Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/05 12:0 a.m.16 views

HCL Digital Experience和HCL Digital Experience Compose 安全漏洞

HCL Digital Experience and HCL Digital Experience Compose are both products of the Indian company HCL. HCL Digital Experience is a digital experience platform and content delivery solution. HCL Digital Experience Compose is an enterprise-level content creation and digital experience management...

6.1CVSS5.5AI score0.00144EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Ericsson Packet Core Gateway 安全漏洞

Ericsson Packet Core Gateway is a data packet gateway platform for mobile communication core networks developed by the Swedish company Ericsson. Versions of Ericsson Packet Core Gateway prior to version 1.30 contained security vulnerabilities. These vulnerabilities stemmed from improper handling ...

7.1CVSS5.4AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

HAX 操作系统命令注入漏洞

HAX is an open-source microsite managed using HAX+CMS with a PHP backend. Versions of HAX prior to 26.0.0 had a vulnerability related to operating system command injection. This vulnerability stemmed from improper cleanup of input values when constructing shell command strings in the Git.php...

7.7CVSS6.7AI score0.00768EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Lyrion Music Server 路径遍历漏洞

Lyrion Music Server is an audio server software developed by the Lyrion organization. Version 9.2.0 of Lyrion Music Server contains a path traversal vulnerability. This vulnerability allows for the reading of arbitrary files through path traversal techniques...

8.7CVSS8.5AI score0.0064EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

Amazon Web Services Advanced Go Wrapper 安全漏洞

Amazon Web Services Advanced Go Wrapper is an open-source extension to existing Go language drivers provided by Amazon Web Services. There is a security vulnerability in Amazon Web Services Advanced Go Wrapper, which stems from an insecure search path in the GlobalDatabasePlugin. This vulnerabili...

8.6CVSS5.3AI score0.00305EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

SAMSUNG Android USB Driver 安全漏洞

The SAMSUNG Android USB Driver is a driver program developed by South Korean company Samsung. Versions of the SAMSUNG Android USB Driver for Windows prior to 1.9.5.0 contain security vulnerabilities. These vulnerabilities stem from improper input validation, which may allow local attackers to...

5.9CVSS5.3AI score0.00101EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞

Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. Version...

7CVSS5.3AI score0.0988EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

7-Zip 输入验证错误漏洞

7-Zip is an open-source compression software developed by 7-Zip. Version 9.18 to 26.00 of 7-Zip contained a vulnerability related to input validation errors. This vulnerability stemmed from the BSD SYMDEF parser in the Unix ar archive resolver, where a heap out-of-bound read was possible,...

6.5CVSS5.3AI score0.00267EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

Markdown Preview Enhanced 代码注入漏洞

Markdown Preview Enhanced is a highly powerful markup extension developed by Yiyi Wang. Versions of Markdown Preview Enhanced prior to 0.8.28 contained a code injection vulnerability. This vulnerability stemmed from the use of interpretJS to parse Bitfield and execute code, potentially allowing...

8.8CVSS5.9AI score0.00327EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

WordPress plugin WP Captcha PRO 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS6.2AI score0.00449EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack software. It is used to configure bare machines rather than virtual machines. There were security vulnerabilities in versions 32 to 37.0.0 of OpenStack Ironic. These vulnerabilities stemmed from unverified malicious users being able to submit specially...

7.5CVSS5.3AI score0.00433EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Async Http Client 信息泄露漏洞

Async Http Client is an open-source Java-based asynchronous HTTP and WebSocket client library developed by AsyncHttpClient. Versions prior to 2.15.0 and 3.0.10 of AsyncHttpClient have a vulnerability related to information leakage. This vulnerability arises from the fact that the propagateHeaders...

7.4CVSS5.3AI score0.00322EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.14 views

Altium 365和Altium Enterprise Server 安全漏洞

Altium 365 and Altium Enterprise Server are both products of the American company Altium. Altium 365 is a product design and development platform. Altium Enterprise Server is a localized data management server. Both Altium 365 and Altium Enterprise Server have security vulnerabilities. These...

10CVSS6.1AI score0.01145EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.14 views

Code-Projects Hotel and Tourism Reservation System SQL注入漏洞

Code-Projects Hotel and Tourism Reservation System is an open-source hotel and tourism reservation system developed by Code-Projects. Version 1.0 of the Code-Projects Hotel and Tourism Reservation System has a SQL injection vulnerability. This vulnerability arises from improper handling of the ro...

7.5CVSS7.5AI score0.00263EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. This includes smartphones, tablets, etc. Devices prior to the SMR Jun-2026 Release 1 version have security vulnerabilities. These vulnerabilities stem from improper handling of insufficient...

5.5CVSS5.4AI score0.00093EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

HAX 安全漏洞

HAX is an open-source microsite managed using HAX+CMS with a PHP backend. Versions of HAX prior to 26.0.0 contained security vulnerabilities. These vulnerabilities stemmed from the saveFile endpoint’s validation mechanism, which does not distinguish between uppercase and lowercase file extensions...

8.7CVSS5.4AI score0.00223EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

CollegeManagementSystem 授权问题漏洞

CollegeManagementSystem is a comprehensive management system for college students and academic administration, developed by Tittu Varghese. There are authorization issues in CollegeManagementSystem; these vulnerabilities stem from improper handling of the UserAuthData parameter in the...

6.5CVSS6.4AI score0.00214EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞

Arista Edge Threat Management - Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. There are...

5.8CVSS5AI score0.00154EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Lyrion Music Server 跨站脚本漏洞

Lyrion Music Server is an audio server software developed by the Lyrion organization. Version 9.2.0 of Lyrion Music Server contains a cross-site scripting vulnerability. This vulnerability stems from a reflective cross-site scripting vulnerability present in advanced search parameters, which may...

6.1CVSS5AI score0.00158EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. This includes smartphones, tablets, etc. Devices prior to the SMR Jun-2026 Release 1 version have security vulnerabilities. These vulnerabilities stem from improper access control, which may allo...

7.8CVSS5.4AI score0.00094EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

HAX 代码问题漏洞

HAX is an open-source microsite managed using HAX+CMS with a PHP backend. Versions of HAX prior to 26.0.0 had code vulnerabilities. These vulnerabilities stemmed from an authentication-based server-side request forgeing vulnerability, which could allow authenticated users to access arbitrary...

7.1CVSS5.6AI score0.00238EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

WordPress plugin Product Slider Pro for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

10CVSS5.4AI score0.01656EPSS
Exploits3References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

HAXCMS 安全漏洞

HAXCMS is an open-source content management system developed by HAX The Web. Versions of HAX CMS prior to Node.js 26.0.0 contained security vulnerabilities. These vulnerabilities stemmed from two encryption implementation errors in the hmacBase64 function. This could allow unauthenticated attacke...

9.3CVSS5.5AI score0.00295EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.18 views

Znuny 安全漏洞

Znuny is a ticket system of the Znuny company. Versions of Znuny prior to 7.3.3 contained security vulnerabilities; these vulnerabilities stemmed from user preference settings stored in the system, which could lead to cross-site scripting attacks...

5.4CVSS5AI score0.00133EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Cloudburst Network 输入验证错误漏洞

Cloudburst Network is a network component used in the Cloudburst project. Versions of Cloudburst Network prior to 1.0.0.CR3-20260418.124334-32 contained a vulnerability related to input validation errors. This vulnerability stemmed from issues with the network components, and it could allow...

7.5CVSS5.4AI score0.00263EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.14 views

SourceCodester Ship Ferry Ticket Reservation System 代码注入漏洞

The SourceCodester Ship Ferry Ticket Reservation System is an open-source booking system for ship tickets developed by SourceCodester. Version 1.0 of the SourceCodester Ship Ferry Ticket Reservation System has a code injection vulnerability. This vulnerability stems from improper handling of the...

4.8CVSS4.3AI score0.0021EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

ONNX-MLIR 安全漏洞

ONNX-MLIR is an open-source compiler tool developed by Open Neural Network Exchange that converts ONNX graphs into efficient code. Versions of ONNX-MLIR prior to 0.5.0.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of a weak hash function in the generatehashkey...

3.6CVSS4.9AI score0.00078EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

Altium Enterprise Server 安全漏洞

Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. There is a security vulnerability in Altium Enterprise Server, which stems from improper validation of user-controlled path components. As a result, authenticated users can writ...

9.4CVSS5.4AI score0.00548EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

Ericsson Packet Core Gateway 安全漏洞

Ericsson Packet Core Gateway is a data packet gateway platform for mobile communication core networks developed by the Swedish company Ericsson. Versions of Ericsson Packet Core Gateway prior to version 1.30 contained security vulnerabilities. These vulnerabilities stemmed from improper handling ...

7.1CVSS5.4AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

WPDeveloper Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns 服务端请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.2CVSS6.1AI score0.00213EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

D-Link DWR-M920 命令注入漏洞

The D-Link DWR-M920 is a router produced by D-Link Corporation. Versions 1.1.50 and 1.1.70 of the D-Link DWR-M920 contain command injection vulnerabilities. These vulnerabilities stem from improper handling of the actionvalue parameter in the sub41C8E8 function found in the /boafrm/formSmsManage...

8.8CVSS6.5AI score0.04236EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

Teltonika RUTOS 安全漏洞

Teltonika RUTOS is a unified operating system based on OpenWrt by the Teltonika company. Vulnerabilities exist in versions 7.22 to 7.23.2 of Teltonika RUTOS, as well as in versions 1.09 to 1.09.1 of TSWOS. These vulnerabilities stem from unsafe calls to the eval function in rpc-profile, which may...

8.4CVSS5.5AI score0.00541EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. This includes smartphones, tablets, etc. Devices prior to the SMR Jun-2026 Release 1 version have security vulnerabilities. These vulnerabilities stem from improper authorization, and could allow...

7.8CVSS5.6AI score0.00093EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which occurs when, under certain conditions, physical interface fluctuations and proxy restarts may cause the IPsec...

8.2CVSS5.2AI score0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

RIELLO UPS NetMan 信任管理问题漏洞

Riello UPS NetMan is a network adapter developed by the Italian company Riello UPS. The Riello UPS NetMan 204 has a vulnerability related to trust management. This vulnerability stems from a hardcoded backdoor account with a username and password of “eurek”. Unauthenticated remote attackers can...

9.8CVSS5.4AI score0.00432EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.7 views

Arista CloudVision eXchange 安全漏洞

Arista CloudVision eXchange is a control plane exchange platform developed by Arista Technologies in the United States, aimed at data centers and enterprise networks. There is a security vulnerability in Arista CloudVision eXchange. This vulnerability stems from EOS switches’ lack of flexibility...

7.1CVSS5.3AI score0.00235EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

Termix 安全漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.3.2 contained security vulnerabilities. These vulnerabilities stemmed from improper validation of the sessionId parameter by the file manager’s functionality. The identifier controlle...

9CVSS5.4AI score0.00387EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

Linqi 安全漏洞

Linqi is an English speaking practice platform developed by the German company Linqi. It combines human language interaction with AI-based feedback. Linqi has a security vulnerability, which stems from hard-coded encryption keys and weak algorithms for generating initialization vectors. This allo...

8.5CVSS5.3AI score0.00073EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

HAXCMS 安全特征问题漏洞

HAXCMS is an open-source content management system developed by HAX The Web. Versions of HAXCMS prior to 26.0.1 had security-related vulnerabilities, which stemmed from the use of uniqid to generate salt values, making them unsuitable for secure purposes...

7.5CVSS5.3AI score0.00288EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

Cloudburst Network 安全漏洞

Cloudburst Network is a network component used in the Cloudburst project. Versions of Cloudburst Network prior to 1.0.0.CR3-20260417.085727-30 contained security vulnerabilities. These vulnerabilities were due to issues with the network components, and attackers could exploit them to halt the net...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. This includes smartphones, tablets, etc. Devices prior to the SMR Jun-2026 Release 1 version have security vulnerabilities. These vulnerabilities stem from improper permission allocation, which m...

6.9CVSS5.4AI score0.00093EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

DataDog::DogStatsd 安全漏洞

DataDog::DogStatsD is a Perl monitoring client library developed by DataDog Corporation that supports the DogStatsD protocol. Versions of DataDog::DogStatsD prior to 0.07 contained security vulnerabilities; these vulnerabilities stemmed from improper handling of inputs, allowing for the injection...

9.8CVSS5.4AI score0.00447EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

TinyIce 访问控制错误漏洞

TinyIce is a streaming server developed by Sylwester that supports multiple protocol inputs and outputs. Versions 0.8.95 to 2.4.1 of TinyIce contain access control vulnerability issues. This vulnerability stems from the lack of authentication for WebRTC ingestion endpoints, which may allow...

8.2CVSS5.3AI score0.00357EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Termix 安全漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.3.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of verification by 16 file manager endpoints to ensure that the requesting user had an SSH session...

8.1CVSS5.5AI score0.00282EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

WordPress plugin Hippoo Mobile App for WooCommerce 授权问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

9.8CVSS5.5AI score0.02841EPSS
Exploits1References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Sanic-CORS 安全漏洞

Sanic-CORS is a cross-domain resource sharing extension developed by Ashley Sommer. Versions of Sanic-CORS 2.2.0 and earlier contain security vulnerabilities. These vulnerabilities stem from improper use of regular expressions in the trymatch function; no anchor is added at the end, allowing...

6.5CVSS5.3AI score0.00164EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

HAXCMS 跨站脚本漏洞

HAXCMS is an open-source content management system developed by HAX The Web. Versions of HAXCMS prior to 26.0.0 had a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of iframe elements, which could allow attackers to execute arbitrary JavaScript in the victim...

9.3CVSS5.5AI score0.0023EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

HAX 安全漏洞

HAX is an open-source microsite managed using HAX+CMS with a PHP backend. There were security vulnerabilities in HAX CMS PHP versions prior to 26.0.0. These vulnerabilities stemmed from a combination of stored XSS attacks and the exposure of dynamic tokens at the /system/api/connectionSettings...

8.7CVSS5.3AI score0.00275EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Thai Palliative 安全漏洞

Thai Palliative is a modified version of the PHP framework developed by DAMASAC KKU. Versions of Thai Palliative 3.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the fact that the parameters idFormMain, id, and ptidkey were passed as raw user input in the...

6.1CVSS5.8AI score0.00199EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.14 views

HAX 安全漏洞

HAX is an open-source microsite managed using HAX+CMS with a PHP backend. Versions of HAX from 2.0.0 to 26.0.0 had security vulnerabilities. These vulnerabilities stemmed from the gitlist plugin exposing unauthenticated users, allowing unauthenticated users to browse git repositories and git...

6.9CVSS5.4AI score0.0027EPSS
Exploits0References2
Total number of security vulnerabilities195539