Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes features for analyzing threats to network security and malware analysis. MISP has a security vulnerability, which...

6.1CVSS5.4AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which stems from the possibility for malicious attackers to bypass the 802.1x authentication requirements when...

8.2CVSS5.4AI score0.00317EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the account verification endpoint/v1/User/validate, which returns a full set of user profile data tables. It is possible to...

8.7CVSS5.3AI score0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Dell BSAFE 安全漏洞

Dell BSAFE is a security software product developed by the American company Dell. It supports encryption algorithms, certificate chain verification, and Transport Layer Security TLS encryption suites, helping users achieve various security objectives for their applications. Dell BSAFE has a...

7.5CVSS5.5AI score0.00327EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Cloud Foundry BOSH 安全漏洞

Cloud Foundry BOSH is a cloud infrastructure automation platform developed by the American Cloud Foundry company. All versions of Cloud Foundry BOSH, as well as previous versions, have security vulnerabilities. These vulnerabilities stem from the hardcoded SSL verification disabled in...

8.8CVSS5.4AI score0.00074EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Net::CIDR::Set 安全漏洞

Net::CIDR::Set is a Perl network address management library developed by RRWO’s individual developers. Versions of Net::CIDR::Set prior to 0.20 contained security vulnerabilities. These vulnerabilities stemmed from the acceptance of non-ASCII IP addresses and network masks. Unicode digits like...

6.5CVSS5.3AI score0.00196EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

chartbrew 跨站脚本漏洞

Chartbrew is an open-source data visualization and dashboard-building tool developed by Chartbrew. Versions 4.9.0 to 5.0.0 of Chartbrew contain a cross-site scripting vulnerability. This vulnerability arises from the ChartDatasetConfig.legend field not being cleaned properly in HTML/JavaScript...

7.6CVSS4.9AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Seagull BarTender 代码问题漏洞

Seagull BarTender is an enterprise-level labeling, barcode, and RFID design and printing software developed by Seagull Corporation in the United States. Versions of Seagull BarTender 2010, 2016, and 2019 contained code vulnerabilities. These vulnerabilities stemmed from unvalidated and improperly...

9.8CVSS5.8AI score0.00729EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Supermicro AS-2115HS-TNR BMC 安全漏洞

Supermicro AS-2115HS-TNR BMC is a server out-of-band management control system developed by Supermicro Corporation. There is a security vulnerability in Supermicro AS-2115HS-TNR BMC, which stems from the injection of custom characters in the SMTP service configuration. This vulnerability may allo...

7.2CVSS5.8AI score0.0037EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Iris 安全漏洞

Iris is an open-source fast, simple, yet fully functional and highly efficient Go web framework developed by DFIR-IRIS. Versions of Iris prior to 2.4.28 contained security vulnerabilities. These vulnerabilities stemmed from the ability to create alerts for unassigned customers, which could be...

5.4CVSS5.2AI score0.00174EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Microsoft Azure Horizondb 授权问题漏洞

Microsoft Azure HorizonDB is a cloud-native PostgreSQL database service provided by Microsoft Corporation. There is a security vulnerability in Microsoft Azure HorizonDB, which stems from bypassing authentication through deception. This could allow unauthorized attackers to escalate their...

10CVSS5.8AI score0.00973EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

LMCache 安全漏洞

LMCache is an open-source large-scale caching tool developed by LMCache. Versions of LMCache 0.4.6 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the hexhashtoint16 function in the KV Cache Handler component’s lmcache/integration/vllm/utils.py file, which used ...

3.6CVSS5AI score0.00075EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

FastDeploy 安全漏洞

FastDeploy is an open-source tool developed by PaddlePaddle for deploying large language model and visual model inferences. Versions of FastDeploy 2.4.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the weak hashing used in the hashfeatures function of the...

3.6CVSS5AI score0.00075EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

GigToDo 跨站脚本漏洞

GigToDo is a freelance service trading platform system developed by GigToDo Inc. Version 1.3 of GigToDo has a cross-site scripting vulnerability. This vulnerability stems from injecting malicious JavaScript and HTML code through the proposal description field, potentially allowing authenticated...

5.4CVSS5.2AI score0.00171EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions such as analyzing threats to network security and malware analysis. MISP has a security vulnerability,...

7.9CVSS5.3AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions such as analysis of threats to network security and malware analysis. MISP has a security vulnerability,...

5.3CVSS5.4AI score0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

WordPress plugin Soliloquy Lite 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.4CVSS5.2AI score0.00171EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Shibby Tomato 操作系统命令注入漏洞

Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Version 1.28.0000 of Shibby Tomato contains a vulnerability related to operating system command injection. This vulnerability arises from the operation of the start6rdtunnel function in the /sbin/rc file...

8.6CVSS7.2AI score0.02199EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

itsourcecode Fees Management System SQL注入漏洞

itsourcecode Fees Management System is an open-source charging management system developed by itsourcecode. Version 1.0 of the itsourcecode Fees Management System has a SQL injection vulnerability. This vulnerability arises from unknown functions in the /manageuser.php file, which improperly hand...

6.5CVSS6.7AI score0.002EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Froxlor 安全漏洞

Froxlor is a set of lightweight server management software developed by the Froxlor team. Versions of Froxlor prior to 2.3.7 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the DomainZones.add API endpoint did not clean newline characters from TXT records,...

7.6CVSS5.5AI score0.0027EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.6 views

Microsoft 365 Copilot 命令注入漏洞

Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper neutralization of special elements in commands. This vulnerability could allow unauthorized attackers...

7.5CVSS5.8AI score0.0764EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

OpenStack oslo.messaging 安全漏洞

OpenStack oslo.messaging is an open-source messaging library for OpenStack. There are security vulnerabilities in the version of OpenStack oslo.messaging from 1.0.0 to 17.3.0. These vulnerabilities stem from the fact that the RabbitMQ driver does not perform TLS hostname verification. Any...

7.4CVSS5.3AI score0.0016EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Progress Software多款产品 命令注入漏洞

Progress Software MOVEit is a product of the American company Progress Software. Progress Software MOVEit is a secure file transfer software. Progress Software LoadMaster is a series of application delivery controllers and load balancing products. Progress Software ECS Connections Manager is a...

9.6CVSS8.1AI score0.29641EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

WordPress plugin eMember 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.3CVSS5.5AI score0.00192EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

Net::CIDR::Set 安全漏洞

Net::CIDR::Set is a Perl network address management library developed by RRWO’s individual developers. Versions of Net::CIDR::Set prior to 0.20 contained security vulnerabilities. These vulnerabilities stemmed from unvalidated network masks; the mask portion of these masks might contain Unicode...

7.3CVSS5.3AI score0.00312EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Hermes Web UI 后置链接漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to v0.51.221 contained a backlink vulnerability. This vulnerability was caused by a path traversal issue, which could allow attackers to escape the working area’s boundaries by...

7.1CVSS5.2AI score0.00323EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Iris 安全漏洞

Iris is an open-source fast, simple, yet fully functional and highly efficient Go web framework developed by DFIR-IRIS. Versions of Iris prior to 2.4.28 contained security vulnerabilities, which were caused by improper file upload validation. These vulnerabilities could lead to the hosting of...

6.3CVSS5AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

ALLPlayer 安全漏洞

ALLPlayer is a multimedia player developed by ALLPlayer Corporation. Version 7.4 of ALLPlayer contains a security vulnerability, which stems from a local buffer overflow in URL processing. This vulnerability could allow attackers to overwrite structured exception handling by providing overly long...

8.6CVSS5.7AI score0.00148EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Kurt Yazılım WriteUp Mobile App 安全漏洞

Kurt Yazılım WriteUp Mobile App is a story creation and reading community platform developed by the Turkish company Kurt Yazılım. There are security vulnerabilities in the Kurt Yazılım WriteUp Mobile App version 1.3.0 up to version 04062026. These vulnerabilities stem from improper access control...

8.8CVSS5.3AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.14 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the lack of mandatory implementation of topic-level access control lists by the local MQTT Broker. As a result, any client that...

9.8CVSS5.3AI score0.0032EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

WordPress plugin Popup Builder 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.4CVSS5.3AI score0.00171EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Zephyr 安全漏洞

Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, which stems from integer underflow in the btmeshsolrecv function. This leads to out-of-bounds writes when reportedlen is less than 3. Negative values bypass length...

6.3CVSS5.9AI score0.00218EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

netty-incubator-codec-ohttp 缓冲区错误漏洞

netty-incubator-codec-ohttp is an application developed by the Netty community. Versions prior to 0.0.22.Final of netty-incubator-codec-ohttp contain a buffer error vulnerability. This vulnerability arises due to the use of a backtrack path when performing encryption operations via JNI on specifi...

9.1CVSS5.8AI score0.00174EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Arket Globe Document Intelligence 安全漏洞

Arket Globe Document Intelligence is an enterprise document intelligence management platform developed by the Italian company Arket. Version 5.0.0.559 of Arket Globe Document Intelligence contains a security vulnerability. This vulnerability arises from improper handling of user input in text...

6.3CVSS4.9AI score0.00216EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the disabling of standard TLS certificate verification in the high-risk TrustAllCerts routine. Combined with the hardcoded DES...

9.4CVSS5.3AI score0.00141EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions for analyzing threats to network security and malware analysis. MISP has a security vulnerability, which...

9CVSS5.3AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.6 views

ThemeRig Listing Hub CMS SQL注入漏洞

ThemeRig Listing Hub CMS is a classification catalog and information publishing management system developed by ThemeRig Corporation. Version 1.0 of ThemeRig Listing Hub CMS contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the id parameter,...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

WordPress plugin Google Review Slider SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Cloud Foundry BOSH Director 安全漏洞

Cloud Foundry BOSH Director is a cloud infrastructure deployment and lifecycle management platform developed by the US Cloud Foundry company. All versions of Cloud Foundry BOSH Director, as well as previous versions, have security vulnerabilities. These vulnerabilities stem from the use of the na...

8.7CVSS5.5AI score0.00122EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Cloud Foundry BOSH 安全漏洞

Cloud Foundry BOSH is a cloud infrastructure automation platform developed by the US-based Cloud Foundry company. All versions of Cloud Foundry BOSH, as well as previous versions, have security vulnerabilities. These vulnerabilities stem from man-in-the-middle attacks between nats-sync and BOSH...

7.8CVSS5.4AI score0.00098EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

HCL iControl 安全漏洞

HCL iControl is an IT infrastructure monitoring and automation platform developed by the Indian company HCL. HCL iControl has a security vulnerability, which stems from the lack of Cookie attributes, including Secure and SameSite, and the path is set to the root directory...

4.3CVSS5.3AI score0.00098EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Neterbit NW-431F Router 安全漏洞

The Neterbit NW-431F Router is a 4G LTE wireless router produced by the Neterbit company. The Neterbit NW-431F Router versions 20241014-IR03 and earlier has a security vulnerability. This vulnerability stems from the network diagnostic module not properly cleaning up user input, which may lead to...

9.8CVSS5.4AI score0.01026EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

LabF nfsAxe 安全漏洞

LabF nfsAxe is a Windows platform NFS client and NFS server suite developed by LabF Corporation. LabF nfsAxe has a security vulnerability, which stems from a buffer overflow. This vulnerability could allow local attackers to execute arbitrary code by providing malicious payloads in the Host IP...

8.6CVSS6.5AI score0.00146EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the system’s Binder boundary accepting unverified direct access AT commands, which may allow local applications to read baseban...

8.5CVSS5.3AI score0.00133EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Tautulli 安全漏洞

Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.1 contained security vulnerabilities. These vulnerabilities stemmed from the exposure of the /image/ route, allowing attackers to control the entries and trigger...

9.9CVSS5.4AI score0.00262EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

Tautulli 安全漏洞

Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.1 contained security vulnerabilities. These vulnerabilities were caused by a path traversal issue in the cache deletion endpoint, which could allow authenticated API...

7.1CVSS5.4AI score0.00303EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Tautulli 安全漏洞

Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.1 contained security vulnerabilities; these vulnerabilities stemmed from the newsletter custom template directory feature, which could lead to remote code execution...

9.3CVSS5.9AI score0.00434EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

milvus 安全漏洞

Milvus is a high-performance cloud-native vector database open-sourced by The Milvus Project. Versions of Milvus 2.6.13 and earlier contain security vulnerabilities. These vulnerabilities stem from the use of weak hashing in unknown code within the Grantee ID Hash Handler component’s...

7CVSS5AI score0.00089EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Apache Fory 安全漏洞

Apache Fory is a serialization framework developed by the Apache Foundation in the United States. Versions of Apache Fory prior to 1.1.0 contained security vulnerabilities. These vulnerabilities stemmed from the deserialization of untrusted data in the Java replace-resolve path, which could allow...

9.1CVSS5.6AI score0.0052EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Keystone 安全漏洞

Keystone is a powerful CMS developed by OpenStack. It helps you build and expand faster than any other CMS or application framework. Keystone versions prior to 20260319 have security vulnerabilities. These vulnerabilities stem from unknown code in the...

5.3CVSS5.2AI score0.0031EPSS
Exploits0References8
Total number of security vulnerabilities195539