Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Tenda G0 安全漏洞

Tenda G0 is a router produced by the Chinese company Tenda. The version 15.11.0.5 of Tenda G0 contains a security vulnerability. This vulnerability stems from a buffer overflow in the portalAuth parameter of the formPortalAuth function, which could allow attackers to cause denial-of-service attac...

7.5CVSS5.8AI score0.00397EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

TYPO3 CMS 安全漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source framework. There is a security vulnerability in TYPO3 CMS, which stems from the upload limit imposed on form definition files. This limit can be bypassed by using mixed uppercase and lowercase file extensions, allowing...

7.6CVSS6AI score0.00253EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Tenda W3 安全漏洞

Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from a stack overflow issue with the wlradio parameter in the formWifiRadioSet function. It could allow attackers to cause...

7.5CVSS5.5AI score0.00397EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

bookcars 访问控制错误漏洞

Bookcars is a car rental management platform developed by Akram El Assas. Version 8.3 of Bookcars contains an access control vulnerability, which stems from improper permission settings. This vulnerability could allow authenticated attackers to elevate user permissions from the user level to the...

8.1CVSS5.3AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

NETGEAR Routers 缓冲区错误漏洞

NETGEAR Routers are a series of routers produced by NETGEAR, a company in the United States. NETGEAR Routers have a buffer error vulnerability; this vulnerability arises from unauthorized local network users sending specially crafted requests, which may cause the router to become unavailable. The...

7.1CVSS5.7AI score0.00357EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe InCopy 安全漏洞

Adobe InCopy is a text editing software for creative purposes developed by Adobe, Inc. Versions of Adobe InCopy such as 21.3, 20.5.3, and earlier versions have security vulnerabilities. These vulnerabilities stem from heap buffer overflow exploits, which could allow arbitrary code to execute with...

7.8CVSS6.2AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.24 views

Microsoft azure kubernetes service 路径遍历漏洞

Microsoft Azure Kubernetes Service is a service provided by Microsoft Corporation for deploying, managing, and scaling containerized applications. Microsoft Azure Kubernetes Service has a path traversal vulnerability. Attackers can exploit this vulnerability to execute code remotely...

8.8CVSS6AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

D-Link DIR-823G 安全漏洞

The D-Link DIR-823G is a wireless router produced by D-Link Corporation. The D-Link DIR-823G version 1.0.2B05 has a security vulnerability. This vulnerability stems from incorrect operations in the vsftpd component’s configuration file /etc/vsftpd.conf, which may lead to violations of the princip...

8.8CVSS5AI score0.00511EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

student_management_system 注入漏洞

studentmanagementsystem is a student information management tool personally developed by Vivek Singh. There is an injection vulnerability in studentmanagementsystem. This vulnerability stems from improper handling of parameters ausr/apwd by an unknown function in the Administrator Login Endpoint...

7.5CVSS7.5AI score0.00328EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after Bluetooth is released...

8.3CVSS5.3AI score0.00222EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Bolt CMS 注入漏洞

Bolt CMS is an open-source content management system based on PHP, developed by Bolt CMS. Versions of Bolt CMS 3.7.5 and earlier have a vulnerability related to injection attacks. This vulnerability stems from the handling of the 'style' parameter in the Component HTML Attribute Handler file,...

5.1CVSS5AI score0.00191EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a buffer overflow vulnerability, which stems from out-of-bounds memory access in the V8 engine...

8.8CVSS6.3AI score0.01654EPSS
Exploits4References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Flowise 安全漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication and permission checks at the OpenAI Assistants Vector Store...

8.8CVSS5.3AI score0.00327EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Checkmk 跨站脚本漏洞

Checkmk is an IT monitoring platform developed by Checkmk Corporation. Versions prior to Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions contain a cross-site scripting vulnerability. This vulnerability stems from the service discovery active check’s output, which contains a stored...

4.8CVSS5AI score0.00143EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

WordPress plugin Background Image Cropper 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Version...

9.8CVSS6.8AI score0.00838EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Gun 安全漏洞

Gun is an open-source Erlang HTTP client developed by Nine Nines, supporting HTTP/1.1, HTTP/2, and WebSocket. Versions of Gun from 1.0.0 to 2.4.0 contained security vulnerabilities. These vulnerabilities stemmed from uncontrolled resource consumption in the gunhttp module, which could allow...

8.7CVSS5.3AI score0.00381EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after Bluetooth is released...

8.8CVSS5.3AI score0.00203EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Tenda AC1206 安全漏洞

The Tenda AC1206 is a wireless Gigabit router produced by the Chinese company Tenda. The version Tenda AC1206 v15.03.06.23 contains a security vulnerability. This vulnerability stems from multiple stack overflows in the username and password parameters within the fromGstDhcpSetSer function. It...

7.5CVSS5.4AI score0.00529EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

CodeAstro Student Attendance Management System 注入漏洞

The CodeAstro Student Attendance Management System is a student attendance management system developed by CodeAstro Corporation. Version 1.0 of the CodeAstro Student Attendance Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the parameter...

7.5CVSS7.5AI score0.00269EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Apache Cordova Plugin InAppBrowser 输入验证错误漏洞

Apache Cordova Plugin InAppBrowser is an embedded browser plugin developed by the Apache Foundation. Versions 3.1.0 to 6.0.0 of Apache Cordova Plugin InAppBrowser contain a vulnerability related to input validation errors. This vulnerability stems from insufficient format validation of the id fie...

9.5CVSS5.4AI score0.00723EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of views after they are released...

8.8CVSS5.3AI score0.00262EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of unreliable inputs by the UI...

9.6CVSS5.3AI score0.00203EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. in the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of unreliable inputs in the Views component...

8.3CVSS5.3AI score0.00192EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

HTML Sanitizer 跨站脚本漏洞

HTML Sanitizer is an HTML security filtering component open-sourced by the TYPO3 GitHub Department. Versions of HTML Sanitizer prior to 2.3.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from incorrect encoding of namespace attributes during HTML serialization, which...

5.1CVSS5AI score0.00366EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.16 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...

9.6CVSS5.3AI score0.00337EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Tenda AC15 安全漏洞

The Tenda AC15 is a wireless router produced by the Chinese company Tenda. Version 15.03.05.19 of the Tenda AC15 contains a security vulnerability. This vulnerability stems from incorrect operations with the file /etcro/smb.conf in the Samba component, which may lead to weak password requirements...

5CVSS5.4AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

SourceCodester Inventory System 跨站脚本漏洞

The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System has a cross-site scripting vulnerability. This vulnerability stems from operations in the file header.php, which may lead to cross-site scripting...

5.1CVSS4.5AI score0.00248EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

Student-Management-System 访问控制错误漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a security vulnerability in Student-Management-System, which stems from improper handling of the parameter “stimg” in the file service/RegisterService.php on the registration endpoin...

7.5CVSS7.2AI score0.00288EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Cowlib 注入漏洞

Cowlib is a web protocol message parsing and building library developed by Nine Nines. Version 2.9.0 of Cowlib contains an injection vulnerability, which stems from improper handling of CRLF sequences. This vulnerability may lead to HTTP response splitting, allowing attackers to inject CRLFs...

6.3CVSS5.3AI score0.00313EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server such as 2026.2.4.0, 2026.1.20.0, and earlier versions have security vulnerabilities. These...

4.3CVSS5.4AI score0.00155EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

AdGuardHome 路径遍历漏洞

AdGuardHome is a DNS blocking service developed by the AdguardTeam. It prevents advertisements and trackers from reaching users across the network. AdGuardHome has a path traversal vulnerability, which stems from authentication bypass. This vulnerability allows unauthenticated attackers to obtain...

9.4CVSS5.4AI score0.00542EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

OpenVPN 安全漏洞

OpenVPN is a software package developed by OpenVPN Inc. in the United States, used to create encrypted VPN tunnels. It utilizes the OpenSSL library to encrypt data and control information, and allows the created VPNs to use public keys, electronic certificates, or username/password for...

6.9CVSS5.3AI score0.00317EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of Codecs after their release...

8.3CVSS5.3AI score0.00179EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability, which stems from the reuse of objects released by InterestGroups...

8.8CVSS5.2AI score0.00243EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs...

6.5CVSS5.3AI score0.00225EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a buffer overflow vulnerability, which stems from out-of-bounds read operations...

7.5CVSS5.7AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Flowise 安全漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained a security vulnerability. This vulnerability stemmed from the checkBasicAuth endpoint, which validated credentials in plaintext without rate limits,...

9.1CVSS7.2AI score0.00251EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.16 views

req 安全漏洞

“req” is a simple Go HTTP client developed by a Roc individual using Black Magic. Versions of “req” from 0.1.0 to 0.6.1 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of highly compressed data, which could allow an attacker-controlled HTTP server to exhau...

8.2CVSS5.4AI score0.00438EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Tenda W20E 缓冲区错误漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a buffer overflow vulnerability. This vulnerability stems from improper handling of the parameter “gotoUrl” in the formPortalAuth function of the Web Management Interface component,...

9CVSS8.6AI score0.00466EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Check Point Quantum Security Gateway和Check Point Spark Firewalls 信任管理问题漏洞

Check Point Quantum Security Gateway and Check Point Spark Firewalls are both products of Check Point, a company based in Israel. Check Point Quantum Security Gateway is a series of enterprise-level security gateway devices. Check Point Spark Firewalls are a series of security firewall devices...

7.4CVSS5.8AI score0.04859EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.7 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iowqremovepending function in iowq. This function does not check whether the predecessor has...

7.8CVSS5.2AI score0.00138EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from changes in the FPU soft interrupt during EFI graceful fault handling, and it could lead to system...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Apache HTTP Server 跨站脚本漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Versions of Apache HTTP Server 2.4.67 and earlier had a cross-site scripting vulnerability. Thi...

6.1CVSS4.9AI score0.00504EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

OfflineIMAP 安全漏洞

OfflineIMAP is an open-source Python utility designed for synchronizing emails with IMAP servers. Versions of OfflineIMAP prior to 8.0.3 contained a security vulnerability. This vulnerability stemmed from the STARTTLS feature, which allowed trust in the server before authentication. This could le...

6.5CVSS5.3AI score0.00186EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Hyperledger Fabric Chaincode Java 日志信息泄露漏洞

Hyperledger Fabric Chaincode Java is an open-source Java-based smart contract development framework developed by the Hyperledger project. In versions 2.3.1 to 2.5.10 of Hyperledger Fabric Chaincode Java, there was a vulnerability involving log information leakage. This vulnerability occurred when...

5.5CVSS5.3AI score0.00106EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

SourceCodester Barangay Resident Profiling and Information Management System 信任管理问题漏洞

The SourceCodester Barangay Resident Profiling and Information Management System is an open-source system developed by SourceCodester for managing profiles and information of Barangay residents. Version 1.0 of the SourceCodester Barangay Resident Profiling and Information Management System contai...

6.9CVSS5.6AI score0.00276EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

SourceCodester Class and Exam Timetabling System 注入漏洞

SourceCodester Class and Exam Timetabling System is an open-source classroom and exam scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Class and Exam Timetabling System has a SQL injection vulnerability, which arises from incorrect handling of the parameter "sy" in...

7.5CVSS7.5AI score0.00275EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Red Hat Quay 跨站脚本漏洞

Red Hat Quay is a container image repository platform operated by the American company Red Hat. Red Hat Quay has a cross-site scripting vulnerability. This vulnerability stems from the lack of validation of MIME types at the filedrop endpoint. It may allow authenticated users with write permissio...

5.4CVSS4.9AI score0.00138EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs...

5.4CVSS5.3AI score0.00214EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Student-Management-System 注入漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a vulnerability in Student-Management-System, which stems from improper handling of the parameter “nic” in the getStatus function of the controllers/GradeController.php file at the...

6.5CVSS6.6AI score0.00133EPSS
Exploits0References1
Total number of security vulnerabilities195539