Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

WordPress plugin WP24 Domain Check 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.4AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

WordPress plugin WP-Paginate 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.1AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after Web Apps are released...

8.3CVSS5.3AI score0.00231EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

OpenBullet2 安全漏洞

OpenBullet2 is a cross-platform automated testing and data scraping tool developed by the OpenBullet team. Versions of OpenBullet2 prior to 0.3.2 have security vulnerabilities on Windows. These vulnerabilities stem from credential exposure, and it is possible for remote attackers to exploit them ...

7.1CVSS5.5AI score0.00314EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

VMware Cloud Foundation Operations 安全漏洞

VMware Cloud Foundation Operations is a private cloud operations management platform provided by the American company VMware. There is a security vulnerability in VMware Cloud Foundation Operations. This vulnerability stems from multiple storage-based cross-site scripting vulnerabilities, which...

8CVSS5.1AI score0.00399EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There is a buffer overflow vulnerability present in Apache HTTP Server, but detailed informatio...

9.8CVSS6.2AI score0.00486EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

SourceCodester Inventory System 安全漏洞

The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System contains a security vulnerability. This vulnerability stems from the operation of the ROLE parameter in the Account Creation Handler component...

6.5CVSS6.4AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability, which stems from insufficient validation of untrusted input...

5.4CVSS5.3AI score0.00178EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

OpenMetadata 安全漏洞

OpenMetadata is an open-source platform for discovery, observability, and governance, supported by a central metadata storage repository, deep lineage, and seamless team collaboration. Prior to OpenMetadata 1.12.4, there were security vulnerabilities. These vulnerabilities stemmed from a workflow...

8.3CVSS5.3AI score0.00241EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from incorrect data being passed during the update of the ftrace mask in the drm/imagination driver...

5.5CVSS5.3AI score0.00107EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of Gamepads after they are released...

9.6CVSS5.3AI score0.00252EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the recursive flushing of the work queue in the nvmetctrlfree function within the nvmet module...

7.5CVSS5.3AI score0.00389EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from out-of-bound access to output registers in the mpfs-ccc clock driver. This vulnerability could le...

7.1CVSS5.3AI score0.00126EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Weaviate 授权问题漏洞

Weaviate is an open-source vector database developed by Weaviate. Versions of Weaviate 1.37.7 and earlier had an authorization vulnerability. This vulnerability stemmed from incorrect handling of the parameter “StaticApiKey” in the function “validateConfig” within the Static API Key Handler...

5CVSS5.5AI score0.00281EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Fides 跨站脚本漏洞

Fides is an open-source privacy engineering platform developed by Ethyca, used to manage the implementation of data privacy requests in the runtime environment and the enforcement of privacy regulations within code. Versions of Fides from 2.33.0 to 2.84.5 contained a cross-site scripting...

7CVSS5AI score0.00297EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

Bludit 安全漏洞

Bludit is an open-source, lightweight blog content management system developed by Bludit. Versions of Bludit prior to 3.22.0 contained security vulnerabilities. These vulnerabilities stemmed from a flaw in the user management logic: when accounts were disabled, persistent authentication tokens we...

7.1CVSS5.4AI score0.00271EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Headplane 路径遍历漏洞

Headplane is a web management interface for Headscale, developed by Aarnav Tale. Versions of Headplane prior to 0.6.3 and 0.7.0-beta.3 contained a path traversal vulnerability. This vulnerability stemmed from path traversal and authorization bypass issues in the Headscale API client during node a...

8.1CVSS5.3AI score0.00374EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Gun 安全漏洞

Gun is an open-source Erlang HTTP client developed by Nine Nines that supports HTTP/1.1, HTTP/2, and WebSocket. Versions of Gun from 2.0.0 to 2.4.0 contained security vulnerabilities. These vulnerabilities stemmed from unexpected status codes or return values in the gunhttp module, which could...

8.7CVSS5.3AI score0.00381EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in length calculation within the extractkvectosg function, potentially leading to a buff...

9.8CVSS5.8AI score0.00457EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Everbrite BeikeShop 注入漏洞

Everbrite BeikeShop is an e-commerce system developed by China Everbright Corporation. Versions of Everbrite BeikeShop prior to 1.6.0.22 contained a SQL injection vulnerability. This vulnerability stemmed from improper handling of parameters with the value “settings.value” in the unknown function...

6.5CVSS6.5AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

MySQL MCP Server 注入漏洞

The MySQL MCP Server is a security connection tool developed by Dana K. Williams. It allows interaction between AI and MySQL databases. Versions of the MySQL MCP Server prior to 0.2.2 have a vulnerability due to improper handling of the parameter uristr in the readresource function of the...

6.5CVSS6.6AI score0.00205EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Devolutions Server 加密问题漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server such as 2026.2.4.0, 2026.1.20.0, and earlier versions have security vulnerabilities. These...

6.5CVSS5.8AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

389 Directory Server 资源管理错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a resource management vulnerability in 389 Directory Server, which stems from the Content Synchronization persistent search plugin allowing unlimited memory...

6.5CVSS5.3AI score0.00244EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of views after they are released...

7.5CVSS5.3AI score0.00202EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the amdgpu driver’s improper handling of initializing a zero-sized GDS range during RDNA4...

5.5CVSS5.3AI score0.00123EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.17 views

SourceCodester Class and Exam Timetabling System 注入漏洞

SourceCodester Class and Exam Timetabling System is an open-source classroom and exam scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Class and Exam Timetabling System has a SQL injection vulnerability, which arises from incorrect handling of the parameter "sy" in...

7.5CVSS7.5AI score0.00275EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a buffer overflow vulnerability, which stems from out-of-bounds memory access in the V8 engine...

8.8CVSS6.3AI score0.01654EPSS
Exploits4References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

student_management_system 注入漏洞

studentmanagementsystem is a student information management tool personally developed by Vivek Singh. There is an injection vulnerability in studentmanagementsystem. This vulnerability stems from improper handling of parameters ausr/apwd by an unknown function in the Administrator Login Endpoint...

7.5CVSS7.5AI score0.00328EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

WordPress plugin Background Image Cropper 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Version...

9.8CVSS6.8AI score0.00838EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

NLnet Labs Routinator 安全漏洞

NLnet Labs Routinator is an open-source RPKI routing origin validation service developed by NLnet Labs. There is a security vulnerability in NLnet Labs Routinator: the system exits when an error occurs during HTTP or RTR connections. Attackers can exploit this condition by opening a large number ...

8.7CVSS5.3AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

WordPress plugin Travelscape 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS6AI score0.00674EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Bludit 授权问题漏洞

Bludit is an open-source, lightweight blog content management system developed by Bludit. Versions of Bludit prior to 3.22.0 had an authorization issue vulnerability. This vulnerability stemmed from the fact that active sessions remained valid even after user accounts were deleted, potentially...

8.8CVSS5.3AI score0.00294EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

SourceCodester Class and Exam Timetabling System 注入漏洞

SourceCodester Class and Exam Timetabling System is an open-source classroom and exam scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Class and Exam Timetabling System has a SQL injection vulnerability, which stems from improper handling of the parameter "Password...

7.5CVSS7.5AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

QloApps 跨站脚本漏洞

QloApps is an open-source hotel management and reservation system developed by QloApps. Versions of QloApps 1.7.0 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting vulnerability in the administrator’s file manager. It...

4.8CVSS5.3AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.8 views

Flowise 安全漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained a security vulnerability, which stemmed from issues with batch assignment during the creation and updating of DatasetRows. This vulnerability could le...

8.8CVSS5.3AI score0.00342EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

grepai 加密问题漏洞

grepai is a semantic search-based code understanding tool developed by Yoan Bernabeu. Version 0.35.0 of grepai has an encryption vulnerability. This vulnerability stems from improper handling of the parameter contenthash in the PostgresStore.LookupByContentHash function within the file...

2.5CVSS4.6AI score0.00082EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

SourceCodester Hospitals Patient Records Management System 注入漏洞

SourceCodester Hospitals Patient Records Management System is an open-source hospital medical record management system developed by SourceCodester. Version 1.0 of the SourceCodester Hospitals Patient Records Management System has a vulnerability related to SQL injection, which arises from incorre...

7.5CVSS7.5AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

SourceCodester Class and Exam Timetabling System 注入漏洞

SourceCodester Class and Exam Timetabling System is an open-source classroom and exam scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Class and Exam Timetabling System has a SQL injection vulnerability, which arises from incorrect handling of the parameter "sy" in...

7.5CVSS7.5AI score0.00275EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Tenda多款产品 缓冲区错误漏洞

Tenda HG10, etc., are products of the Chinese company Tenda. The Tenda HG10 is a fiber-optic router. The Tenda HG9 is a WiFi router. The Tenda HG7 is a dual-band Wi-Fi fiber network terminal device. Several Tenda products have a buffer error vulnerability. This vulnerability stems from improper...

9CVSS8.6AI score0.00477EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of the scpsysgetbusprotectionlegacy function in the pmdomain mediatek library after it is...

7.8CVSS5.3AI score0.00115EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

student_management_system 注入漏洞

studentmanagementsystem is a student information management tool personally developed by Vivek Singh. There is an injection vulnerability in studentmanagementsystem. This vulnerability stems from an unknown function in the Login component, located in the/index.ph file, which improperly handles...

7.5CVSS7.5AI score0.00328EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from issues with the Passwords component...

4.3CVSS5.2AI score0.00177EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Tenda CX12L 缓冲区错误漏洞

The Tenda CX12L is a home-use wireless router device from the Chinese company Tenda. The version 16.03.53.12 of the Tenda CX12L contains a buffer error vulnerability. This vulnerability stems from the setSchedWifi function in the Wi-Fi Schedule Configuration Endpoint component...

9CVSS8.5AI score0.00466EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.27 views

Apache HTTP Server 安全漏洞

The Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server features speed, reliability, and the ability to be expanded through simple APIs. There is a vulnerability in Apache HTTP Server where excessive memory allocation exists;...

7.5CVSS5.9AI score0.11471EPSS
Exploits8References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There is a bug in Apache HTTP Server involving infinite loops; however, detailed information...

7.3CVSS5.8AI score0.00562EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There were security vulnerabilities in Apache HTTP Server versions 2.4.0 to 2.4.67. These...

7.3CVSS5.4AI score0.00598EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/07 12:0 a.m.13 views

One API 安全漏洞

One API is an LLM API management and distribution system developed by JustSong’s developers. Versions of One API prior to 0.6.11-preview.7 contained a security vulnerability. This vulnerability stemmed from a function issue in the Redemption Code Top-Up Endpoint component’s model/redemption.go...

3.1CVSS4.8AI score0.0022EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/07 12:0 a.m.14 views

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system developed by JeeWMS Corporation in China. There is a security vulnerability in JeeWMS. This vulnerability stems from incorrect operations with parameters such as dbType/dbDriver/dbUrl/dbUsername/dbPassword in the JimuReport test-connection Endpoi...

7.5CVSS7.3AI score0.00329EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/07 12:0 a.m.12 views

GL.iNet GL-MT3000 命令注入漏洞

GL.iNet GL-MT3000 is a portable travel router from the company GL.iNet, which supports Wi-Fi 6 and VPN functions. Version 4.4.5 of GL.iNet GL-MT3000 has a command injection vulnerability. This vulnerability stems from an incorrect operation with the parameter “mediadir” in the function snprintf o...

7.5CVSS7.2AI score0.02027EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/06/07 12:0 a.m.12 views

GL.iNet GL-MT3000 命令注入漏洞

GL.iNet GL-MT3000 is a portable travel router from the company GL.iNet, which supports Wi-Fi 6 and VPN functions. Version 4.4.5 of GL.iNet GL-MT3000 has a command injection vulnerability. This vulnerability stems from an incorrect operation of the parameter devname in the function dlopen within t...

7.5CVSS7.3AI score0.01572EPSS
Exploits1References6
Total number of security vulnerabilities195539