Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/06 12:0 a.m.10 views

Clash Verge Rev 安全漏洞

Clash Verge Rev is an open-source proxy tool developed by Clash Verge Rev. Versions prior to Clash Verge Rev 2.3.0 contained security vulnerabilities; these vulnerabilities stemmed from the existence of globally accessible IPC endpoints, which could lead to local privilege escalation...

8.4CVSS5.3AI score0.00164EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.13 views

Mage AI 代码注入漏洞

Mage AI is an intelligent program developed by Mage OpenSource, used for building, running, and managing data pipelines. Versions of Mage AI 0.9.79 and earlier contained a code injection vulnerability. This vulnerability stemmed from the use of the query.redirecturl parameter in the useMutation...

5.3CVSS4.6AI score0.00263EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.11 views

WordPress plugin Debug Log Manager – Conveniently Monitor and Inspect Errors 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS5.8AI score0.00261EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.10 views

WordPress plugin Booking Package 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

7.2CVSS5.5AI score0.00345EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.10 views

WordPress plugin Quiz and Survey Master SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.9CVSS5.8AI score0.00352EPSS
Exploits0References13
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.11 views

TP-Link Tapo C520WS 安全漏洞

The TP-Link Tapo C520WS is a WiFi camera produced by TP-Link Corporation. The TP-Link Tapo C520WS v2 version has a security vulnerability. This vulnerability stems from a format string vulnerability in ONVIF AddScopes. User-controlled input is passed to the formatting function without proper...

6.8CVSS5.3AI score0.00163EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.10 views

OneDev 授权问题漏洞

OneDev is a JAVA-based multi-functional DevOps platform developed by Theonedev team. This platform supports container building, orchestration, CI, Git management, and team collaboration, helping developers create a simple yet powerful development platform. OneDev versions 15.0.5 and earlier have...

6.5CVSS6.5AI score0.00214EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.12 views

WordPress plugin Drag and Drop Multiple File Upload for Contact Form 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.4CVSS5.4AI score0.00214EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.10 views

GL.iNet MT3000 命令注入漏洞

The GL.iNet MT3000 is a portable router from the company GL.iNet, which uses the Wi-Fi 6 protocol. Versions of GL.iNet MT3000 prior to 4.4.5 have a command injection vulnerability. This vulnerability stems from the OpenVPN client’s import workflow, where the ovpnclient.sh file contains a command...

6.5CVSS6.5AI score0.0123EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.9 views

OneDev 授权问题漏洞

OneDev is a JAVA-based multi-functional DevOps platform developed by Theonedev team. This platform supports container building, orchestration, CI, Git management, and team collaboration, helping developers create a simple yet powerful development platform. OneDev versions 15.0.5 and earlier have...

6.5CVSS6.5AI score0.00214EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.10 views

WordPress plugin Quick Playground 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.4CVSS5.7AI score0.00315EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.10 views

WordPress plugin RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.6AI score0.0029EPSS
Exploits0References23
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.10 views

WordPress plugin Event Monster – Event Management, Events Calendar, Tickets 数据伪造问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS5.3AI score0.00165EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.12 views

WordPress plugin Ad Inserter – Ad Manager & AdSense Ads 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.1CVSS5.4AI score0.00225EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.12 views

WordPress plugin WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.4CVSS5.4AI score0.00201EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.9 views

FluentCMS 代码注入漏洞

FluentCMS is an open-source content management system developed by FluentCMS. Version 0.0.5 of FluentCMS has a code injection vulnerability, which stems from unknown functions in the Blocks Plugin component file located at admin/blocks. This vulnerability may lead to cross-site scripting attacks...

4.8CVSS4.3AI score0.00275EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.12 views

WordPress plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.5CVSS5.8AI score0.00325EPSS
Exploits0References13
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.12 views

WordPress plugin Frontend User Notes 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

4.3CVSS5.3AI score0.00132EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.13 views

WordPress plugin Essential Addons for Elementor – Popular Elementor Templates & Widgets 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.3CVSS5.4AI score0.0515EPSS
Exploits1References15
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.13 views

JD Cloud Box AX6600 安全漏洞

JD Cloud Box AX6600 is a wireless router produced by JD.com, a Chinese company. The JD Cloud Box AX6600 version 4.5.3.r4546 contains a security vulnerability. This vulnerability stems from a stack buffer overflow in the setmacfilter function located in the file /sbin/jdcwebrpc. An attacker can...

9CVSS8.2AI score0.00481EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Termix 安全漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.3.2 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the POST /users/totp/disable and POST /users/totp/backup-codes endpoints only accepted the...

8.1CVSS5.5AI score0.00324EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which arises due to the lack of verification of the tunnel protocol type during tunnel decapsulation configurations...

6.9CVSS5.7AI score0.00836EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by South Korea’s Samsung Corporation, including smartphones and tablets. Versions of Samsung Mobile Devices prior to SMR Jun-2026 Release 1 contained security vulnerabilities. These vulnerabilities were due to improper access control,...

5.5CVSS5.3AI score0.00093EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

Internationalized Domain Names in Applications 安全漏洞

Internationalized Domain Names in Applications is a tool for encoding and decoding internationalized domain names, developed by Kim Davies as a personal project. Versions of Internationalized Domain Names in Applications prior to version 3.15 contained a security vulnerability. This vulnerability...

6.9CVSS6.2AI score0.00408EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

X.Org Server 缓冲区错误漏洞

X.Org is open-source free software developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines how communication between display servers and clients occurs. There are buffer overflow vulnerabilities in the X.Org X server and Xwayland,...

7.8CVSS6.1AI score0.00148EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.5 views

X.Org Server 资源管理错误漏洞

X.Org is open-source free software developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland, which defines the way communication between display servers and clients takes place. There is a resource management vulnerability in X.Org X Server and...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

X.Org Server 缓冲区错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. Both X.Org X Server and Xwayland have buffer error...

5.5CVSS6AI score0.00132EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

X.Org Server 资源管理错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. There are resource management vulnerabilities in both...

7.8CVSS5.8AI score0.0014EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.7 views

X.Org Server 资源管理错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. There are resource management vulnerabilities in both...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

X.Org Server 缓冲区错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. Both X.Org X Server and Xwayland have security...

7.8CVSS6.2AI score0.00165EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

X.Org Server 缓冲区错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. Both X.Org X Server and Xwayland have security...

7.8CVSS6.1AI score0.00161EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

X.Org Server 资源管理错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication methods between the display server and its clients. There are resource management vulnerabilities in both...

7.8CVSS5.8AI score0.00142EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

X.Org XWayland 缓冲区错误漏洞

The X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. Both the X.Org X Server and Xwayland have security...

7.8CVSS6.1AI score0.00157EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

TP-Link Tapo C520WS 安全漏洞

The TP-Link Tapo C520WS is a WiFi camera produced by the TP-Link company. The TP-Link Tapo C520WS v2 has a security vulnerability, which stems from the improper handling of invalid syntax inputs by the RTSP server component, potentially leading to a denial-of-service attack...

7.1CVSS5.3AI score0.00206EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

Lyrion Music Server 安全漏洞

Lyrion Music Server is an audio server software developed by the Lyrion organization. Version 9.2.0 of Lyrion Music Server contains a security vulnerability. This vulnerability stems from an arbitrary directory list vulnerability in the readdirectory function, which could lead to enumerating...

6.9CVSS5.5AI score0.00294EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

SAMSUNG Plus TV 安全漏洞

SAMSUNG Plus TV is a free advertising-supported streaming television platform developed by South Korea’s Samsung Corporation. Versions of SAMSUNG Plus TV prior to 1.0.28.6 contained security vulnerabilities, which were caused by improper input validation. These vulnerabilities could allow remote...

7.5CVSS5.4AI score0.00298EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Open XDMoD 跨站脚本漏洞

Open XDMoD is an open-source tool developed by the Center for Computational Research for managing high-performance computing resources. Versions of Open XDMoD prior to 11.0.3 contained a cross-site scripting vulnerability. This vulnerability allowed authenticated attackers to inject malicious...

8.6CVSS5AI score0.00147EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

decompress 安全漏洞

Decompress is a file decompression tool personally developed by Kevin Mårtensson. Decompress has a security vulnerability; this vulnerability arises when decompressing a ZIP archive that contains two entries with the same path. Due to issues with the order of micro-task processing, arbitrary file...

7.5CVSS5.5AI score0.00521EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

Altium Enterprise Server 安全漏洞

Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. There is a security vulnerability in Altium Enterprise Server. This vulnerability stems from the Vault service using hard-coded key-signed download URLs, allowing unauthenticate...

10CVSS5.5AI score0.00478EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

7-Zip 缓冲区错误漏洞

7-Zip is an open-source compression software developed by 7-Zip. Versions of 7-Zip 26.00 and earlier contained a buffer error vulnerability. This vulnerability stemmed from insufficient allocation of the NTFS compression stream buffer, which could allow attackers to execute arbitrary code or caus...

8.8CVSS6.2AI score0.00938EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Altium 365和Altium Enterprise Server 安全漏洞

Altium 365 and Altium Enterprise Server are both products of the American company Altium. Altium 365 is a product design and development platform. Altium Enterprise Server is a localized data management server. Both Altium 365 and Altium Enterprise Server have security vulnerabilities. These...

8.3CVSS5.6AI score0.00517EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. This includes smartphones, tablets, etc. Devices prior to the SMR Jun-2026 Release 1 version have security vulnerabilities. These vulnerabilities stem from improper export of Android application...

6.4CVSS5.4AI score0.00093EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Claude-Mem 安全漏洞

Claude-Mem is an AI development assistant developed by Alex Newman. Versions of Claude-Mem prior to 11.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of a weak hash function in the computeObservationContentHash function of the Observation Content Hash Handler...

3.6CVSS4.9AI score0.00075EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. This includes smartphones, tablets, etc. Devices prior to the SMR Jun-2026 Release 1 version have a security vulnerability. This vulnerability stems from improper export of Android application...

4.8CVSS5.4AI score0.00084EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by South Korea’s Samsung Corporation, including smartphones and tablets. Versions of Samsung Mobile Devices prior to SMR Jun-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper export of...

7.8CVSS5.3AI score0.00093EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

open-apis 代码问题漏洞

open-apis is a microservice API within the HAX The Web open-source HAX network component repository. Versions of open-apis from 9.0.1 to 26.0.0 had code-related vulnerabilities. These vulnerabilities stemmed from multiple functions performing substring matching hostname only, which could allow...

8.7CVSS5.3AI score0.00457EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

DataDog::DogStatsd 安全漏洞

DataDog::DogStatsd is a Perl monitoring client library developed by DataDog Corporation that supports the DogStatsD protocol. Versions of DataDog::DogStatsd prior to 0.07 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of inputs, the sendstats method not...

9.1CVSS5.3AI score0.00331EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

Altium 365和Altium Enterprise Server 安全漏洞

Altium 365 and Altium Enterprise Server are both products of the American company Altium. Altium 365 is a product design and development platform. Altium Enterprise Server is a localized data management server. Both Altium 365 and Altium Enterprise Server have security vulnerabilities. These...

8.3CVSS5.4AI score0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Znuny 安全漏洞

Znuny is a ticket system of the Znuny company. Versions of Znuny prior to 7.3.3 contained security vulnerabilities, which were caused by reflection-type cross-site scripting attacks in the AdminCommunicationLog...

6.4CVSS5AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

The Linux Foundation OpenDayLight 安全漏洞

The Linux Foundation OpenDayLight is an open-source network controller platform developed by The Linux Foundation in the United States. The Linux Foundation OpenDayLight v12.0.5 contains a security vulnerability, which stems from a issue with the Externalizable.readExternal component. This...

7.5CVSS5.3AI score0.00278EPSS
Exploits0References3
Total number of security vulnerabilities195539