Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

HAX CMS PHP 代码问题漏洞

HAXCMS is an open-source content management system developed by HAX The Web. There were code vulnerabilities in HAX CMS versions from 11.0.6 to 25.0.0. These vulnerabilities stemmed from the file upload feature, which used regular expressions to validate file extensions but did not check the actu...

8.7CVSS5.8AI score0.00387EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

CollegeManagementSystem SQL注入漏洞

CollegeManagementSystem is a comprehensive management system for college students and academic administration, developed by Tittu Varghese. CollegeManagementSystem has a SQL injection vulnerability. This vulnerability arises from improper handling of the departmentcode parameter in the...

7.5CVSS7.5AI score0.00284EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Morse Micro HaLowLink 安全漏洞

Morse Micro HaLowLink is a series of long-range wireless gateway devices developed by Morse Micro Corporation. Versions of Morse Micro HaLowLink prior to 2.2.11.13 contained security vulnerabilities. These vulnerabilities stemmed from the use of the IE length field as the size parameter for the...

9.8CVSS6.2AI score0.00567EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

Ericsson Packet Core Gateway 安全漏洞

Ericsson Packet Core Gateway is a data packet gateway platform for mobile communication core networks developed by the Swedish company Ericsson. Versions of Ericsson Packet Core Gateway prior to version 1.30 contained security vulnerabilities. These vulnerabilities stemmed from improper handling ...

7.1CVSS5.4AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

CollegeManagementSystem 代码注入漏洞

CollegeManagementSystem is a comprehensive management system for college students and academic administration, developed by Tittu Varghese. CollegeManagementSystem has a code injection vulnerability. This vulnerability stems from improper handling of the departmentname parameter in the...

5.3CVSS4.7AI score0.00273EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Arcadia Crafty Controller 安全漏洞

Arcadia Crafty Controller is a server management panel developed under the open-source Crafty Controller project. There is a security vulnerability in Arcadia Crafty Controller. This vulnerability stems from a lack of resilience to unexpected messages from connection switches, which may lead to...

7.1CVSS5.5AI score0.00235EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.15 views

joomlacontenteditor.net Joomla Content Editor (JCE) extension for Joomla 权限许可和访问控制问题漏洞

JCE Joomla Component is an editor component used within the Joomla content management system. The JCE Joomla Component has a security vulnerability related to access control. This vulnerability stems from allowing unauthenticated users to create new editor profiles, ultimately leading to the uplo...

10CVSS7.7AI score0.80425EPSS
Exploits19References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

HAX 安全漏洞

HAX is an open-source microsite managed using HAX+CMS with a PHP backend. There were security vulnerabilities in HAX CMS PHP versions prior to 26.0.0. These vulnerabilities stemmed from an authentication-based local file inclusion vulnerability in the saveOutline endpoint, which could allow...

6.5CVSS5.6AI score0.00289EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Ericsson Packet Core Controller 安全漏洞

Ericsson Packet Core Controller is a packet core controller developed by the Swedish company Ericsson. Versions of Ericsson Packet Core Controller prior to version 1.39 contained security vulnerabilities; these vulnerabilities could lead to service degradation due to the sending of large numbers ...

7.1CVSS5.5AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

SAMSUNG Auto Android 安全漏洞

Samsung Auto Android is a mobile screen mirroring and intelligent driving assistant platform developed by South Korea’s Samsung Corporation for use in vehicle scenarios. There were security vulnerabilities in versions prior to 3.1.2.61 of Samsung Auto Android 15, as well as versions prior to...

4.8CVSS5.4AI score0.00084EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

RIELLO UPS NetMan 访问控制错误漏洞

RIELLO UPS NetMan is a network adapter developed by the Italian company RIELLO UPS. The RIELLO UPS NetMan 204 has a vulnerability related to access control. This vulnerability arises from the lack of authentication for management pages and command endpoints. Unauthenticated remote attackers can...

9.8CVSS5.7AI score0.00533EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞

Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. There are...

7CVSS5.5AI score0.05951EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Altium Enterprise Server 安全漏洞

Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. There is a security vulnerability in the Altium Enterprise Server Network Installation Service. This vulnerability stems from path traversal, allowing unauthenticated network...

10CVSS5.5AI score0.00709EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

7-Zip 缓冲区错误漏洞

7-Zip is an open-source compression software developed by 7-Zip. Versions of 7-Zip 26.00 and earlier contained a buffer error vulnerability. This vulnerability stemmed from insufficient allocation of the NTFS compression stream buffer, which could allow attackers to execute arbitrary code or caus...

8.8CVSS6.2AI score0.00938EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.5 views

X.Org Server 资源管理错误漏洞

X.Org is open-source free software developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland, which defines the way communication between display servers and clients takes place. There is a resource management vulnerability in X.Org X Server and...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

X.Org Server 资源管理错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication methods between the display server and its clients. There are resource management vulnerabilities in both...

7.8CVSS5.8AI score0.00142EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

X.Org XWayland 缓冲区错误漏洞

The X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. Both the X.Org X Server and Xwayland have security...

7.8CVSS6.1AI score0.00157EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

X.Org Server 缓冲区错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. Both X.Org X Server and Xwayland have buffer error...

5.5CVSS6AI score0.00132EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

X.Org Server 缓冲区错误漏洞

X.Org is open-source free software developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines how communication between display servers and clients occurs. There are buffer overflow vulnerabilities in the X.Org X server and Xwayland,...

7.8CVSS6.1AI score0.00148EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

X.Org Server 资源管理错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. There are resource management vulnerabilities in both...

7.8CVSS5.8AI score0.0014EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.7 views

X.Org Server 资源管理错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. There are resource management vulnerabilities in both...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

X.Org Server 缓冲区错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. Both X.Org X Server and Xwayland have security...

7.8CVSS6.2AI score0.00165EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

X.Org Server 缓冲区错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication method between the display server and its clients. Both X.Org X Server and Xwayland have security...

7.8CVSS6.1AI score0.00161EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

DBI 安全漏洞

DBI is a Perl database interface tool developed under the open-source license of perl5-dbi. Versions of DBI prior to 1.648 contained security vulnerabilities; these vulnerabilities stemmed from heap overflows that occurred when pre-resolving SQL statements involving more than nine binders...

9.8CVSS5.6AI score0.00413EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Moby 代码问题漏洞

Moby is an open-source project developed by Moby. It aims to promote the containerization of software and help the ecosystem make container technology mainstream. Versions of Moby prior to v2.0.0-beta.14 contained code-related vulnerabilities. These vulnerabilities stemmed from incorrect order of...

7.5CVSS6.1AI score0.00153EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

Graphite-Web 数字错误漏洞

Graphite-Web is a highly scalable real-time plotting system developed by the Graphite Project. Versions of Graphite-Web prior to 1.3.15 contained a numerical error vulnerability. This vulnerability stemmed from integer underflow and out-of-bounds writes, as slotat did not ensure that the offset w...

7.3CVSS5.3AI score0.00112EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

Internationalized Domain Names in Applications 安全漏洞

Internationalized Domain Names in Applications is a tool for encoding and decoding internationalized domain names, developed by Kim Davies as a personal project. Versions of Internationalized Domain Names in Applications prior to version 3.15 contained a security vulnerability. This vulnerability...

6.9CVSS6.2AI score0.00408EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

7-Zip 缓冲区错误漏洞

7-Zip is an open-source compression software developed by 7-Zip. Versions 9.11 to 26.00 of 7-Zip contain a buffer error vulnerability. This vulnerability stems from the File Identifier Descriptor parser in the UDF disc image processor, where a heap out-of-bounds read occurs, potentially leading t...

4.3CVSS5.6AI score0.00189EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

FOSSBilling 安全漏洞

FOSSBilling is an open-source billing and customer management platform for hosting service providers and digital service providers. Versions of FOSSBilling prior to 0.8.0 contained security vulnerabilities. These vulnerabilities stemmed from the password reset confirmation endpoint being...

6.3CVSS5.3AI score0.00217EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Morse Micro HaLowLink 安全漏洞

Morse Micro HaLowLink is a series of long-range wireless gateway devices developed by Morse Micro Corporation. Versions of Morse Micro HaLowLink prior to 2.2.11.12 contained security vulnerabilities. These vulnerabilities stemmed from the Morse.vk HaLow Wi-Fi kernel driver, where the...

6.8CVSS5.3AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

OpenStack Mistral-Dashboard 安全漏洞

OpenStack Mistral-Dashboard is an open-source graphical interface plugin for OpenStack. OpenStack Mistral-Dashboard versions 22.0.0 and earlier have security vulnerabilities. These vulnerabilities stem from exposed API endpoints that allow code execution, potentially leading to exposure of servic...

9.9CVSS5.4AI score0.00733EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Zuz Music 跨站脚本漏洞

Zuz Music is an online music streaming platform system developed by Zuz Corporation. Version 2.1 of Zuz Music contains a cross-site scripting vulnerability. This vulnerability stems from the injection of malicious JavaScript through submitting specially crafted form data, potentially allowing...

6.1CVSS5.2AI score0.00211EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS. This vulnerability arises when configuring IPsec, where specially crafted packets may cause the data plane to stop...

8.7CVSS5.3AI score0.00386EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

libpng 安全漏洞

libpng is an open-source PNG reference library developed by The PNG Development Group. It allows for the creation, reading, and writing of PNG graphic files. Version 1.8.0 of LIBPNG contains a security vulnerability. This vulnerability stems from the inter-frame block discard path in the...

5.4CVSS5.3AI score0.00202EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

stumasy 代码问题漏洞

Stumasy is a student performance management and analysis system developed by Marejean Chernyak. Stumasy has code vulnerabilities; these vulnerabilities arise from an unknown function in the application/PHP/objects/updates/addpost.php file, which allows unlimited uploads due to improper handling o...

6.5CVSS6.5AI score0.00209EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.14 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from the FieldX MDM adb messaging topic directly passing unvalidated payloads to Runtime.exec, potentially leading to command injection...

10CVSS5.4AI score0.00387EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the AES-128-CBC key that is fixed in the AcerConnect OTA application. It may allow attackers to forge authorization credentials...

6.9CVSS5.4AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Microsoft Copilot Chat (Microsoft Edge) 输入验证错误漏洞

Microsoft Copilot Chat is an intelligent dialogue assistant feature integrated into the browser by Microsoft Corporation. Microsoft Copilot Chat has a injection vulnerability, which stems from improper neutralization of special elements in the output of downstream components. This vulnerability...

7.5CVSS5.7AI score0.00732EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Neterbit NW-431F Router 安全漏洞

The Neterbit NW-431F Router is a 4G LTE wireless router produced by the Neterbit company. The Neterbit NW-431F Router versions 20241014-IR03 and earlier has a security vulnerability. This vulnerability stems from the use of weak/predictable Cookie values for authentication. Attackers can bypass t...

9.8CVSS5.4AI score0.00454EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions such as analysis of threats to network security and malware analysis. MISP has a security vulnerability...

6.1CVSS5.5AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

WordPress plugin MasterStudy LMS Pro Plus SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.8AI score0.00217EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

T3 Technology CPE models 安全漏洞

T3 Technology CPE models are a series of 4G/5G customer premises equipment developed by the Thai company T3 Technology. The T3 Technology CPE models, including versions v1.0.07, T6825G v1.0.03, and T7281 v1.0.03, contain security vulnerabilities. These vulnerabilities stem from the hardcoded...

9.8CVSS8.4AI score0.00421EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

GX Group Earth 2022 ONT 安全漏洞

GX Group Earth 2022 ONT is an FTTH optical network terminal device developed by the Turkish company GX Group. There is a security vulnerability present in the GX Group Earth 2022 ONT. This vulnerability stems from the presence of a hard-coded RSA private key in the device’s firmware. This could...

8.7CVSS5.4AI score0.00344EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from the system log files outputting unencrypted SMTP server authentication passwords and sensitive employee corporate identity data...

8.8CVSS5.3AI score0.00238EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions such as analyzing threats to network security and malware analysis. MISP has a security vulnerability tha...

8.1CVSS5.3AI score0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

stumasy 代码问题漏洞

Stumasy is a student performance management and analysis system developed by Marejean Chernyak. Stumasy has code vulnerabilities; these vulnerabilities arise from the operation of an unknown function in the application/PHP/objects/profiles/changeprofileimage.php file, which leads to unlimited...

6.5CVSS6.5AI score0.00209EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

HCL iControl 安全漏洞

HCL iControl is an IT infrastructure monitoring and automation platform developed by the Indian company HCL. HCL iControl has a security vulnerability, which stems from weak input validation. This issue arises due to incorrect validation of input types during the implementation of architectural...

4.3CVSS5.3AI score0.00169EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from failing to properly evaluate the command permissions of multiple internal opcodes. This vulnerability may allow unauthorized applications to...

9.4CVSS5.3AI score0.00426EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

GPTCache 安全漏洞

GPTCache is a library open-sourced by Zilliz for creating semantic caching for large model queries. Versions of GPTCache 0.1.44 and earlier contain security vulnerabilities. These vulnerabilities stem from the use of a weak hash function in the BufferedReader.peek function of the Cache Key Handle...

3.6CVSS4.9AI score0.00075EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

BACnet Stack 安全漏洞

BACnet Stack is an open-source protocol stack for BACnet, suitable for embedded systems, Linux, MacOS, BSD, and Windows. Version 1.3.1 of BACnet Stack contains a security vulnerability; this vulnerability stems from an out-of-bound read operation in bacnettagnumberdecode, which may lead to...

7.5CVSS5.3AI score0.00278EPSS
Exploits0References2
Total number of security vulnerabilities195539