Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by a type confusion in the V8 component. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a speciall...

8.8CVSS6.1AI score0.00393EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the FileSystem component after its release, which could allow a remote attacker to exploit the...

9.6CVSS5.4AI score0.00325EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a buffer overflow vulnerability, which was caused by out-of-bounds writes in the Skia component. This vulnerability could allow remote attackers to exploit the vulnerability through...

8.3CVSS5.8AI score0.00286EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by an integer overflow in the Dawn component. This vulnerability could allow remote attackers to achieve sandbox escape by using a specially crafted...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the WebShare component, which could allow a remote attacker to escape the...

8.3CVSS5.3AI score0.00305EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient trust-based input validation in the Media component, which could allow remote attackers to exploit...

8.3CVSS5.4AI score0.00305EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the DevTools component, which could allow remote attackers to inject arbitrary...

6.1CVSS5.5AI score0.00213EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Core components after their release, which could allow remote attackers to exploit the vulnerability...

8.3CVSS5.4AI score0.00275EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by a type confusion in the V8 component. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a speciall...

8.8CVSS6.1AI score0.00425EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient validation for untrusted inputs provided by the Extensions component. It could allow remote...

6.5CVSS5.3AI score0.0028EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Dawn components after their release, which could allow remote attackers to exploit the vulnerability...

8.3CVSS5.4AI score0.00286EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the WebAuthentication component after it was released, which could allow remote attackers to exploit...

7.5CVSS5.5AI score0.00326EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Passwords component reusing resources after release, which could allow remote attackers to execute arbitrary...

7.5CVSS6AI score0.00341EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of components after their release, which could allow remote attackers to execute arbitrary code through...

8.8CVSS6AI score0.00374EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the Passwords component after it was released, which could allow remote attackers to exploit heap...

7.5CVSS5.5AI score0.00286EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Ozone components after their release, which could allow remote attackers to execute arbitrary code...

8.8CVSS6AI score0.0039EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Chromoting components after their release, which could allow remote attackers to execute arbitrary...

8.8CVSS6AI score0.0036EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Cast Streaming component’s ability to reuse resources after they were released, potentially allowing attacker...

8.8CVSS5.9AI score0.00187EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the use of components that were reused after being released, potentially allowing remote attackers to execute...

8.8CVSS6AI score0.00374EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Chromecast component’s ability to reuse resources after release, which could allow remote attackers who have...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. in the United States. Network is a network component open source by Cloudburst. Versions of Google Chrome prior to 149.0.7827.53 had a resource management vulnerability. This vulnerability stemmed from the Network component’s ability to reus...

8.8CVSS6AI score0.00467EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from decoding maliciously constructed MIME headers containing numerous invalid encoding...

7.5CVSS5.3AI score0.0056EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

Alf.io 安全漏洞

Alf.io is a free and open-source event attendance management system developed by Alf.io. Versions of Alf.io prior to 2.0-M5-2606 contained security vulnerabilities. These vulnerabilities stemmed from the HTTP Client’s postFileAndSaveResponse method, which allowed arbitrary file system paths witho...

4.9CVSS5.6AI score0.00317EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Alf.io 安全漏洞

Alf.io is a free and open-source attendance management system developed by Alf.io. Versions of Alf.io prior to 2.0-M5-2606 contained security vulnerabilities. These vulnerabilities stemmed from sandbox escape in the extended script engine. Combined with unprotected injection of Java object...

8CVSS5.8AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

GLPI 跨站脚本漏洞

GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases for managing various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...

7.1CVSS4.8AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Seagate openSeaChest 安全漏洞

Seagate openSeaChest is a set of cross-platform storage device management tools developed by Seagate Corporation. The version of Seagate openSeaChest v25.05.3 contains a security vulnerability. This vulnerability stems from out-of-bounds writing and reading operations during the --showSCSIDefects...

1.8CVSS5.3AI score0.00102EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.17 views

Seagate openSeaChest 安全漏洞

Seagate openSeaChest is a set of cross-platform storage device management tools developed by Seagate Corporation. The version v26.03.0 of Seagate openSeaChest contains a security vulnerability. This vulnerability stems from out-of-bound writing during the Trim/Unmap operations, which may lead to...

4.6CVSS5.4AI score0.00114EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

BlenderMCP 代码问题漏洞

BlenderMCP is a 3D modeling control tool created by ahujasid, which connects Blender with AI. BlenderMCP has code vulnerabilities; these vulnerabilities stem from the requests.get function in the src/blendermcp/server.py file of the ZIP File Handler component. The function’s handling of the...

6.5CVSS5.5AI score0.00227EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Docker Desktop 安全漏洞

Docker Desktop is a desktop software from the American company Docker, based on container technology, designed for lightweight application deployment. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well ...

8.2CVSS5.3AI score0.00115EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

OpenCTI 跨站脚本漏洞

OpenCTI is an open-source network threat intelligence platform developed by OpenCTI. Versions of OpenCTI prior to 7.260227.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of the email-message observable body data during its rendering, which coul...

6.1CVSS4.9AI score0.00149EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

BlenderMCP 安全漏洞

BlenderMCP is a 3D modeling control tool developed by ahujasid that connects Blender with AI. BlenderMCP has a security vulnerability, which stems from the operation of the Open function in the file src/blendermcp/server.py regarding the parameter inputimageurl, potentially leading to exploitatio...

5.3CVSS5.3AI score0.00248EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Dräger Protector Software 安全漏洞

Dräger Protector Software is a gas detection and safety monitoring management platform developed by the German company Dräger. Versions of Dräger Protector Software prior to version 6.4.2 contained security vulnerabilities. These vulnerabilities were due to insecure file system permissions, which...

8.3CVSS6AI score0.00107EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

authentik 输入验证错误漏洞

Authentik is an open-source identity provisioning application developed by Authentik. Versions prior to 2025.12.5, 2026.2.3, and 2026.5.1 contained a vulnerability related to input validation errors. This vulnerability stemmed from an XML signature packaging flaw in the SAML Source ACS endpoint’s...

8.5CVSS5.3AI score0.00182EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Protocol 授权问题漏洞

Protocol is a multi-version Minecraft support protocol library developed by Cloudburst. Versions of Protocol prior to 3.0.0.Beta12-20260420.182526-15 contained vulnerabilities related to authorization issues. These vulnerabilities stemmed from a lack of verification for FULL type authentication...

5.3CVSS5.3AI score0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

authentik 跨站脚本漏洞

Authentik is an open-source identity provisioning application. Versions of Authentik before 2025.12.5 and 2026.2.3 had a cross-site scripting vulnerability. This vulnerability stemmed from issues in the SFE implementation phase, which could lead to the exploitation of XSS vulnerabilities during t...

9.3CVSS5AI score0.00355EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

Student-Management-System 授权问题漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a vulnerability in the student-management-system’s authorization mechanism; this vulnerability stems from improper authentication of unknown functions, which may lead to remote attac...

7.5CVSS5.4AI score0.00498EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

authentik 输入验证错误漏洞

Authentik is an open-source identity provisioning application. Versions of Authentik prior to 2026.2.3 had a vulnerability related to input validation errors. This vulnerability stemmed from the WS-Federation provider’s use of raw string prefixes for validation instead of proper URL parsing, whic...

6.9CVSS5.3AI score0.0019EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

FastNetMon 安全漏洞

FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov. It is built using multiple packet capture engines. Versions of FastNetMon Community Edition 1.2.9 and earlier contained security vulnerabilities. These vulnerabilities stemmed from out-of-bounds read operations in...

5.9CVSS5.4AI score0.00267EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Tesla 安全漏洞

Tesla is an HTTP client software open source by Elixir Tesla. Versions of Tesla from 0.8.0 to 1.18.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of escaping of the Content-Disposition parameter value, which could lead to multipart header injection attacks...

2.1CVSS5.3AI score0.00143EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Tesla 安全漏洞

Tesla is an electric vehicle produced by the American company Tesla. Versions of Tesla from 1.3.0 to 1.18.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of resource allocation control in Tesla.Adapter.Mint, which could lead to denial-of-service attacks due to...

8.2CVSS5.3AI score0.00301EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Tesla 安全漏洞

Tesla is an HTTP client software open-sourced by Elixir Tesla. Versions of Tesla from 0.6.0 to 1.18.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of restrictions on the size of decompressed data when processing highly compressed data, which could lead to...

8.2CVSS5.4AI score0.00329EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.12 views

aiohttp 访问控制错误漏洞

aiohttp is an open-source framework developed by aio-libs, used for asynchronous HTTP client/server interactions with asyncio and Python. Versions of aiohttp prior to 3.14.0 contained a access control vulnerability; this vulnerability stemmed from the use of cookies set using the “cookies”...

8.7CVSS5.3AI score0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

aiohttp 代码问题漏洞

Aiohttp is an open-source framework developed by aio-libs, used for asynchronous HTTP client/server interactions with asyncio and Python. Versions of AIOHTTP prior to 3.14.0 contained code vulnerabilities that could lead to arbitrary code execution when using CookieJar.load to handle untrusted...

7.3CVSS8.6AI score0.00128EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

SolarWinds Web Help Desk 安全漏洞

SolarWinds Web Help Desk is a service desk and asset management software provided by the American company SolarWinds. This software supports centralized knowledge bases, IT asset management, project and task management functions. There is a security vulnerability in SolarWinds Web Help Desk, whic...

8.2CVSS5.3AI score0.00417EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open-source web browser developed by the Mozilla Foundation in the United States. Versions of Mozilla Firefox prior to 151.0.3 contained a security vulnerability, which was caused by incorrect boundary conditions in the Graphics: Text component...

7.5CVSS5.3AI score0.00301EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

DesDev DedeCMS SQL注入漏洞

DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a SQL injection vulnerabilit...

7.5CVSS5.6AI score0.00313EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.16 views

Sony PlayStation 4 安全漏洞

The Sony PlayStation 4 is a home video game console developed by the Japanese company Sony. There were security vulnerabilities in the versions 13.00 to 13.02 of the Sony PlayStation 4. These vulnerabilities stemmed from the BD-J sandbox feature, which could allow an abnormal JAR file to escape,...

7.4CVSS5.4AI score0.00085EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Dräger SC Monitoring devices 信任管理问题漏洞

The Dräger SC Monitoring devices are a series of clinical vital signs monitoring devices produced by the German company Dräger. The Dräger SC Monitoring devices have a vulnerability related to trust management. This vulnerability stems from hard-coded plaintext credentials in the source code, alo...

7.6CVSS5.5AI score0.00193EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Dräger Infinity M300 资源管理错误漏洞

The Dräger Infinity M300 is a wearable telemetry patient monitoring device developed by the German company Dräger. Versions of the Dräger Infinity M300 prior to version 2.3.1 contained a resource management vulnerability. This vulnerability stemmed from a network-based denial-of-service issue,...

7.1CVSS5.4AI score0.00187EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Dell ThinOS 10 访问控制错误漏洞

Dell ThinOS 10 is an operating system developed by the American company Dell. Versions prior to Dell ThinOS 10 260210.0765 contained a vulnerability related to access control. This vulnerability stemmed from improper access control mechanisms, which could allow low-privilege attackers with local...

7.8CVSS5.3AI score0.001EPSS
Exploits0References1
Total number of security vulnerabilities195539