Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

HCL iControl 安全漏洞

HCL iControl is an IT infrastructure monitoring and automation platform developed by HCL Company in India. HCL iControl has a security vulnerability that stems from the absence of security headers, which may lead to cross-site scripting attacks...

5.3CVSS4.9AI score0.00161EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions for analyzing threats to network security and malware analysis. MISP has a security vulnerability that...

5.3CVSS5.3AI score0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the fact that the web management panel is widely bound to the public IPv6 address space at port :::8080, with no default firewa...

6.9CVSS5.3AI score0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

Tautulli 安全漏洞

Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.1 contained security vulnerabilities. These vulnerabilities stemmed from exposing the logjserrors endpoint to any authenticated user. Attackers were able to directly...

8.9CVSS5.1AI score0.00207EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Iris 安全漏洞

Iris is a fast, simple, yet fully functional and highly efficient Go web framework developed under the DFIR-IRIS open source project. Versions of IRIS prior to 2.4.28 contained security vulnerabilities; these vulnerabilities stemmed from the use of the HTTP GET method to alter server state, makin...

4.3CVSS5.2AI score0.00174EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

GNCC GP5 安全漏洞

GNCC GP5 is a 2K indoor security camera produced by GNCC Corporation. The GNCC GP5 v7.1.76 version contains a security vulnerability. This vulnerability stems from a lack of runtime integrity checks, which may allow physical proximity attackers to bypass the file system’s read-only protection and...

4.6CVSS5.2AI score0.00135EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

CoreShop 代码注入漏洞

CoreShop is an open-source e-commerce system developed by CoreShop. Versions 5.0.1 to 5.1.0-beta.1 of CoreShop have a code injection vulnerability. This vulnerability arises from the GitHub Actions workflow using pullrequesttarget to trigger and inspect unvalidated code, potentially allowing remo...

8.2CVSS5.9AI score0.00433EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

WordPress plugin SP Project & Document Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.5CVSS5.5AI score0.003EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Hostel Management System 安全漏洞

Hostel Management System is a dormitory management tool developed by LAKSHAY DHOUNDIYAL. The Hostel Management System f87e67c283bab6f718faf2fec6ae39a13bd7036b and previous versions have security vulnerabilities. These vulnerabilities stem from unknown processing of parameter IDs in the Admin...

6.5CVSS6.5AI score0.00209EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Mobatek MobaXterm 安全漏洞

Mobatek MobaXterm is a terminal software developed by the French company Mobatek. It integrates an enhanced terminal, X servers, and Unix command sets GNU/Cygwin. Version 12.1 of Mobatek MobaXterm contains a security vulnerability. This vulnerability stems from a buffer overflow in the structured...

9.8CVSS6.5AI score0.00638EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions such as analysis of threats to network security and malware analysis. MISP has a security vulnerability...

5.1CVSS5.4AI score0.00154EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

wordpress plugin Contact Form 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.1CVSS5.4AI score0.00887EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

HCL BigFix Cloud Lifecycle Management 安全漏洞

HCL BigFix Cloud Lifecycle Management is a terminal lifecycle management platform developed by the Indian company HCL. HCL BigFix Cloud Lifecycle Management has a security vulnerability, which stems from insufficient input validation. This vulnerability may lead to information leaks and allow...

3.3CVSS5.3AI score0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Net::Async::Statsd::Client 安全漏洞

Net::Async::Statsd::Client is an asynchronous StatsD client library open sourced by TEAM. Versions of Net::Async::Statsd::Client 0.005 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of checks for line breaks, colons, or pipes in metric names, which may allo...

6.5CVSS5.2AI score0.00203EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Keystone 安全漏洞

Keystone is a powerful CMS developed by OpenStack. It helps you build and expand faster than any other CMS or application framework. Keystone versions prior to 20260319 have security vulnerabilities. These vulnerabilities stem from unknown code in the...

5.3CVSS5.2AI score0.0031EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

quic-go 安全漏洞

Quic-go is a implementation of the QUIC protocol and RFC 9000 protocol in Go, developed by Lucas Clemente. Versions of quic-go prior to 0.59.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of size constraints on the decoded trailer fields in the HTTP/3...

7.5CVSS5.3AI score0.00279EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Neterbit NW-431F Router 安全漏洞

The Neterbit NW-431F Router is a 4G LTE wireless router produced by the Neterbit company. The Neterbit NW-431F Router versions 20241014-IR03 and earlier has a security vulnerability. This vulnerability stems from the network diagnostic module not properly cleaning up user input, which may lead to...

9.8CVSS5.4AI score0.01026EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

HTML::Parser 安全漏洞

HTML::Parser is a tool for parsing HTML documents and separating markup from content, developed as open source by libwww-perl. Versions of HTML::Parser prior to 3.84 contained security vulnerabilities. These vulnerabilities stemmed from the XS routine’s cache pointing to the SV pointer in the...

7.5CVSS5.4AI score0.0031EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. A previous version of SAMSUNG rLottie had a security vulnerability caused by uncontrolled recursion, which could lead to th...

6.1CVSS5.3AI score0.00103EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. A previous version of SAMSUNG rLottie had a security vulnerability due to out-of-bound writing, which could lead to buffer...

6.1CVSS5.5AI score0.00103EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. A previous version of SAMSUNG rLottie had a security vulnerability due to an excessive memory allocation size value, which...

6.1CVSS5.3AI score0.00103EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. A previous version of SAMSUNG rLottie, eae37633fda13ac05b25c6c95aacea4bc33c80a3, contained security vulnerabilities. These...

6.1CVSS5.3AI score0.00104EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. A previous version of SAMSUNG rLottie had a security vulnerability due to out-of-bound reading, which could lead to excessi...

6.1CVSS5.5AI score0.00103EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Nsasoft NetShareWatcher 安全漏洞

Nsasoft NetShareWatcher is a security auditing tool developed by the US company Nsasoft. Version 1.5.8.0 of Nsasoft NetShareWatcher contains a security vulnerability. This vulnerability stems from a buffer overflow in the structured exception handler, which could allow local attackers to execute...

8.6CVSS6.4AI score0.00148EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Red Hat OpenShift Pipelines 权限许可和访问控制问题漏洞

Red Hat OpenShift Pipelines is a Kubernetes-native continuous integration and continuous delivery platform developed by Red Hat Inc. There is a security vulnerability in Red Hat OpenShift Pipelines. This vulnerability stems from the ClusterRoleBinding for tekton-scheduler-rolebinding granting the...

7.1CVSS5.9AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. There is a security vulnerability in SAMSUNG rLottie, which stems from integer overflows or circular errors, potentially...

6.1CVSS5.2AI score0.00104EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Projectworlds Online Art Gallery Shop Project SQL注入漏洞

Projectworlds Online Art Gallery Shop Project is a online art gallery store project developed by the Projectworlds team. Version 1.0 of Projectworlds Online Art Gallery Shop Project has a SQL injection vulnerability. This vulnerability arises from an unknown function in the file admin/adminHome.p...

6.5CVSS6.6AI score0.00303EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

itsourcecode Fees Management System SQL注入漏洞

itsourcecode Fees Management System is an open-source charging management system developed by itsourcecode. Version 1.0 of the itsourcecode Fees Management System has a SQL injection vulnerability. This vulnerability arises from unknown functions in the /managestudent.php file, which manipulate...

6.5CVSS6.7AI score0.002EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

T3 Technology CPE models 安全漏洞

T3 Technology CPE models are a series of 4G/5G customer premises equipment developed by the Thai company T3 Technology. There are security vulnerabilities in the T3 Technology CPE models version 1.0.07 and the T6825G version 1.0.03. These vulnerabilities stem from unrecorded debug CGI endpoints,...

9.6CVSS5.8AI score0.00466EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

SQLite sqldiff 安全漏洞

SQLite sqldiff is an open-source SQLite database difference comparison tool developed by SQLite. SQLite sqldiff has a security vulnerability, which stems from the improper handling of Unicode characters during the conversion to ANSI code pages at the Windows C runtime. Attackers can load arbitrar...

9.8CVSS5.5AI score0.00384EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which stems from the fact that when configuring OpenConfig, a gNMI Set request that should be rejected may still be...

9.6CVSS5.3AI score0.00302EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the hardcoded nature of the APK resource files, which are never expired and share credentials, potentially leading to informati...

8.7CVSS5.3AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Cisco Catalyst SD-WAN Manager 安全漏洞

Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is a security vulnerability present in Cisco Catalyst SD-WAN Manager, which stems from insufficient user...

7.8CVSS6.3AI score0.25323EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from overly permissive configuration settings of the cloud storage container. This vulnerability may lead to the unauthorized disclosure of activ...

8.7CVSS5.3AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

OSNexus QuantaStor SDS Manager 安全漏洞

OSNexus QuantaStor SDS Manager is a software-defined storage management platform developed by the American company OSNexus. There is a security vulnerability in OSNexus QuantaStor SDS Manager. This vulnerability stems from improper cleaning of the user name field in the login endpoint, allowing...

9.8CVSS5.8AI score0.00436EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Seagull BarTender 代码问题漏洞

Seagull BarTender is an enterprise-level labeling, barcode, and RFID design and printing software developed by Seagull Corporation in the United States. Versions of Seagull BarTender from 2.1 to 12.1.1 contain code-related vulnerabilities. These vulnerabilities stem from insecure deserialization...

8.5CVSS5.5AI score0.0013EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

netty-incubator-codec-ohttp 安全特征问题漏洞

netty-incubator-codec-ohttp is an application developed by the Netty community. Versions prior to 0.0.21.Final of netty-incubator-codec-ohttp contain a security vulnerability. This vulnerability arises from returning a non-empty value when HKDF-expand fails, which may lead to the use of a key wit...

6.9CVSS5.3AI score0.00193EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Iris 安全漏洞

Iris is an open-source fast, simple, yet fully functional and highly efficient Go web framework developed by DFIR-IRIS. Versions of Iris prior to 2.4.28 contained security vulnerabilities, which were due to the possibility of redirecting users to malicious websites through abuse...

4.7CVSS5.3AI score0.00174EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

MLflow 安全漏洞

MLflow is an open-source platform that simplifies machine learning development. It includes features like tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Versions of MLflow 3.10.0 and earlier contain security vulnerabilities. These vulnerabilities ste...

3.6CVSS4.9AI score0.00103EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

PHP EI-Tube Script SQL注入漏洞

The PHP EI-Tube Script is a video website construction system developed by Elis Atef. The PHP EI-Tube Script has a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the search parameter, which may allow unauthenticated attackers to execute arbitrary SQL...

8.8CVSS6.2AI score0.00262EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Tautulli 安全漏洞

Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.1 contained security vulnerabilities. These vulnerabilities stemmed from the configUpdate endpoint not enforcing the POST method and not using a CSRF token...

8.8CVSS5.3AI score0.00146EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

WordPress plugin Photo Gallery by 10Web SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.6CVSS5.7AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

GNCC GP5 安全漏洞

GNCC GP5 is a 2K indoor security camera produced by GNCC Corporation. The GNCC GP5 v7.1.76 version contains a security vulnerability. This vulnerability stems from the use of a weak hash algorithm to protect the root password, which may allow attackers to obtain root credentials through brute-for...

9.8CVSS5.3AI score0.0019EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Froxlor 注入漏洞

Froxlor is a set of lightweight server management software developed by the Froxlor team. Versions of Froxlor 2.3.6 and earlier contained an injection vulnerability. This vulnerability stemmed from the LOC record’s regular expression matching of line breaks, and the unlimited TLSA validation, whi...

8.6CVSS5.3AI score0.00269EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.14 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the debugging routine SCREENCLICK5053, which allows connections to completely bypass standard device login prompts and directly...

9.4CVSS5.3AI score0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

WordPress plugin Zoner Real Estate 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.4CVSS5.2AI score0.00171EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack application. It is used to configure bare machines rather than virtual machines. Versions of OpenStack Ironic prior to 35.0.2 contained a security vulnerability. This vulnerability stemmed from allowing malicious project administrators or managers to re...

4.9CVSS5.2AI score0.00283EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which stems from the fact that when configuring OpenConfig, a gNMI Set request that should be rejected may still be...

9.6CVSS5.3AI score0.0443EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack application developed under the OpenStack open source framework. It is used to configure bare machines rather than virtual machines. Prior to version 35.0.2 of OpenStack Ironic, there was a security vulnerability that occurred due to the use of speciall...

8.1CVSS5.2AI score0.00601EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from legacy engineering designs and factory-level diagnostic software. This vulnerability may allow malicious applications to gain access to the...

9.8CVSS5.3AI score0.0029EPSS
Exploits0References1
Total number of security vulnerabilities195539