Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

bookcars 安全漏洞

Bookcars is a car rental management platform developed by Akram El Assas. Version 8.3 of Bookcars contains a security vulnerability. This vulnerability stems from the lack of encryption signature verification in the validateAccessToken function, which may allow attackers to bypass authentication...

9.8CVSS5.3AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability. This...

7.8CVSS5.9AI score0.00174EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Tenda W3 安全漏洞

Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from a stack overflow issue with the wlradio parameter in the formWifiRadioSet function. It could allow attackers to cause...

7.5CVSS5.5AI score0.00397EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

7.5CVSS5.4AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

OpenSSL 异常处理不当漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

7.5CVSS5.9AI score0.00419EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

OpenSSL 加密问题漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

7.4CVSS5.8AI score0.00196EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incomplete handling of rlimits by the AppArmor module regarding POSIX CPU timers. This could...

7.3CVSS5.3AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

3.7CVSS5.4AI score0.00259EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

OpenSSL 缓冲区错误漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

7.5CVSS5.7AI score0.00513EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from the abilit...

8.2CVSS5.3AI score0.00347EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

Apache Answer 安全漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier contained security vulnerabilities. These vulnerabilities were caused by improper neutralization of XSS syntax, resulting in AI-generated content being rendered...

6.1CVSS5.3AI score0.00406EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

FreeSWITCH 安全漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and messaging-related products and applications. Prior to FreeSWITCH version 1.11.1, there were security...

7.5CVSS5.4AI score0.00414EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

VMware Spring Framework 输入验证错误漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, a US-based company. This framework helps developers build high-quality applications. Versions of VMware Spring Framework from 5.3.0 to 5.3.48 contain a vulnerability related to input validation errors...

7.5CVSS5.4AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS6.1AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe InDesign Desktop 代码问题漏洞

Adobe InDesign Desktop is a page layout software developed by Adobe, a company based in America. Versions of Adobe InDesign Desktop such as 21.3, 20.5.3, and earlier versions have code vulnerabilities. These vulnerabilities stem from null pointer dereferencing issues, which can lead to applicatio...

5.5CVSS5.5AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

NETGEAR多款产品 安全漏洞

NETGEAR RBR850 is a product of the NETGEAR company. The NETGEAR RBR850 is a router. The NETGEAR RBS850 is also a router. The NETGEAR RBS750 is another router. Several NETGEAR products have security vulnerabilities. These vulnerabilities stem from insufficient buffer input validation, which may...

6.8CVSS5.6AI score0.00323EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

VMware Spring Retry 安全漏洞

VMware Spring Retry is an application fault tolerance and retry framework developed by the American company VMware. Versions 2.0.0 to 2.0.12 and 1.3.0 to 1.3.4 of VMware Spring Retry contain security vulnerabilities. These vulnerabilities arise from triggering failures due to a large number of...

5.9CVSS5.4AI score0.0028EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

mem0 安全漏洞

mem0 is an open-source benchmark tool for efficient memory algorithms developed by Mem0. Versions of mem0 prior to 0.2.8 contain security vulnerabilities. These vulnerabilities stem from a lack of authorization verification, which may cause authenticated users with an API key to redirect all LLM...

8.6CVSS5.3AI score0.0029EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

WordPress plugin Custom Block Builder 跨站脚本漏洞

WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed on a website. The WordPress Plugin Custom Block Builder has a cross-site...

3.5CVSS6.1AI score0.00138EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Office Sharepoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. Microsoft Office SharePoint has a cross-site scripting vulnerability. Attackers exploit this vulnerability to carry out cross-site scripting attacks. The followi...

5.4CVSS6.9AI score0.00505EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability. This...

7.8CVSS7.8AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Windows Program Compatibility Assistant Service 竞争条件问题漏洞

Microsoft Windows is an operating system used on personal devices by the American company Microsoft. The Microsoft Windows Program Compatibility Assistant Service has a security vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions...

7.8CVSS5.9AI score0.00184EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS6.1AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

Microsoft Office 缓冲区错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a code execution vulnerability in Microsoft Office, which is caused by improper...

7.8CVSS7.8AI score0.00455EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

WordPress plugin WP Emoticon Rating 跨站请求伪造漏洞

WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the functionality of WordPress. The WP Emoticon Rating plugin has a cross-site reques...

6.1CVSS5.8AI score0.0012EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Windows Universal Plug and Play 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows. The following products and versions are affected: Windows 10 Version 1809 for 32-bit Systems, Windows 10 Version 1809 for x64-based Systems...

8.1CVSS5.8AI score0.0052EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

microsoft hyper-v 缓冲区错误漏洞

Microsoft Hyper-V is an application developed by the American company Microsoft. It is a system management program that enables desktop virtualization. There is a code execution vulnerability in Microsoft Hyper-V, and attackers can exploit this vulnerability to execute arbitrary code on the syste...

8.4CVSS7.8AI score0.00357EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the webAuthUserPwd parameter within the formAddWebAuthUser function. It could allow attackers t...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.9 views

TYPO3 CMS 安全漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source framework. There is a security vulnerability in TYPO3 CMS, which stems from the upload limit imposed on form definition files. This limit can be bypassed by using mixed uppercase and lowercase file extensions, allowing...

7.6CVSS6AI score0.00253EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Office Excel 缓冲区错误漏洞

Microsoft Office Excel is a spreadsheet software developed by Microsoft in the United States. Microsoft Office Excel has a buffer error vulnerability, which stems from integer underflow. This vulnerability may allow unauthorized attackers to execute code locally...

7.8CVSS5.9AI score0.00372EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

SAP MDG Review Match Groups Application 安全漏洞

The SAP MDG Review Match Groups Application is a data duplication detection tool developed by SAP, a German company. This application has security vulnerabilities; these vulnerabilities stem from the lack of necessary authorization checks, which may lead to privilege escalation...

4.3CVSS5.3AI score0.00161EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Office Sharepoint Server 反序列化注入漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. There are code-related vulnerabilities in Microsoft Office SharePoint. The following products and versions are affected: Microsoft SharePoint Enterprise Server...

5.4CVSS7AI score0.00937EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Microsoft DWM Core Library 资源管理错误漏洞

The Microsoft DWM Core Library is a core library of Microsoft Windows from the company Microsoft. There is a resource management vulnerability in the Microsoft DWM Core Library. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected:...

7.8CVSS5.4AI score0.00286EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Adobe Acrobat Reader 缓冲区错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a buffer error vulnerability. This...

7.8CVSS8.1AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Fortinet FortiPortal 访问控制错误漏洞

Fortinet FortiPortal is a network security management portal product that primarily provides features such as network visualization, configuration management, and security policy monitoring. Fortinet FortiPortal has a access control vulnerability. This vulnerability stems from an inability to...

6.5CVSS6.6AI score0.00201EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

NETGEAR RAXE450和NETGEAR RAXE500 输入验证错误漏洞

NETGEAR RAXE450 and NETGEAR RAXE500 are wireless routers produced by the American company NETGEAR. Both devices have a vulnerability related to input validation. This vulnerability stems from the possibility of authenticated administrators who are connected to the local network being able to modi...

6.8CVSS5.3AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Veeam Backup And Replication 代码问题漏洞

Veeam Backup and Replication is a backup and replication software developed by the American company Veeam. Veeam Backup and Replication has a code vulnerability that stems from allowing authenticated domain users to execute code remotely...

9.4CVSS8.8AI score0.02042EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Office Sharepoint Server 跨站脚本漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. Microsoft Office SharePoint has a cross-site scripting vulnerability. Attackers exploit this vulnerability to carry out cross-site scripting attacks. The followi...

5.4CVSS6.9AI score0.0051EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Remote Desktop Client 资源管理错误漏洞

Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft Remote Desktop Client. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected:...

7.5CVSS5.9AI score0.0055EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.22 views

Microsoft Windows Ancillary Function Driver for WinSock 资源管理错误漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a accessibility driver for Winsock by Microsoft Corporation. The Microsoft Windows Ancillary Function Driver for WinSock has a resource management vulnerability that stems from reusing resources after they have been released. This...

7CVSS5.3AI score0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

NETGEAR Orbi 缓冲区错误漏洞

NETGEAR Orbi is a distributed WiFi system developed by NETGEAR, a company in the United States. Versions of NETGEAR Orbi 370 prior to V12.1.2.7 contained a buffer error vulnerability. This vulnerability allowed attackers to intercept and manipulate traffic between the router and the internet. The...

7.5CVSS5.7AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Hermes Web UI 安全漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.303 contained security vulnerabilities, which were caused by a TOCTOU race condition in the gitdiscard function. This vulnerability could allow attackers to delete file...

5CVSS5.3AI score0.00081EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

VMware Spring Framework 输入验证错误漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware Corporation. This framework helps developers build high-quality applications. Versions of VMware Spring Framework from 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 contain a...

6.1CVSS5.3AI score0.00134EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Visual Studio Code 代码注入漏洞

Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a code injection vulnerability. Attackers can exploit this vulnerability to gain higher privileges...

7.8CVSS5.5AI score0.00368EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

389 Directory Server 389-ds-base 缓冲区错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server, which stems from the ldaputf8prev function reading bytes from the buffer without boundary checks. This leads ...

6.3CVSS6AI score0.00177EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

Microsoft Office Sharepoint Server 授权问题漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. There are authorization-related vulnerabilities in Microsoft Office SharePoint. Attackers can exploit these vulnerabilities to execute code remotely. The followi...

8CVSS7.1AI score0.00669EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Windows Push Notifications 竞争条件问题漏洞

Microsoft Windows Push Notifications is a push notification service provided by the American company Microsoft. It provides a reliable way to deliver new updates. There are vulnerabilities related to competition conditions in Microsoft Windows Push Notifications. Attackers can exploit these...

7.8CVSS5.3AI score0.00185EPSS
Exploits0References1
Total number of security vulnerabilities195539