Lucene search
+L

195539 matches found

CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation by the Popup Blocker, which could allow a remote attacker with access to th...

4.2CVSS5.8AI score0.0017EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Eclipse OpenJ9 缓冲区错误漏洞

Eclipse OpenJ9 is a Java application engine developed by the Eclipse Foundation. This product is primarily used for running Java applications. Versions of Eclipse OpenJ9 from 0.21 to 0.58 contain a buffer error vulnerability. This vulnerability allows pre-authenticated remote attackers to cause t...

8.7CVSS6AI score0.00517EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Apache HTTP Server versions 2.4.66 and earlier contain security vulnerabilities. These...

9.8CVSS6AI score0.01376EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Redis 资源管理错误漏洞

Redis is an open-source database developed by Redis Inc. in the United States. It is written in ANSI C, supports networking, and can be implemented as either in-memory or persistent storage systems. It also provides APIs in multiple languages. Versions of Redis from 7.2.0 to 8.6.3 have a resource...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

X.Org X Server 安全漏洞

The X.Org X Server is an X Window system display server developed by the X.Org Foundation. The X.Org X Server has a security vulnerability, which stems from an out-of-bound read operation during the handling of XKB modifier mappings. This vulnerability may lead to the disclosure of sensitive...

9.1CVSS5.8AI score0.00489EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There were security vulnerabilities in Apache HTTP Server versions 2.4.30 to 2.4.66. These...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.19 views

Redis 安全漏洞

Redis is an open-source database developed by Redis Technologies in the United States. It is written in ANSI C, supports networking, and can be implemented as either in-memory or persistent storage systems. It also provides APIs in multiple languages. Versions of Redis 8.6.3 and earlier contained...

8.8CVSS6.1AI score0.02995EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Redis 资源管理错误漏洞

Redis is an open-source database developed by Redis Inc. in the United States. It is written in ANSI C, supports networking, and can be implemented as either in-memory or persistent storage systems. It also provides APIs in multiple languages. There is a resource management vulnerability in Redis...

8.1CVSS6.1AI score0.01782EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.8 views

X.Org X Server 缓冲区错误漏洞

The X.Org X Server is an X Window system display server developed by the X.Org Foundation. The X.Org X Server has a buffer error vulnerability, which stems from out-of-bounds read accesses in the XKB geometry processing involving the CheckSetGeom and XkbAddGeomKeyAlias functions. This vulnerabili...

9.1CVSS6AI score0.00489EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

Eclipse Equinox OSGi 访问控制错误漏洞

Eclipse Equinox OSGi is a modular runtime framework developed by the Eclipse Foundation. Versions 3.8 to 3.18 of Eclipse Equinox OSGi contain access control vulnerability issues. This vulnerability stems from a remote code execution flaw in the console interface, allowing unauthenticated attacker...

9.8CVSS6.7AI score0.00455EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw from 2026.4.9 to 2026.4.10 contained a security vulnerability. This vulnerability stemmed from a denial-of-service attack in the real-time WebSocket path for voice calls. It was possible for a...

8.2CVSS5.8AI score0.00417EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Samsung多款产品 安全漏洞

SAMSUNG Mobile Processors are products of South Korea’s Samsung Corporation. SAMSUNG Mobile Processors are a series of mobile processors. SAMSUNG Modem 5400 is a 5G modem chip. SAMSUNG Modem Exynos is a series of modem chips. Several Samsung products have security vulnerabilities, which stem from...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.26 views

EFM ipTIME C200 注入漏洞

EFM ipTIME C200 is a network camera device produced by the South Korean company EFM. The EFM ipTIME C200 models starting from version 1.092 and earlier have a vulnerability that stems from the sub408F90 function’s ApplyRestore endpoint, which processes the RestoreFile parameter. This vulnerabilit...

8.6CVSS7.1AI score0.02336EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.22 views

Code-MCP 路径遍历漏洞

Code-MCP is an AI-integrated tool for terminal and file operations developed by Steven Yu. Versions of Code-MCP 4cfc4643541a110c906d93635b391bf7e357f4a8 and earlier have a path traversal vulnerability. This vulnerability stems from a problem with the MCP File Handler component in the issafepath...

7.5CVSS7.1AI score0.00418EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.15 views

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to race conditions in Chromoting. This vulnerability could allow local attackers to escalate their privileges through malicious files...

7.5CVSS5.8AI score0.00131EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the platformgetirqbyname function returning an int value. This value is passed directly to the...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

CoreDNS 授权问题漏洞

CoreDNS is a DNS server within the CoreDNS community. Versions of CoreDNS prior to 1.14.3 have a vulnerability related to authorization. This vulnerability stems from improper handling of transport implementations for gRPC, QUIC, DoH, and DoH3, as well as TSIG authentication. As a result,...

9.8CVSS5.8AI score0.0051EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

CoreDNS 安全漏洞

CoreDNS is a DNS server within the CoreDNS community. Versions of CoreDNS prior to 1.14.3 contained a security vulnerability. This vulnerability stemmed from an error in the selection of ACL rules in the transfer plugin, which could allow unauthorized remote clients to execute AXFR/IXFR and...

8.2CVSS5.9AI score0.00388EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

CoreDNS 资源管理错误漏洞

CoreDNS is a DNS server within the CoreDNS community. Versions of CoreDNS prior to 1.14.3 contained a resource management vulnerability. This vulnerability stemmed from the lack of size validation for overly large dns query parameters in the DNS-over-HTTPS GET path, which could allow remote...

8.7CVSS5.8AI score0.00672EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.17 views

CoreDNS 安全漏洞

CoreDNS is a DNS server within the CoreDNS community. Versions of CoreDNS prior to 1.14.3 contained a security vulnerability. This vulnerability stemmed from the tsig plugin’s trust transfer writer, which relied on TsigStatus for verification instead of performing its own validation. This allowed...

8.7CVSS5.8AI score0.00374EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.28 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from the issue of excessive out-of-bounds read accesses when the number of dentryhashtable buckets is...

9.1CVSS5.8AI score0.0039EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.20 views

kestra 安全漏洞

Kestra is an open-source workflow automation platform developed by Kestra. Kestra versions 1.3.3 and earlier have security vulnerabilities. These vulnerabilities stem from the use of user-controlled GET parameters that are directly concatenated into SQL queries without proper cleaning or...

9.8CVSS5.9AI score0.00367EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.16 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw from 2026.4.9 to 2026.4.10 contained a security vulnerability. This vulnerability stemmed from a bypass of the sender policy in the outbound host media attachment reading assistant, which could...

7.7CVSS5.8AI score0.00236EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities stemmed from arbitrary file reading in the QQBot media tag, allowing attackers to reference local paths on hosts...

8.9CVSS5.9AI score0.00369EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

EFM ipTIME NAS1dual 缓冲区错误漏洞

EFM ipTIME NAS1dual is a network-attached storage device produced by the South Korean company EFM. Version 1.5.24 of EFM ipTIME NAS1dual contains a buffer overflow vulnerability. This vulnerability stems from a problem with the function getcsrfwhites in the file /cgi/advanced/miscmain.cgi, which...

10CVSS7.8AI score0.0063EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.15 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw from 2026.2.22 to 2026.4.12 contained security vulnerabilities. These vulnerabilities were due to insufficient detection by the shell wrapper, allowing attackers to inject environment variable...

8.8CVSS5.8AI score0.00407EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

phoenix 安全漏洞

Phoenix is a web development framework developed under the Phoenix framework open source project. Versions of Phoenix from 1.7.0 to 1.7.22, as well as 1.8.6, have security vulnerabilities. These vulnerabilities stem from the unlimited resource allocation during the processing of NDJSON data...

8.7CVSS5.8AI score0.00469EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.14 contained security vulnerabilities. These vulnerabilities were due to improper access control in browser snapshots, screenshot generation, and tag routing. As a result,...

7.7CVSS5.8AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.28 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by the exposure of Media channel information. This vulnerability could allow remote attackers to exploit the vulnerability through specially crafted...

3.1CVSS5.8AI score0.00145EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. The version of OpenClaw from 2026.4.5 to 2026.4.10 contains security vulnerabilities. These vulnerabilities stem from permission escalation, allowing write-range operators to modify persistent memory settings. This...

7.1CVSS5.8AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities were due to a bypass of server-side request forgery tactics in the existing session browser interaction routing...

7.7CVSS5.8AI score0.00253EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient input validation in SSL, which could allow remote attackers with access to the render...

4.2CVSS5.8AI score0.00172EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

WordPress plugin Subscribe To Comments Reloaded 信息泄露漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.15 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after their release in the mobile version. It could allow remote attackers to exploit this...

7.5CVSS5.9AI score0.00308EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability, which was caused by out-of-bounds read operations in fonts. This vulnerability could allow remote attackers to execute out-of-bounds memory reads...

4.3CVSS6.2AI score0.00193EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

Sandboxie-Plus 安全漏洞

Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contained security vulnerabilities. These vulnerabilities were caused by a stack buffer overflow in the RunSbieCtrl processor of the SbieIniServer module, which could lead...

7.8CVSS6.1AI score0.00172EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.14 views

Sandboxie-Plus 安全漏洞

Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contain security vulnerabilities. These vulnerabilities stem from the ProcessServer processing program’s use of wcscpy to copy the boxname field, without verifying an empt...

7.8CVSS5.9AI score0.00174EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.16 views

Sandboxie-Plus 安全漏洞

Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of wcscat to copy the server field in NamedPipeServer::OpenHandler, without verifying the...

8.8CVSS6AI score0.00174EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.13 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after they were released in WebAudio, which could allow remote attackers to execute...

8.8CVSS6.2AI score0.00338EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the idxd driver failing to release the associated work queue when releasing objects...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

WordPress plugin Betheme 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.5CVSS5.8AI score0.00349EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.11 views

Google Android 安全漏洞

Android is an open source mobile operating system developed by Google, widely used in smartphones, tablets, smart TVs, cars and various IoT devices, providing core capabilities such as application operation, device management, network communication, debugging and security control, etc. Android...

8.8CVSS6.2AI score0.00541EPSS
Exploits12References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.11 views

DIE-engine 安全漏洞

DIE-engine is a file type detection and reverse analysis tool developed by Hors’ individual developer. Versions of DIE-engine prior to 3.21 contained security vulnerabilities. These vulnerabilities were caused by path traversal attacks, allowing attackers to write arbitrary files into the file...

7.8CVSS6.3AI score0.00168EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.13 views

n8n 代码注入漏洞

n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.32, 2.17.4, and 2.18.1 contained a code injection vulnerability. This vulnerability stems from workflows that include Python Code Nodes, allowing authenticated users to escape the sandbox and...

8.8CVSS6.2AI score0.00377EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.11 views

D-Link DIR-456U 信任管理问题漏洞

The D-Link DIR-456U is a wireless router produced by D-Link Corporation. The D-Link DIR-456U Hardware Revision A1 has a vulnerability related to trust management. This vulnerability stems from a hard-coded telnet backdoor, which may allow unauthenticated attackers on the local network to obtain a...

9.8CVSS5.8AI score0.00461EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.13 views

TOTOLINK N300RH 缓冲区错误漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. The version TOTOLINK N300RH 3.2.4-B20220812 contains a buffer overflow vulnerability. This vulnerability stems from the function setWanConfig in the component POST Request Handler, specifically the...

9CVSS7.6AI score0.00563EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.12 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from issues with the authentication-subscription endpoint in the...

5.3CVSS5.8AI score0.00358EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.14 views

mutt 安全漏洞

Mutt is an open-source command-line email client for sending emails from the terminal. Versions of Mutt prior to 2.3.2 contained a security vulnerability, which stemmed from an infinite loop in dataobjecttostream in crypt-gpgme.c...

3.7CVSS5.8AI score0.00201EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.25 views

Assimp 资源管理错误漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Version 6.0.2 of Assimp contains a resource management vulnerability. This vulnerability originates from the ParseVectorDataArray method in FBXParser.cpp, and it could allow a...

5.9CVSS5.8AI score0.00523EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.12 views

Apache OpenNLP 安全漏洞

Apache OpenNLP is a natural language processing toolkit developed by the Apache Foundation. There is a security vulnerability in Apache OpenNLP, which stems from AbstractModelReader not verifying whether the counts in array assignments are non-negative or within a reasonable range. This could lea...

7.5CVSS5.8AI score0.00627EPSS
Exploits0References1
Total number of security vulnerabilities195539