Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

WordPress plugin e2pdf 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

7.1CVSS5.1AI score0.00142EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

KAMSOFT KS-SOMED 信任管理问题漏洞

KAMSOFT KS-SOMED is a comprehensive healthcare management system developed by the Polish company KAMSOFT. KAMSOFT KS-SOMED has a vulnerability related to trust management. This vulnerability stems from the use of hardcoded credentials, which may allow unauthorized attackers to access the FTP serv...

8.7CVSS5.4AI score0.00356EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Red Hat OpenShift Container Platform 安全漏洞

Red Hat OpenShift Container Platform is a platform developed by Red Hat Corporation that helps enterprises develop, deploy, and manage container-based applications across physical, virtual, and public cloud infrastructures. There is a security vulnerability in Red Hat OpenShift Container Platform...

5CVSS5.4AI score0.0023EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

WhatsApp MCP Server 路径遍历漏洞

WhatsApp MCP Server is a WhatsApp messaging search and sending tool developed by Luke Harries. Version 0.0.1 of WhatsApp MCP Server has a path traversal vulnerability. This vulnerability stems from incorrect handling of the mediaPath parameter in the SendAPIEndpoint component’s SendMessageRequest...

5.1CVSS5AI score0.00265EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

SourceCodester Computer Repair Shop Management System SQL注入漏洞

SourceCodester Computer Repair Shop Management System is an open-source computer repair workshop management system developed by SourceCodester. Versions of the SourceCodester Computer Repair Shop Management System prior to version 1.0 contained SQL injection vulnerabilities. These vulnerabilities...

7.5CVSS7.5AI score0.00269EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Code-Projects Real State Services SQL注入漏洞

Code-Projects Real State Services is an open-source real estate service developed by Code-Projects. Version 1.0 of Code-Projects Real State Services has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter “Username” in the “login” component’s file...

7.5CVSS7.5AI score0.00269EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

CodeAstro Online Job Portal SQL注入漏洞

CodeAstro Online Job Portal is an online job portal operated by CodeAstro Corporation. Version 1.0 of CodeAstro Online Job Portal has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file/users/applicationstatus.php, which may lead to SQL...

7.5CVSS7.5AI score0.00263EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

CodeAstro Online Job Portal SQL注入漏洞

CodeAstro Online Job Portal is an online job portal operated by CodeAstro Corporation. Version 1.0 of CodeAstro Online Job Portal has a SQL injection vulnerability. This vulnerability arises from improper handling of the parameter ID in the file admin/jobs-admins/delete-jobs.php, which may lead t...

7.5CVSS7.5AI score0.00263EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

H3C Magic B0 安全漏洞

H3C Magic B0 is a small wireless router produced by H3C Corporation. The H3C Magic B0 100R002 and earlier versions have security vulnerabilities. These vulnerabilities stem from improper handling of parameters in the function SetMobileAPInfoById within the file/goform/aspForm, which may lead to a...

9CVSS8.5AI score0.00484EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.23 views

HP Poly Voice 安全漏洞

HP Poly Voice is a voice communication software developed by the American company Hewlett-Packard HP. There is a security vulnerability in HP Poly Voice, which stems from a buffer overflow issue when administrators enable interactive connection establishment. This vulnerability may lead to remote...

9.2CVSS6.3AI score0.24469EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

GPAC MP4Box 安全漏洞

GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Versions of GPAC MP4Box prior to 26.02.0 contained a...

5.5CVSS5.3AI score0.00133EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

GPAC 安全漏洞

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 26.02.0 contained security vulnerabilities; these vulnerabilities stemmed from the use of the dasherprocess function, which allowed reusing of memory after heap deallocation, potentially leading to...

5.5CVSS5.3AI score0.0013EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

GPAC 安全漏洞

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 26.02.0 contained security vulnerabilities. These vulnerabilities were caused by a null pointer dereferencing in the gfac4presb4backchannelspresent function, which could lead to a denial-of-service attack...

5.5CVSS5.3AI score0.00143EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

GPAC MP4Box 异常处理不当漏洞

GPAC MP4Box is a multimedia packager. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Versions of GPAC MP4Box prior to 26.02.0 contained a security vulnerability...

5.5CVSS6AI score0.00143EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

GPAC 安全漏洞

GPAC is an open-source multimedia framework developed by GPAC. Version 2.4 of GPAC contains a security vulnerability, which stems from a heap buffer overflow in the m2tsdmxsendpacket function. This vulnerability could lead to a denial-of-service attack...

5.5CVSS5.6AI score0.00158EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open-source web browser developed by the Mozilla Foundation in the United States. Versions of Mozilla Firefox prior to 151.2 contained security vulnerabilities. These vulnerabilities stemmed from Reader View incorrectly escaping HTML tags in JSON-LD metadata. This could allo...

5.4CVSS5.7AI score0.00157EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Mozilla Firefox for iOS 安全漏洞

Mozilla Firefox for iOS is a web browser designed for iOS devices by the Mozilla Foundation in the United States. Versions of Mozilla Firefox for iOS prior to 151.2 contained a security vulnerability. This vulnerability stemmed from Reader View replacing the page content in the HTML template befo...

5.4CVSS5.5AI score0.00157EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

logback 安全漏洞

Logback is a reliable, versatile, fast, and flexible Java logging framework developed by QOS.CH. Versions of Logback prior to 1.5.33 contain security vulnerabilities, which stem from the deserialization of untrusted data. This can lead to object injection, even though strict restrictions are in...

6.3CVSS5.5AI score0.00342EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

itsourcecode Content Management System SQL注入漏洞

itsourcecode Content Management System is an open-source content management system developed by itsourcecode. Version 1.0 of the itsourcecode Content Management System has a SQL injection vulnerability. This vulnerability stems from improper handling of the topicid parameter in the file...

6.5CVSS6.6AI score0.002EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

SourceCodester Pharmacy Sales and Inventory System 访问控制错误漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a vulnerability related to access control. This vulnerability stems fro...

6.9CVSS5.7AI score0.00311EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

itsourcecode Online House Rental System SQL注入漏洞

itsourcecode Online House Rental System is an open-source online housing rental system developed by itsourcecode. Version 1.0 of the itsourcecode Online House Rental System has a SQL injection vulnerability. This vulnerability arises from improper handling of parameter IDs in the...

7.5CVSS7.5AI score0.00263EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.18 views

TRAC PDBM 安全漏洞

TRAC PDBM is an industrial automation process database management software developed by the Slovenian company TRAC. TRAC PDBM has a security vulnerability that stems from the use of static, hard-coded keys. This vulnerability could allow attackers to decrypt credentials stored in configuration...

6.4CVSS5.4AI score0.00065EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

itsourcecode Online Blood Bank Management System SQL注入漏洞

itsourcecode Online Blood Bank Management System is an open-source online blood bank management system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which stems from improper handling of the parameter ID in the file/admin/viewrequest.php, potentially...

7.5CVSS7.5AI score0.00269EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability arises from improper...

5.1CVSS4.6AI score0.00199EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

SourceCodester Pharmacy Sales and Inventory System 安全漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Versions of the SourceCodester Pharmacy Sales and Inventory System prior to version 1.0 contained security vulnerabilities. These vulnerabilities were...

5.8CVSS5AI score0.00248EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability arises from improper...

5.1CVSS4.6AI score0.00199EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability stems from improper...

5.1CVSS4.6AI score0.00203EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability stems from improper...

5.1CVSS4.6AI score0.00203EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Apache Fluss 安全漏洞

Apache Fluss is a streaming storage system developed by the Apache Foundation in the United States. Versions 0.8.0 and 0.9.0 of Apache Fluss contain security vulnerabilities. These vulnerabilities stem from the use of Integer.MAXVALUE as the maximum frame length in the Netty...

7.5CVSS5.4AI score0.0058EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Apache Airflow 信息泄露漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the use of...

8.8CVSS5.9AI score0.00489EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Apache ActiveMQ 安全漏洞

Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ. This vulnerability arises when the network connector...

5.9CVSS5.3AI score0.00328EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Apache Airflow 信任管理问题漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained a trust management vulnerability. This vulnerability stemmed from the...

5.9CVSS5.4AI score0.00185EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.8 views

Apache ActiveMQ 权限许可和访问控制问题漏洞

Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ, which stems from improper default Jolokia authorization...

8.8CVSS5.9AI score0.00424EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Apache MINA SSHD 安全漏洞

Apache MINA SSHD is a pure Java library from the Apache Foundation that supports the SSH protocol on both the client and server sides. Apache MINA SSHD has a security vulnerability caused by path traversal, which may allow authenticated users to access git repositories outside of the configured g...

7.1CVSS5.4AI score0.00527EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from a lack of checks...

4.3CVSS5.3AI score0.00352EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Apache ActiveMQ 安全漏洞

Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ, which stems from incomplete authorization. This vulnerability...

4.3CVSS5.3AI score0.00335EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the use of...

3.1CVSS5.3AI score0.00344EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the...

7.3CVSS5.5AI score0.00651EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Apache Solr 安全漏洞

Apache Solr is a search server based on Lucene, developed by the Apache Foundation in the United States. This product supports faceted searching, vertical searching, and highlighting search results. Vulnerabilities exist in Apache Solr versions 9.4.0 through 9.10.1, as well as 10.0.0, due to...

9.8CVSS8.4AI score0.00529EPSS
Exploits2References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Apache Airflow 信息泄露漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. Prior to Apache Airflow 3.2.2, there were security...

6.5CVSS5.8AI score0.00335EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the XCom PATCH...

8.8CVSS6.3AI score0.0055EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Apache Airflow 信息泄露漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained a security vulnerability known as information leakage. This vulnerability...

6.5CVSS5.3AI score0.00335EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...

7.5CVSS5.4AI score0.00458EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. One...

5.9CVSS5.4AI score0.00265EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...

4.3CVSS5.3AI score0.00352EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.22 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow. The...

3.1CVSS5.3AI score0.00459EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

SOPlanning 代码问题漏洞

SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had code vulnerabilities. These vulnerabilities stemmed from an unvalidated validation of file extensions during upload. This allowed authenticated attackers to uploa...

6.4CVSS5.4AI score0.0031EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

SOPlanning 跨站请求伪造漏洞

SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had a cross-site request forgeing vulnerability. This vulnerability stemmed from the susceptibility of the create, modify, and delete endpoints of groupesave to...

5.1CVSS5.2AI score0.00182EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

SOPlanning 路径遍历漏洞

SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the backup endpoints being susceptible to path traversal attacks, allowing authenticated...

6.4CVSS5.5AI score0.00447EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

SOPlanning 跨站脚本漏洞

SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the taches parameter, which was vulnerable to reflection-type cross-site scripting attacks...

5.1CVSS5.4AI score0.00404EPSS
Exploits0References2
Total number of security vulnerabilities195539