Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Open vSwitch 安全漏洞

Open vSwitch is a virtual switch developed as part of the Collaborative Project open-source project. Version 3.6.90 of Open vSwitch contains a security vulnerability. This vulnerability stems from the lack of an upper limit check in the udpifsetthreads function, which may allow attackers with wri...

6.5CVSS5.3AI score0.00328EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability arises from the use of static zero-padding initialization vectors when encrypting data using AES-CBC encryption. This can lead to replay...

7.5CVSS5.3AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

netty-incubator-codec-ohttp 安全漏洞

netty-incubator-codec-ohttp is an application developed by the Netty community. Versions prior to 0.0.22.Final of netty-incubator-codec-ohttp contain security vulnerabilities. These vulnerabilities stem from the codec-ohttp implementation, which does not verify whether a final block with a...

8.7CVSS5.3AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Forcepoint VPN Client 安全漏洞

Forcepoint VPN Client is an enterprise-level VPN client software developed by the American company Forcepoint. Versions of Forcepoint VPN Client 6.11.3 and earlier contained a security vulnerability. This vulnerability stemmed from an increase in local privileges, which could allow non-managed...

8.5CVSS5.3AI score0.00104EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

Shibby Tomato 操作系统命令注入漏洞

Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Version 1.28.0000 of Shibby Tomato contains a vulnerability related to operating system command injection. This vulnerability stems from the rstatspath function in the web UI component’s /bin/rstats file,...

8.6CVSS7.2AI score0.02695EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Node Version Manager 安全漏洞

Node Version Manager is an open-source node version manager developed by nvm.sh. Versions of Node Version Manager prior to 0.40.4 contain security vulnerabilities. These vulnerabilities stem from the ability to execute arbitrary commands from the configured image version string. The functions...

7.5CVSS5.9AI score0.00464EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the fact that the /v1/Plan service relies entirely on a shared global API token for complete management, which may lead to the...

9.8CVSS5.3AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Shibby Tomato 操作系统命令注入漏洞

Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Version 1.28.0000 of Shibby Tomato contains a vulnerability related to operating system command injection. This vulnerability stems from the startdhcpc function in the /sbin/rc file within the Web UI...

8.6CVSS7.1AI score0.02199EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

libexpat 资源管理错误漏洞

libexpat is a streaming XML parser written in C language by the libexpat team. Versions of libexpat prior to 2.8.2 contained a resource management vulnerability. This vulnerability stemmed from insufficient deep tracking during the processing of policy violations, where calls to functions such as...

5.9CVSS5.3AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Red Hat OpenShift Container Platform 安全漏洞

Red Hat OpenShift Container Platform is a platform developed by Red Hat Corporation that helps enterprises develop, deploy, and manage existing container-based applications across physical, virtual, and public cloud infrastructures. There is a security vulnerability in Red Hat OpenShift Container...

7.2CVSS5.4AI score0.00328EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Akmer TeknoPass SQL注入漏洞

Akmer TeknoPass is an intelligent parking and access control system developed by the Turkish company Akmer. The versions from 20210501 to 20260429 of Akmer TeknoPass have a SQL injection vulnerability. This vulnerability arises from bypassing authorization through a user-controlled SQL primary ke...

9.8CVSS5.7AI score0.00302EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

T3 Technology CPE models 安全漏洞

T3 Technology CPE models are a series of 4G/5G customer premises equipment developed by the Thai company T3 Technology. The T3 Technology CPE models with versions v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 contain security vulnerabilities. These vulnerabilities stem from improper access control i...

9.8CVSS5.3AI score0.00547EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which arises from the situation where configuring MACsec and outbound ACLs on the same interface may cause the ACL...

6.9CVSS5.3AI score0.00282EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which stems from the fact that under 802.1X mode, if there are devices supporting EAPOL in the back-end VLAN,...

6.5CVSS5.3AI score0.00143EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Neterbit NW-431F Router 安全漏洞

The Neterbit NW-431F Router is a 4G LTE wireless router produced by the Neterbit company. The Neterbit NW-431F Router, version NW-431F-20241014-IR03, has a security vulnerability. This vulnerability stems from command injection in the atcommand.asp interface, which may allow remote attackers to...

8.2CVSS6AI score0.00464EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Microsoft Exchange Online 授权问题漏洞

Microsoft Exchange Online is an enterprise-level cloud email and calendar service open source by Microsoft. There is an authorization issue vulnerability in Microsoft Exchange Online; this vulnerability stems from improper authorization, which may allow unauthorized attackers to disclose...

9.1CVSS5.2AI score0.01015EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

GNCC GP5 安全漏洞

GNCC GP5 is a 2K indoor security camera produced by GNCC Corporation. The GNCC GP5 v7.1.76 version contains a security vulnerability. This vulnerability stems from the practice of storing sensitive wireless network information as plain text in the serial console during regular operations, which m...

4.6CVSS5.4AI score0.0014EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Simcy Creative PDF Signer 跨站请求伪造漏洞

Simcy Creative PDF Signer is a PDF document signing and editing software developed by Simcy Creative. Version 3.0 of Simcy Creative PDF Signer contains a cross-site request forgeing vulnerability. This vulnerability stems from injecting PHP commands through the CSRF-TOKEN cookie parameter, allowi...

9.8CVSS5.9AI score0.00258EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Microsoft 365 Copilot 命令注入漏洞

Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper of special elements in commands. This vulnerability could allow authorized attackers to execute code...

8.8CVSS5.6AI score0.00452EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Octopus Server 安全漏洞

Octopus Server is a deployment automation and release management tool provided by the Australian company Octopus, used for continuous delivery. The affected versions of Octopus Server have a security vulnerability. This vulnerability stems from incorrect permission checks, allowing any...

6.5CVSS5.4AI score0.0021EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.23 views

Zephyr 安全漏洞

Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, which stems from the fact that the tlssessionstore and tlssessionrestore functions in the TLS socket connection path do not validate the addrlen value. This leads t...

8.8CVSS5.8AI score0.0032EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

Etsy::StatsD 安全漏洞

Etsy::StatsD is an open-source application performance monitoring and metric collection component developed by statsd. Etsy::StatsD versions 1.002002 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of checks for line breaks, colons, or pipes in metric...

7.5CVSS5.2AI score0.00262EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Neterbit NW-431F Router 安全漏洞

The Neterbit NW-431F Router is a 4G LTE wireless router produced by the Neterbit company. The Neterbit NW-431F Router versions 20241014-IR03 and earlier has a security vulnerability. This vulnerability stems from the SMS module not properly clearing user input, which may lead to stored-xss attack...

7.1CVSS5.3AI score0.00196EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

WordPress plugin MasterStudy LMS Pro Plus SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.8AI score0.00217EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

HCL Hive Telco Observability 安全漏洞

HCL Hive Telco Observability is a telecommunications network observability platform developed by the Indian company HCL. There is a security vulnerability in HCL Hive Telco Observability, which stems from the lack of necessary CSP directives in the keycloak component of the web application. This...

8.1CVSS5.3AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from a broadcast event that allows malware to overwrite the device’s default mobile device management endpoint address, potentially...

9.3CVSS5.3AI score0.00098EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ASoC fslxcvr module attempting to acquire the controlsrwsem write lock, which is already...

5.5CVSS5.4AI score0.00091EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from cleanup operations that run on uninitialized kobject objects when the devmaddactionorreset functi...

8.8CVSS5.3AI score0.00112EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ibmveth driver not disabling GSO for data packets with an MSS of less than 224 bytes. This...

8.6CVSS5.3AI score0.00389EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the IRQ request in the rt9455 power supply driver. This request occurs before the...

8.4CVSS5.4AI score0.00129EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the NFC HCI SHDLC timer not stopping before releasing context, potentially allowing reuse...

7.8CVSS5.3AI score0.00121EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the IPPROTORAW raw sockets do not discard malicious ICMP packets, potentially leading to...

9.1CVSS5.3AI score0.00346EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper dependency checks in the work queue WQMEMRECLAIM, potentially leading to warnings...

7.5CVSS5.3AI score0.00371EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the SPI WPCM-FIU driver. In the wpcmfiuprobe function, platformgetresourcebyname may return NULL,...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ipv6 module’s failure to check iter-nh when using RTANHID in the fib6addrt2node function. As ...

7.8CVSS5.3AI score0.0012EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the procfs module’s lack of RCU protection when reading task-realparent in the dotaskstat functio...

7.8CVSS5.3AI score0.0012EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fsl-edma driver disabling clocks that were previously automatically managed by devmclkget. Th...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the AppArmor module’s dfa tables not being aligned by 8 bytes. This vulnerability may lead to...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the pstore ram module not properly updating the oldlogsize when it calls the persistentramsaveold...

7.8CVSS5.7AI score0.00136EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the btrfs file system’s use of listaddtail to update the dirtylist for blockgrouptree when settin...

8.4CVSS5.4AI score0.00132EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect recovery of the gp value when the LLVM compiler in the MIPS architecture is used as a glob...

7.3CVSS5.3AI score0.00128EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the octeontx2-af driver failing to clear the RVUM block revision during kexec reboot. This causes...

5.5CVSS5.3AI score0.00115EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the clk qcom gfx3d module. When determining the GFX3D clock rate, the parent mapping does not...

5.5CVSS5.3AI score0.00123EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper order of IRQ requests and extcon processing in the power supply pm8916lbc module. Th...

7.8CVSS5.3AI score0.00125EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the netfilter nftinner module, which incorrectly calculates the transmission header...

9.1CVSS5.3AI score0.00322EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Jupyter Server 安全漏洞

Jupyter Server is an application developed by the Jupyter organization that provides backend services for Jupyter web applications. There are security vulnerabilities in the version of Jupyter Server from 1.12.0 to 2.17.0. These vulnerabilities stem from the use of re.match in CORS source...

8.8CVSS6.1AI score0.00197EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

GoBGP 安全漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.3.0 of GoBGP contains a security vulnerability. This vulnerability stems from an integer underflow in the BGPUpdate.DecodeFromBytes function, which could allow attackers to cause denial-of-servi...

7.5CVSS5.3AI score0.00279EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Django 安全漏洞

Django is a set of open-source web frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 6.0.6 and 5.2.15 contained security vulnerabilities. These...

3.1CVSS5.3AI score0.0015EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Hugging Face Transformers 安全漏洞

Hugging Face Transformers is an open-source framework developed by Hugging Face for defining state-of-the-art machine learning models. It covers text, visual, audio, and multimodal models, and can be used for both inference and training. Version 5.2.0 of Hugging Face Transformers contains a...

9.6CVSS8.1AI score0.00531EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Django daphne 输入验证错误漏洞

Daphne is an open-source ASGI protocol server developed by Django, which supports HTTP, HTTP2, and WebSocket. Versions of Daphne prior to 4.2.2 contained security vulnerabilities. These vulnerabilities were due to differences in the parser, which could allow attackers to inject additional headers...

5.3CVSS5.9AI score0.00172EPSS
Exploits0References1
Total number of security vulnerabilities195539