default key generator used in the caching middleware, which only uses the request path without including the query string. As a result,...

6.5CVSS5.8AI score0.00251EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability, which was caused by out-of-bound read and write operations to the GFX interface. This vulnerability could allow remote attackers to execute arbitrary...

5.4CVSS6.4AI score0.00171EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.12 had code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing in the handling of media URLs by the QQBot. This could allow attackers to provide...

9.3CVSS5.9AI score0.00251EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability, which was caused by out-of-bounds memory access in the V8 engine. This vulnerability could allow remote attackers to execute arbitrary code within a...

8.8CVSS6.5AI score0.00344EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

WordPress plugin Loco Translate 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.9CVSS5.8AI score0.0064EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

WordPress plugin Betheme 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

8.8CVSS6.2AI score0.00612EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

WordPress plugin Mentoring 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS5.8AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

WordPress plugin Blog Settings 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

6.1CVSS5.7AI score0.00211EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

D-Link DI-8100 缓冲区错误漏洞

The D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by D-Link Corporation. The D-Link DI-8100 version 16.07.26A1 contains a buffer overflow vulnerability. This vulnerability stems from the function sprintf in the HTTP Handler component, where...

10CVSS7.6AI score0.01515EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Skia objects after its release, which could allow remote attackers to exploit the vulnerability...

8.3CVSS5.8AI score0.00206EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Eclipse BaSyx Java Server SDK 路径遍历漏洞

Eclipse BaSyx Java Server SDK is an industrial digital development toolkit from the Eclipse Foundation. Versions of Eclipse BaSyx Java Server SDK prior to 2.0.0-milestone-10 contained a path traversal vulnerability. This vulnerability stemmed from insufficient path normalization in the Submodel...

10CVSS6.7AI score0.03678EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.19 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google to provide web browsing, application running and internet communication features. Google Chrome suffers from an integer overflow vulnerability that stems from the Network component failing to properly handle certain data, which can be exploited b...

4.3CVSS5.9AI score0.00225EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Realtek rtl819x Jungle SDK 信息泄露漏洞

The Realtek RTL819x Jungle SDK is a driver for wireless local area network chips developed by Realtek Semiconductor. The SDK contains an information leakage vulnerability, which stems from the lack of access control checks in the debug handlers of the writemem and readmem functions within the...

7.7CVSS5.7AI score0.00669EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Eclipse BaSyx Java Server SDK 代码问题漏洞

Eclipse BaSyx Java Server SDK is an industrial digitalization development toolkit from the Eclipse Foundation. Versions of Eclipse BaSyx Java Server SDK prior to 2.0.0-milestone-10 contained code vulnerabilities. These vulnerabilities stemmed from the Operation Delegation feature not verifying th...

8.6CVSS6.3AI score0.00516EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Apache Thrift 路径遍历漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a path traversal vulnerability. This vulnerability was caused by source validation errors, path traversal, improper handling of...

7.3CVSS5.8AI score0.00394EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient trust-based input validation in Navigation, which could allow remote attackers to...

8.3CVSS6AI score0.00237EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient execution of WebUI policies, which could allow remote attackers with access to the rendering process to bypass...

4.3CVSS5.9AI score0.00199EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

WordPress plugin Betheme 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.5CVSS5.8AI score0.00349EPSS
Exploits0References1
Total number of security vulnerabilities195539