Lucene search
+L

195539 matches found

CNNVD
CNNVD
added 2026/05/05 12:0 a.m.19 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw from 2026.3.22 to 2026.4.5 contained a security vulnerability. This vulnerability stemmed from the handling of symbolic link traversal in remote market repository paths, which could allow...

6.5CVSS5.8AI score0.00323EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in DevTools, which could allow attackers who persuade users to install malicious extensions to...

5.4CVSS5.9AI score0.00121EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a race condition vulnerability, which was caused by shared storage race conditions. This vulnerability could allow remote attackers to exploit the system by exploiting specially...

3.1CVSS5.8AI score0.00155EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of passwords after they were released, which could allow remote attackers to execute arbitrary code...

8.8CVSS6.2AI score0.00267EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.20 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.9 contained security vulnerabilities. These vulnerabilities were caused by environmental variable injection, allowing malicious workarea.env files to set runtime control...

8.8CVSS5.8AI score0.00203EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Nix 安全漏洞

Nix is a package manager developed by Nix itself. Versions of Nix prior to 2.34.7 contained a security vulnerability. This vulnerability stemmed from directory traversal attacks using the nix-prefetch-url --unpack or nix store prefetch-file --unpack commands, allowing access to and writing...

5.3CVSS5.9AI score0.00573EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.16 views

WordPress plugin Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.7AI score0.00152EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after they were released in the Views component, which could allow...

7.5CVSS6.2AI score0.0018EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. The version of OpenClaw from 2026.4.7 to 2026.4.14 contains security vulnerabilities. These vulnerabilities stem from a logic that downgrades the heartbeat owner, causing it to skip Webhook wake-up events carrying...

9.8CVSS5.9AI score0.00423EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after the Navigation object was released, which could allow remote attackers to execute a...

8.3CVSS5.9AI score0.00222EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient execution of DevTools policies, which could allow local attackers to escalate their privileges...

7.8CVSS5.9AI score0.00112EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

openmrs-core 路径遍历漏洞

OpenMRS-core is an open-source electronic medical record system developed by OpenMRS. OpenMRS-core has a path traversal vulnerability. This vulnerability stems from the getFile method in ModuleResourcesServlet, which does not validate path boundaries. As a result, unauthorized attackers may be ab...

8.2CVSS7.3AI score0.00558EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a vulnerability related to input validation errors. This vulnerability stemmed from insufficient input validation in DevTools, which could allow remote attackers to exploit cross-source da...

3.1CVSS5.8AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

MCP Docusaurus Toolkit 路径遍历漏洞

MCP Docusaurus Toolkit is a documentation management and semantic search platform developed by Bucamp Axle’s individual developers. The MCP Docusaurus Toolkit has a path traversal vulnerability, which stems from the operations on the parameter DOCSDIR/path in the functions updatedocument,...

7.5CVSS7.1AI score0.0041EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in Mobile mode, which could allow local attackers to inject arbitrary scripts or...

4.4CVSS5.9AI score0.00112EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Jupyter Server 路径遍历漏洞

Jupyter Server is an application developed by the Jupyter organization that provides backend services for Jupyter web applications. Jupyter Server versions 2.17.0 and earlier contain a path traversal vulnerability. This vulnerability stems from path traversal issues in the REST API, which may all...

8.8CVSS5.8AI score0.00583EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Sandboxie-Plus 安全漏洞

Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus prior to 1.17.2 contained a security vulnerability. This vulnerability stemmed from the HashPassword function, which incorrectly shifted the high half-bits 8 positions to the right instead o...

5.3CVSS5.8AI score0.00091EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from the use of GPUs without proper initialization, which could allow remote attackers to obtain potentially sensitive informatio...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

WordPress plugin Schedule Post Changes With PublishPress Future 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

5.5CVSS5.8AI score0.00274EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Jupyter Server 输入验证错误漏洞

Jupyter Server is an application developed by the Jupyter organization that provides backend services for Jupyter web applications. Jupyter Server versions 2.17.0 and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient validation of t...

6.3CVSS5.8AI score0.00265EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the hcill driver failing to release the firmware during a firmware download error path, potential...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ext4fcreplayinode function not releasing iloc.bh at the wrong path, potentially leading to...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from the improper initialization of Dawn, which could allow remote attackers to obtain sensitive information from the process...

6.5CVSS5.8AI score0.00239EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability, which was caused by a V8 object lifecycle issue. This vulnerability could allow remote attackers to execute out-of-bound memory reads through special...

4.3CVSS6.2AI score0.00193EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of UI elements after they were released, which could allow remote attackers to execute arbitrary code...

8.8CVSS6.2AI score0.00223EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 访问控制错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a access control vulnerability. This vulnerability stemmed from insufficient policy enforcement in Autofill, which could allow remote attackers to exploit the vulnerability through...

4.3CVSS5.8AI score0.00157EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by ANGLE integer overflow. This vulnerability could allow remote attackers to exploit the vulnerability through specially crafted HTML pages, resultin...

4.3CVSS5.9AI score0.00193EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient execution of WebApp policies, which could allow remote attackers to execute UI deception through specially...

5.4CVSS6AI score0.00159EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 跨站脚本漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a cross-site scripting vulnerability, which was caused by improper implementation of ServiceWorker. This vulnerability could allow attackers to inject arbitrary scripts or HTML through...

5.4CVSS5.8AI score0.00142EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after TopChrome was released, which could allow remote attackers to execute a sandbox esca...

8.3CVSS5.9AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

GPAC 安全漏洞

GPAC is an open-source multimedia framework developed by GPAC. There is a security vulnerability in GPAC, which stems from a buffer overflow in the gfsvgparseattribute function found in the src/scenegraph/svgattributes.c file. This vulnerability could lead to a denial-of-service attack...

5.5CVSS6AI score0.00111EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

WordPress plugin Mentoring 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS5.8AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.17 views

Vaultwarden 数据伪造问题漏洞

Vaultwarden is an alternative implementation of the Bitwarden server API, developed by Daniel García. Versions of Vaultwarden 1.35.4 and earlier contained a data manipulation vulnerability. This vulnerability stemmed from updating credential metadata before signature verification during the...

5.4CVSS5.7AI score0.00151EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a vulnerability related to input validation. This vulnerability stemmed from insufficient trust-based input validation in the Payments component, which could allow a remote attacker with...

4.2CVSS5.8AI score0.00186EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.16 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in Search, which could allow remote attackers to leak cross-source data through specially...

4.3CVSS6AI score0.00163EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

D-Link DI-8100 缓冲区错误漏洞

The D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by D-Link Corporation. The D-Link DI-8100 version 16.07.26A1 contains a buffer overflow vulnerability. This vulnerability stems from a function in the POST Parameter Handler component called...

10CVSS7.6AI score0.0586EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Altice Labs GR140DG和Altice Labs GR140IG 安全漏洞

Altice Labs GR140DG and Altice Labs GR140IG are fiber-optic access gateway devices from the Portuguese company Altice Labs. Both devices have security vulnerabilities. The vulnerability stems from the ping diagnostic handler in /bin/httpdclientside, which inserts uncleaned user inputs into the...

8.8CVSS6.1AI score0.01275EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

WordPress plugin DX Sources 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from the use of GPUs without proper initialization, which could allow remote attackers to obtain sensitive information from the...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

WordPress plugin Geeky Bot 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

9.8CVSS6AI score0.00455EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability. This vulnerability stemmed from out-of-bounds write-ups related to WebRTC, which could allow remote attackers to execute arbitrary code within a...

8.8CVSS6.5AI score0.00383EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of WebRTC after it was released, which could allow remote attackers to execute arbitrary code within a...

8.8CVSS6.2AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.26 views

CodeCanyon Perfex CRM 注入漏洞

CodeCanyon Perfex CRM is a self-hosted customer relationship management software developed by CodeCanyon. Versions of CodeCanyon Perfex CRM 3.4.1 and earlier had a SQL injection vulnerability. This vulnerability stemmed from the operation of the Admin Kanban endpoint in the...

6.5CVSS6.7AI score0.00241EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

eLabFTW 安全漏洞

eLabFTW is an open-source experimental data hosting platform developed by eLabFTW. This platform runs on the Linux system and supports the storage of various types of objects. Versions of eLabFTW 5.4.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the login process...

5.9CVSS5.9AI score0.00254EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reusing of resources after they were released in Chromoting, which could allow remote attackers to execute...

8.8CVSS6.2AI score0.00309EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.16 views

itsourcecode Courier Management System 注入漏洞

itsourcecode Courier Management System is an open-source courier management system developed by itsourcecode. Version 1.0 of the itsourcecode Courier Management System has a vulnerability related to parameter handling in the file/printpdets.php, which may lead to SQL injection attacks...

6.5CVSS6.7AI score0.00196EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

ERPNext 代码注入漏洞

ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Version 13.4.0 of ERPNext contains a code injection vulnerability. This vulnerability stems from a sandbox escape vulnerability present in RestrictedPython. It allows authenticated user...

8.8CVSS6.2AI score0.00609EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

ERPNext 安全漏洞

ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Versions of ERPNext prior to v15.103.1 contained security vulnerabilities. These vulnerabilities were caused by server-side template injection. Attackers who had access to create or edi...

9.8CVSS5.8AI score0.0039EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

WordPress plugin User Registration & Membership 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.3CVSS5.8AI score0.003EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

OpenCTI 授权问题漏洞

OpenCTI is an open-source network threat intelligence platform developed by OpenCTI. Versions 6.6.0 to 6.9.12 of OpenCTI have vulnerabilities related to authorization. Attackers can exploit these vulnerabilities to access the API as any existing user, including the default administrator account...

9.8CVSS5.8AI score0.0048EPSS
Exploits1References2
Total number of security vulnerabilities195539