Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

SourceCodester Online Food Ordering System 安全漏洞

The SourceCodester Online Food Ordering System is an open-source online meal ordering system developed by SourceCodester. Version 2.0 of the SourceCodester Online Food Ordering System has a security vulnerability. This vulnerability stems from the handling of the page parameter in the include...

7.5CVSS7.3AI score0.00302EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.12 views

WordPress plugin EmergencyWP – Dead Man s switch & legacy deliverance 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.3AI score0.00128EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

WordPress plugin Passeum Ticketing 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.4CVSS5.1AI score0.00208EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.15 views

Desktop Commander MCP 安全漏洞

Desktop Commander MCP is an MCP server developed by Eduard Ruzga. Version 0.2.37 of Desktop Commander MCP contains a security vulnerability. This vulnerability stems from the handling of the url parameter in the readFileFromUrl function found in the src/tools/filesystem.ts file. This vulnerabilit...

6.5CVSS6.3AI score0.00209EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Desktop Commander MCP 安全漏洞

Desktop Commander MCP is an MCP server developed by Eduard Ruzga. Versions of Desktop Commander MCP prior to 0.2.38 contained security vulnerabilities. These vulnerabilities stemmed from the operation of the startsearch component in the src/search-manager.ts file with respect to the SearchResult...

5.3CVSS5AI score0.00354EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.13 views

Dovestones ADPhonebook 安全漏洞

Dovestones ADPhonebook is a corporate address book and employee directory management system developed by the Canadian company Dovestones. Versions of Dovestones ADPhonebook prior to 4.0.1.1 contained security vulnerabilities. These vulnerabilities stemmed from insufficient input validation and...

4.8CVSS5.4AI score0.0018EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the NFC HCI SHDLC timer not stopping before releasing context, potentially allowing reuse...

7.8CVSS5.3AI score0.00121EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper dependency checks in the work queue WQMEMRECLAIM, potentially leading to warnings...

7.5CVSS5.3AI score0.00371EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect recovery of the gp value when the LLVM compiler in the MIPS architecture is used as a glob...

7.3CVSS5.3AI score0.00128EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the IRQ request in the rt9455 power supply driver. This request occurs before the...

8.4CVSS5.4AI score0.00129EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the btrfs file system’s use of listaddtail to update the dirtylist for blockgrouptree when settin...

8.4CVSS5.4AI score0.00132EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G has a security vulnerability, which stems from the inclusion of hardcoded WiFi driver credentials, potentially leading to credential exposure...

5.9CVSS5.3AI score0.00137EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Synology Active Backup for Business Recovery Media Creator 安全漏洞

Synology Active Backup for Business Recovery Media Creator is a tool developed by the Chinese company Synology, designed to generate system recovery boot media and perform device disaster recovery operations. Versions of Synology Active Backup for Business Recovery Media Creator prior to 2.5.0-20...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.12 views

wordpress plugin School Management 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS5.5AI score0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

ERPNext 跨站脚本漏洞

ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Version 16.16.0 of ERPNext contains a cross-site scripting vulnerability. This vulnerability arises from users with project record editing privileges being able to persist arbitrary...

4.8CVSS5.1AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

WordPress plugin Prague 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.1CVSS5.1AI score0.00146EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the AppArmor module’s dfa tables not being aligned by 8 bytes. This vulnerability may lead to...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the pstore ram module not properly updating the oldlogsize when it calls the persistentramsaveold...

7.8CVSS5.7AI score0.00136EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.13 views

Koha 安全漏洞

Koha is a library automation management system developed by the Koha organization. Versions of Koha prior to 25.11 contained security vulnerabilities, which originated from the Z39.50 configuration module. These vulnerabilities could allow remote attackers to execute arbitrary code...

6.5CVSS6AI score0.00243EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

MaxSite CMS 安全漏洞

MaxSite CMS is an open-source website content management system developed by MaxSite in Russia. Version 109.2 of MaxSite CMS has a security vulnerability. This vulnerability stems from a cross-site scripting vulnerability in the backend page file upload endpoint, which could allow remote attacker...

4.1CVSS5.1AI score0.00186EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

ABB T-MAC Plus 安全漏洞

ABB T-MAC Plus is a shipboard equipment status monitoring and predictive maintenance management system developed by the Swiss company ABB. Version 4.0-24 of ABB T-MAC Plus contains a security vulnerability, which stems from the possibility for external parties to access files or directories...

9.9CVSS5.3AI score0.00347EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has security vulnerabilities. These vulnerabilities stem from unvalidated UPnP IGD operations, which may allow unauthenticated LAN devices to create arbitrary por...

8.1CVSS5.5AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Django 安全漏洞

Django is a set of open-source web frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 6.0.6 and 5.2.15 contained security vulnerabilities. These...

3.1CVSS5.3AI score0.0015EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

morgan 安全漏洞

Morgan is an open-source HTTP request logging middleware developed by ExpressJS. Versions 1.2.0 to 1.10.1 of Morgan contain security vulnerabilities. These vulnerabilities stem from the remoteuser token not being escaped with control characters, which may lead to log manipulation...

5.3CVSS5.3AI score0.00246EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.22 views

FOSSBilling 输入验证错误漏洞

FOSSBilling is an open-source billing and customer management platform for hosting service providers and digital service providers. Versions of FOSSBilling prior to 0.8.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from the redirection module not...

4.8CVSS5.3AI score0.00259EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Code Index MCP 安全漏洞

Code Index MCP is a smart code indexing and analysis large model context server developed by johnhuang316 as an individual developer. Versions of Code Index MCP prior to 2.14.0 contain security vulnerabilities. These vulnerabilities stem from the operation of the issaferegexpattern function in th...

5.3CVSS5.2AI score0.0031EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.12 views

MLRun 安全漏洞

MLRun is an AI orchestration platform developed by MLRun OpenSource. Versions of MLRun 1.12.0-rc3 and earlier contain security vulnerabilities. These vulnerabilities stem from a function in the DataFrame Hash Handler component located in the file mlrun/utils/helpers.py, specifically the...

3.6CVSS4.8AI score0.00075EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.13 views

concretecms 安全漏洞

ConcreteCMS is an open-source content management system developed by Concrete. Versions of ConcreteCMS prior to 9.5.2 contained security vulnerabilities. These vulnerabilities stemmed from the unserialize method calls in Workflow, Form blocks, and File/Set components, which lacked a allowedclasse...

8.4CVSS5.4AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.13 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack application developed under the OpenStack open source framework. It is used to configure bare machines rather than virtual machines. OpenStack Ironic versions 35.0.x and earlier contain security vulnerabilities, which stem from a vulnerability that allo...

7.7CVSS5.2AI score0.00262EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the procfs module’s lack of RCU protection when reading task-realparent in the dotaskstat functio...

7.8CVSS5.3AI score0.0012EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

WordPress plugin Askka 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

8.1CVSS5.6AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

WordPress plugin WP Nano AD 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.5CVSS5.3AI score0.00201EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.12 views

Transsion AI Assistant Lifestyle 安全漏洞

Transsion AI Assistant Lifestyle is a mobile AI assistant application developed by Transsion Corporation. It integrates intelligent question answering, content generation, lifestyle service recommendations, and personal assistant functions. There is a security vulnerability in Transsion AI...

6.1CVSS5.5AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient execution of DevTools policies, which could allow attackers to leak cross-source data through...

4.3CVSS5.5AI score0.00137EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Orthanc DICOM Server 安全漏洞

Orthanc DICOM Server is a lightweight medical imaging storage and management server developed under the open-source Orthanc framework. Versions of Orthanc DICOM Server 1.12.11 and earlier contain security vulnerabilities. These vulnerabilities stem from issues with the DcmItem::read function in t...

4.8CVSS5.7AI score0.00124EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.18 views

Mint 安全漏洞

Mint is a functional underlying HTTP client library developed by Elixir Mint. Versions of Mint from 0.2.0 to 1.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the HTTP/2 server’s ability to insert unlimited entries through the PUSHPROMISE frame, which could lead to memo...

8.2CVSS5.4AI score0.00384EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

WordPress plugin BookIt 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.5AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

WordPress plugin ARMember Premium 授权问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS5.5AI score0.00419EPSS
Exploits3References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

BIRD 安全漏洞

BIRD is a full-featured dynamic IP routing daemon developed by BIRD OpenSource. Versions of BIRD prior to 2.19.0 contained security vulnerabilities; these vulnerabilities stemmed from stack buffer overflows in the BGP ASPATH mask matching implementation, which could potentially cause the daemon t...

6.3CVSS5.6AI score0.003EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

NVIDIA NVTabular 代码问题漏洞

NVIDIA NVTabular is a component within the deep learning recommendation system framework developed by NVIDIA Corporation. NVIDIA NVTabular has code-related vulnerabilities, which stem from improper deserialization of untrusted data. These vulnerabilities may lead to code execution, data tampering...

7.8CVSS5.6AI score0.0017EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Vivotek FD8136 安全漏洞

Vivotek FD8136 is a hemispherical network camera produced by the Chinese company Vivotek. The Vivotek FD8136 FD8136-VVTK-0300a version has a security vulnerability. This vulnerability stems from a remote buffer overflow in the /cgi-bin/dido/setdo.cgi endpoint, which could allow authenticated...

8.8CVSS6.5AI score0.00523EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

WordPress plugin ARMember Premium SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.8AI score0.01383EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

WordPress plugin Simple Custom Login Page 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.4CVSS5.3AI score0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Vivotek FD8136 安全漏洞

Vivotek FD8136 is a hemispherical network camera produced by the Chinese company Vivotek. The Vivotek FD8136 FD8136-VVTK-0300a version contains a security vulnerability. This vulnerability stems from a remote buffer overflow attack on the /cgi-bin/admin/eventtask.cgi endpoint. It could allow...

8.8CVSS6.4AI score0.00599EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Microsoft Edge 安全漏洞

Microsoft Edge is a web browser included with Windows 10 and later versions from Microsoft. There is a security vulnerability in Microsoft Edge, which stems from a type confusion flaw in the program’s handling of certain types of media or signaling data...

5.9AI score
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

WordPress plugin Accordion FAQ 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

7.5CVSS5.4AI score0.003EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

WordPress plugin ARMember Premium SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.5CVSS5.8AI score0.00308EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from improper implementation...

4.3CVSS5.2AI score0.00154EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from improper implementation...

4.3CVSS5.2AI score0.00154EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of ANGLE components after their release, which could allow a remote attacker with access to the rendere...

9.6CVSS5.9AI score0.00325EPSS
Exploits0References3
Total number of security vulnerabilities195539