Lucene search
+L

195539 matches found

CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient and untrusted input validation in the Updater, which could allow local attackers to...

7.8CVSS5.8AI score0.0008EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

ISPConfig 跨站脚本漏洞

ISPConfig is a set of open-source host control panels based on Linux by the ISPConfig company. It allows for the management of multiple servers through a web-based control panel, the creation of websites, and the monitoring of server status. Version 3.3.0 of ISPConfig contains a cross-site...

4.7CVSS5.6AI score0.00213EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

WordPress plugin Publish 2 Ping.fm 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.1CVSS5.7AI score0.0012EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

RedisTimeSeries 安全漏洞

RedisTimeSeries is an open-source time series data structure for Redis. Versions of RedisTimeSeries prior to 1.12.14 have a security vulnerability. This vulnerability stems from the module not properly verifying the serialized values processed via the Redis RESTORE command. Authorized attackers c...

8.8CVSS6.2AI score0.01029EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

FacturaScripts 安全漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to 2025.92 contained security vulnerabilities. These vulnerabilities stemmed from the lack of validation of the nick parameter in the POST request of the EditUser...

5.3CVSS5.8AI score0.0033EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to clear the txrunning flag when canceling TX DMA transfers via the 8250 serial port...

5.5CVSS5.8AI score0.00091EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from the uninitialized use of GPU resources, which could allow remote attackers to exploit the system by leaking cross-source dat...

4.3CVSS5.8AI score0.00238EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

EFM ipTIME NAS1dual 缓冲区错误漏洞

EFM ipTIME NAS1dual is a network-attached storage device produced by the South Korean company EFM. Version 1.5.24 of EFM ipTIME NAS1dual contains a buffer overflow vulnerability. This vulnerability stems from a problem with the function getcsrfwhites in the file /cgi/advanced/miscmain.cgi, which...

10CVSS7.8AI score0.0063EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a vulnerability related to input validation. This vulnerability stemmed from insufficient trust-based input validation in the Omnibox component, which could allow remote attackers to injec...

6.1CVSS6AI score0.00171EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient execution of the DirectSockets strategy, which could allow remote attackers to perform...

5.4CVSS6.1AI score0.00171EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by type confusion in WebRTC. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a specially crafted HT...

8.8CVSS6.2AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 信息泄露漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability known as information leakage. This vulnerability originated from improper implementations in the V8 engine, and it could allow remote attackers to obtain potentially...

4.3CVSS5.8AI score0.00163EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by GPU integer overflow. This vulnerability could allow remote attackers to execute arbitrary read and write operations through...

4.2CVSS6.2AI score0.00153EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after their release in the Audio component, which could allow remote attackers to execute...

8.8CVSS6.2AI score0.00242EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.27 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by the exposure of Media channel information. This vulnerability could allow remote attackers to exploit the vulnerability through specially crafted...

3.1CVSS5.8AI score0.00145EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a vulnerability related to input validation errors. This vulnerability stemmed from insufficient input validation in CORS requests, which could allow remote attackers to bypass the origin...

3.1CVSS5.8AI score0.00216EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

itsourcecode Courier Management System 注入漏洞

itsourcecode Courier Management System is an open-source courier management system developed by itsourcecode. Version 1.0 of the itsourcecode Courier Management System has a vulnerability related to parameter handling in the file/printpdets.php, which may lead to SQL injection attacks...

6.5CVSS6.7AI score0.00196EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.15 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.14 contained security vulnerabilities. These vulnerabilities stemmed from editing bypasses, allowing authenticated gateway clients to receive unedited secrets through alias fiel...

7.1CVSS5.8AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw from 2026.4.9 to 2026.4.10 contained a security vulnerability. This vulnerability stemmed from a denial-of-service attack in the real-time WebSocket path for voice calls. It was possible for a...

8.2CVSS5.8AI score0.00417EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.14 contained security vulnerabilities. These vulnerabilities were due to improper access control in browser snapshots, screenshot generation, and tag routing. As a result,...

7.7CVSS5.8AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw from 2026.2.22 to 2026.4.12 contained security vulnerabilities. These vulnerabilities were due to insufficient detection by the shell wrapper, allowing attackers to inject environment variable...

8.8CVSS5.8AI score0.00407EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

NagaAgent 路径遍历漏洞

NagaAgent is a 2D AI assistant developed by RTGS2017. It supports streaming tool calls, knowledge graph memory, and voice interactions. Versions of NagaAgent 5.1.0 and earlier have a path traversal vulnerability. This vulnerability stems from the handling of the parameter Name by the Skills...

7.5CVSS7.2AI score0.00501EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Masa CMS SQL注入漏洞

Masa CMS is a digital experience platform. Masa CMS has a SQL injection vulnerability, which stems from the unvalidated JSON API accepting the altTable parameter and storing it through the setAltTable method. This may allow unauthorized attackers to read sensitive data through arbitrary subquerie...

9.3CVSS6AI score0.00317EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Gotenberg 代码问题漏洞

Gotenberg is an open-source, developer-friendly API developed by Gotenberg. It is used to convert various document formats into PDF files. Versions of Gotenberg 8.30.1 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the default private IP denial-of-service list usin...

7.8CVSS5.9AI score0.00463EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Twenty 代码问题漏洞

Twenty is an open-source CRM platform developed by Twenty. Versions of Twenty 1.18.0 and earlier have code vulnerabilities. These vulnerabilities stem from a flaw in the SSRF protection mechanism, which can be bypassed by IPv6 addresses mapped via IPv4. The Node.js URL parser standardizes IPv6...

8.3CVSS5.9AI score0.0024EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

phoenix 安全漏洞

Phoenix is a web development framework developed under the Phoenix framework open source project. Versions of Phoenix from 1.7.0 to 1.7.22, as well as 1.8.6, have security vulnerabilities. These vulnerabilities stem from the unlimited resource allocation during the processing of NDJSON data...

8.7CVSS5.8AI score0.00469EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities stemmed from bypassing plugin trust mechanisms, allowing attackers to circumvent the expected trust levels when...

8.8CVSS5.8AI score0.00386EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities stemmed from issues with the check time and usage time in the validateScriptFileForShellBleed function. This could...

2.5CVSS5.8AI score0.00079EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

PhpSpreadsheet 跨站脚本漏洞

PhpSpreadsheet is a PHP library developed by PHPOffice, designed for reading and writing spreadsheet files. PhpSpreadsheet has a cross-site scripting vulnerability. This vulnerability arises when the HTML Writer skips htmlspecialchars output escaping when using custom number formats that contain ...

5.4CVSS5.8AI score0.00202EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from the failure to reset the register ID after performing the BPFEND operation. This vulnerability m...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities were due to a bypass of server-side request forgery tactics in the existing session browser interaction routing...

7.7CVSS5.8AI score0.00253EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.12 contained security vulnerabilities. These vulnerabilities stemmed from improper authorization in the auxiliary support channel; the empty authorization approver list was...

6.5CVSS5.8AI score0.00244EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. The version of OpenClaw from 2026.4.5 to 2026.4.10 contains security vulnerabilities. These vulnerabilities stem from permission escalation, allowing write-range operators to modify persistent memory settings. This...

7.1CVSS5.8AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient trust in input validation within the Updater, which could allow local attackers to...

7.8CVSS5.9AI score0.00112EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

Google Chrome 跨站请求伪造漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a cross-site request forgeing vulnerability. This vulnerability stemmed from improper implementation of MHTML, and it could allow remote attackers to leak cross-source data through special...

3.1CVSS5.8AI score0.00152EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient input validation in SSL, which could allow remote attackers with access to the render...

4.2CVSS5.8AI score0.00172EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by improper implementation in Companion. This vulnerability could allow remote attackers to gain operating system-level privileges...

8.1CVSS5.8AI score0.00237EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by a type confusion in the l2capecredreconfrsp function. This vulnerability may lead to valid packets being...

7.1CVSS5.8AI score0.00215EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the Persistent Cache mechanism, which could allow remote attackers with...

3.1CVSS5.8AI score0.002EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the Extensions policy, which could allow remote attackers to bypass autonomous access control...

4.2CVSS5.9AI score0.00172EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.16 views

Bitcoin Core 安全漏洞

Bitcoin Core is an open-source client for verifying the validity of blockchain transactions. There are security vulnerabilities in versions 0.14 to 28.x of Bitcoin Core, and these vulnerabilities stem from security issues, though the details remain undisclosed...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

fast-uri 安全漏洞

fast-uri is an open-source, dependency-free RFC 3986 URI parser and toolkit developed by Fastify. Versions of fast-uri 3.1.1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the normalize function decoding percent-encoded permission separators within the host...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

CoreDNS 资源管理错误漏洞

CoreDNS is a DNS server within the CoreDNS community. Versions of CoreDNS prior to 1.14.3 contained a resource management vulnerability. This vulnerability stemmed from the lack of size validation for overly large dns query parameters in the DNS-over-HTTPS GET path, which could allow remote...

8.7CVSS5.8AI score0.00672EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

PaperCut Hive 日志信息泄露漏洞

PaperCut Hive is a cloud-based printing management solution developed by the Australian company PaperCut. PaperCut Hive has a vulnerability related to log information leakage. This vulnerability arises from the recording of plaintext management credentials when the deep logging mode is enabled...

5.9CVSS5.8AI score0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

Traccar 安全漏洞

Traccar is a Java-based website building system provided by the American company Traccar. This software supports over 170 GPS protocols and over 1500 types of GPS tracking devices. Traccar can be used alongside any major SQL database systems. It also offers a user-friendly REST API. There were...

5.4CVSS5.8AI score0.00183EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

D-Link DI-8100 缓冲区错误漏洞

The D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by D-Link Corporation. The D-Link DI-8100 version 16.07.26A1 contains a buffer overflow vulnerability. This vulnerability stems from the function tgglasp in the file/tggl.asp within the HTTP...

9CVSS7.6AI score0.01057EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a vulnerability related to input validation. This vulnerability stemmed from insufficient trust-based input validation by FedCM, which could allow remote attackers to exploit the system by...

4.3CVSS5.8AI score0.00163EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.20 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in DevTools, allowing attackers who persuade users to install malicious extensions to leak...

4.3CVSS5.9AI score0.00125EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Apache Thrift 安全漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a security vulnerability, which was caused by an excessive memory allocation size value...

5.3CVSS5.8AI score0.00665EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

WordPress plugin GenerateBlocks 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

6.5CVSS5.9AI score0.00539EPSS
Exploits0References1
Total number of security vulnerabilities195539