Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/08 12:0 a.m.16 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after the Dawn process is terminated...

8.8CVSS5.3AI score0.00203EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Headplane 路径遍历漏洞

Headplane is a web management interface for Headscale, developed by Aarnav Tale. Versions of Headplane prior to 0.6.3 and 0.7.0-beta.3 contained a path traversal vulnerability. This vulnerability stemmed from path traversal and authorization bypass issues in the Headscale API client during node a...

8.1CVSS5.3AI score0.00374EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

jshERP(华夏ERP) 代码问题漏洞

jshERP Huaxia ERP is a domestic ERP system developed by Jishan Hua. Versions of jshERP 3.6 and earlier contained code vulnerabilities. These vulnerabilities stemmed from improper handling of the parameter platformValue in the platformConfig Add endpoint, specifically in the insertPlatformConfig...

5.8CVSS5AI score0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a vulnerability related to network conditions, known as a “network condition vulnerability.”...

8.3CVSS5.3AI score0.00148EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...

8.8CVSS5.3AI score0.0027EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after Bluetooth is released...

8.8CVSS5.3AI score0.00232EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Bagisto 路径遍历漏洞

Bagisto is an open-source e-commerce framework developed by Webkul Software in India. Bagisto has a path traversal vulnerability. This vulnerability stems from improper validation of user inputs in the ImageCacheController component. It allows unauthenticated remote attackers to send specially...

8.7CVSS5.4AI score0.00455EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

CodeAstro Leave Management System 注入漏洞

The CodeAstro Leave Management System is a leave management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Leave Management System has a SQL injection vulnerability. This vulnerability stems from the handling of the parameter “Name” in the file/admin/searchstafftoassignpc.php,...

6.5CVSS6.6AI score0.002EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that arises from its uninitialized state...

4.3CVSS5.3AI score0.00193EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...

6.8CVSS5.3AI score0.00181EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

YesWiki 代码注入漏洞

YesWiki is a wiki system built using PHP, developed by the French organization YesWiki. It is used for creating and managing websites in a collaborative manner. Versions of YesWiki prior to 4.6.6 had a code injection vulnerability; this vulnerability stemmed from an insecure execution flaw in the...

9.8CVSS5.9AI score0.00561EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Bank Management System 安全漏洞

Bank Management System is a banking management system developed by Alien developers. There is a security vulnerability in Bank Management System, which stems from operations in the TransactionEndpoint component file...

6.5CVSS6.3AI score0.00272EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...

7.5CVSS5.3AI score0.00264EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after Printing is released...

9.6CVSS5.3AI score0.00252EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.7 views

Flowise 安全漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained a security vulnerability, which stemmed from issues with batch assignment during the creation and updating of DatasetRows. This vulnerability could le...

8.8CVSS5.3AI score0.00342EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after Media has been released...

8.8CVSS5.2AI score0.00243EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability, which stems from the reuse of WebCodecs after they are released...

8.8CVSS5.2AI score0.00307EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.16 views

AgentCore CLI 代码注入漏洞

AgentCore CLI is an open-source AI agent development and deployment command-line tool developed by Amazon Web Services. Versions of AgentCore CLI prior to 0.14.2 contained a code injection vulnerability. This vulnerability stemmed from improper use of triple quotes in Python code generation. It...

9CVSS6.3AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

student_management_system 注入漏洞

studentmanagementsystem is a student information management tool personally developed by Vivek Singh. There is an injection vulnerability in studentmanagementsystem. This vulnerability stems from an unknown function in the Login component, located in the/index.ph file, which improperly handles...

7.5CVSS7.5AI score0.00328EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

phpMyFAQ 安全漏洞

phpMyFAQ is a multilingual FAQ system developed by Thorsten Rinne. It is entirely database-driven. Versions of phpMyFAQ prior to 4.1.4 contained a security vulnerability. This vulnerability stemmed from the use of the SHA-1 hash algorithm for handling attachments. The SHA-1 algorithm is vulnerabl...

6.9CVSS5.3AI score0.00182EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Vulnerabilities exist in Apache HTTP Server versions 2.4.0 to 2.4.67. These vulnerabilities ste...

7.5CVSS5.6AI score0.0071EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

STACKIT IaaS API 安全漏洞

THE STACKIT IaaS API is a cloud infrastructure management interface provided by the German company STACKIT. There is a security vulnerability in THE STACKIT IaaS API. This vulnerability stems from the lack of authorization checks, which may allow authenticated, low-privilege attackers to elevate...

9.8CVSS5.5AI score0.00302EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.16 views

HTMLSanitizer 跨站脚本漏洞

HTMLSanitizer is an HTML formatting software open source by JuliaHub. Versions of HTMLSanitizer prior to 2.3.2 had a cross-site scripting vulnerability. This vulnerability occurred when ALLOWINSECURERAWTEXT was enabled, resulting in blank variant closing tags being ignored, which could lead to...

2.1CVSS4.9AI score0.00282EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of MediaCapture data...

4.3CVSS5.3AI score0.00177EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.16 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Apache HTTP Server versions 2.4.67 and earlier contain security vulnerabilities, which stem fro...

7.5CVSS5.4AI score0.00805EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after Autofill is released...

7.5CVSS5.3AI score0.00222EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Flowise 访问控制错误漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained a access control vulnerability. This vulnerability stemmed from a lack of server-side verification and authorization checks at the tool’s update...

7.6CVSS5.3AI score0.00195EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

neovim 注入漏洞

Neovim is a modern, scalable text editor developed by Neovim OpenSource. Versions of Neovim 0.12.2 and earlier contained a vulnerability due to incorrect handling of the path parameter in the M.read function within the viewbranch component. This vulnerability could lead to command injection attac...

5.3CVSS5.6AI score0.00923EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.8 views

Weaviate 授权问题漏洞

Weaviate is an open-source vector database developed by Weaviate. Versions of Weaviate 1.37.7 and earlier had an authorization vulnerability. This vulnerability stemmed from incorrect handling of the parameter “StaticApiKey” in the function “validateConfig” within the Static API Key Handler...

5CVSS5.5AI score0.00281EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Flowise 访问控制错误漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained a access control vulnerability, which stemmed from a batch assignment vulnerability in the assistant update endpoints. This vulnerability could...

9.6CVSS5.3AI score0.00274EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...

9.6CVSS5.3AI score0.00252EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

CodeAstro Ingredients Stock Management System 注入漏洞

CodeAstro Ingredients Stock Management System is a stock management system for ingredients developed by CodeAstro Inc. Version 1.0 of the CodeAstro Ingredients Stock Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameter IDs in the...

6.5CVSS6.6AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Keycloak 授权问题漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. There is a security vulnerability in Keycloak. This vulnerability stems from improper access control in the POST /admin/realms/realm/partialImport endpoint, which may allow limited administrators to bypass...

5.9AI score0.00329EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Flowise 安全漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained security vulnerabilities. These vulnerabilities stemmed from issues with batch assignment during evaluation and creation processes, which could lead t...

8.8CVSS5.3AI score0.00335EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Tenda F451 命令注入漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Versions 1.0.0.7 and 1.0.0.9 of the Tenda F451 contain command injection vulnerabilities. These vulnerabilities stem from improper handling of the parameter “mac” in the formWriteFacMac function within the Web Management...

9CVSS8AI score0.01614EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Versions of Apache HTTP Server 2.4.67 and earlier contain security vulnerabilities. These...

9.1CVSS5.3AI score0.00538EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

CodeAstro Student Attendance Management System 注入漏洞

CodeAstro Student Attendance Management System is a student attendance management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Student Attendance Management System has a SQL injection vulnerability. This vulnerability arises from incorrect operations with the parameter classId ...

6.5CVSS6.6AI score0.002EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

GL.iNet多款产品 加密问题漏洞

GL.iNet MT3000 and other products are developed by GL.iNet Corporation. The GL.iNet MT3000 is a portable router that uses the Wi-Fi 6 protocol. The GL.iNet AX1800 is a wireless router. The GL.iNet A1300 is a Wi-Fi 5 travel router. Several of GL.iNet’s products have encryption vulnerabilities, whi...

5CVSS5.5AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.16 views

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a GPU driver toolkit developed by the British company Imagination. There is a security vulnerability in Imagination Graphics DDK. This vulnerability arises from improper GPU system calls when the software runs as a non-privileged user. This leads to errors in managing...

7.1CVSS5.3AI score0.00116EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.17 views

WordPress plugin Seotheme 访问控制错误漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

9.8CVSS6.8AI score0.00613EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

VMware Cloud Foundation Operations 安全漏洞

VMware Cloud Foundation Operations is a private cloud operations management platform provided by the American company VMware. There is a security vulnerability in VMware Cloud Foundation Operations. This vulnerability stems from multiple storage-based cross-site scripting vulnerabilities, which...

8CVSS5.1AI score0.00302EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There were security vulnerabilities in Apache HTTP Server versions 2.4.0 to 2.4.67. These...

7.3CVSS5.4AI score0.00598EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

grepai 加密问题漏洞

grepai is a semantic search-based code understanding tool developed by Yoan Bernabeu. Version 0.35.0 of grepai has an encryption vulnerability. This vulnerability stems from improper handling of the parameter contenthash in the PostgresStore.LookupByContentHash function within the file...

2.5CVSS4.6AI score0.00082EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

req 注入漏洞

“req” is a simple Go HTTP client developed by a Roc individual using Black Magic. Versions of “req” from 0.5.3 to 0.6.0 had an injection vulnerability. This vulnerability stemmed from improper neutralization of CRLF sequences, which could lead to multipart parameter smuggling through parts of the...

2.1CVSS5.3AI score0.00178EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...

8.8CVSS5.3AI score0.00263EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Tenda CX12L 缓冲区错误漏洞

The Tenda CX12L is a home-use wireless router device from the Chinese company Tenda. The version 16.03.53.12 of the Tenda CX12L contains a buffer error vulnerability. This vulnerability stems from the setSchedWifi function in the Wi-Fi Schedule Configuration Endpoint component...

9CVSS8.5AI score0.00466EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. in the United States. Google Chrome has a vulnerability related to input validation, which stems from Passwords’ insufficient validation for untrusted inputs...

8.1CVSS5.3AI score0.00218EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Mobile Verification Toolkit 路径遍历漏洞

The Mobile Verification Toolkit is an open-source mobile device forensics analysis tool developed by MVT. Versions of the Mobile Verification Toolkit prior to version 2026.5.12 contained a path traversal vulnerability. This vulnerability stemmed from file identifiers that were not cleared during...

5.3CVSS5.3AI score0.00376EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a buffer overflow vulnerability, which stems from out-of-bounds writes...

8.3CVSS5.7AI score0.00238EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Checkmk 跨站脚本漏洞

Checkmk is an IT monitoring platform developed by Checkmk Corporation. Versions of Checkmk prior to 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions contain a cross-site scripting vulnerability. This vulnerability stems from the storage of malicious HTML or JavaScript in the change logs,...

4.8CVSS5.2AI score0.00143EPSS
Exploits0References2
Total number of security vulnerabilities195539