Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Paroiciel SQL注入漏洞

Paroiciel is an parish management information system developed by the French company Paroiciel. Version 11.20 of Paroiciel contains a SQL injection vulnerability. This vulnerability stems from the zProIdPro parameter, which allows for SQL injections. This could enable authenticated attackers to...

7.1CVSS6.1AI score0.00273EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Paroiciel SQL注入漏洞

Paroiciel is an parish management information system developed by the French company Paroiciel. Version 11.20 of Paroiciel contains a SQL injection vulnerability. This vulnerability stems from the tRecIdListe parameter, which allows for SQL injections. This could enable unauthenticated attackers ...

8.8CVSS6.1AI score0.00341EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

GnuTLS 信息泄露漏洞

GnuTLS is an open-source, free security communication library developed by GnuTLS that enables the implementation of SSL, TLS, and DTLS protocols. There is a security vulnerability in gnutls, which stems from the fact that the PKCS7 padding check does not occur at a constant time during decryptio...

3.7CVSS5.9AI score0.00379EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

nanobot 代码问题漏洞

Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing issues in the Microsoft Teams channel processing program. This could allow...

7CVSS5.5AI score0.00382EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

banana-slides 路径遍历漏洞

banana-slides is an AI-based PPT generation application developed by Anion. Versions of banana-slides 0.4.0 and earlier have a path traversal vulnerability. This vulnerability stems from a path traversal issue in the AI service’s backend function, generateimage. Due to the use of os.path.startswi...

8.7CVSS5.3AI score0.00417EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from the fact that a single SCTP connection can be bound to multiple xappids, but only the first registered resource is cleaned up wh...

8.2CVSS5.4AI score0.00345EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Kiteworks 跨站脚本漏洞

Kiteworks is a security private network data software developed by Kiteworks Corporation in the United States. Versions of Kiteworks prior to 9.3.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from reflective cross-site scripting, which could allow external attackers...

8.2CVSS5.2AI score0.00289EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

SourceCodester SEO Meta Tag Extractor 代码问题漏洞

SourceCodester SEO Meta Tag Extractor is an open-source SEO meta tag extractor developed by SourceCodester. Version 1.0 of SourceCodester SEO Meta Tag Extractor has a code vulnerability. This vulnerability stems from incorrect parameter handling in the getheaders function within the file/index.ph...

7.5CVSS7.4AI score0.00294EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Project Management 授权问题漏洞

Project Management is an open-source project management tool developed by DEVASLAN and released under the PHP open-source license. Versions of Project Management 2.0.0-beta1 and earlier had an authorization issue vulnerability. This vulnerability stems from an improper authorization in the...

5.5CVSS5.7AI score0.0023EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Project Management 授权问题漏洞

Project Management is an open-source project management tool developed by DEVASLAN and released under the PHP open-source license. Versions of Project Management 2.0.0-beta1 and earlier contained vulnerabilities related to authorization. These vulnerabilities stemmed from improper authorization i...

5.5CVSS5.8AI score0.0023EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

IBM WebSphere Application Server(WAS) 代码注入漏洞

IBM WebSphere Application Server is an enterprise-level Java application server, primarily used for deploying and running Java enterprise applications. IBM WebSphere Application Server has a security control bypass vulnerability. This vulnerability stems from the improper implementation of securi...

9CVSS6AI score0.00508EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

aiter 代码问题漏洞

aiter is a high-performance AI operator library open source by AMD ROCm™ Software, providing optimized GPU cores for inference and training. Versions of aiter prior to 0.1.14 contain code vulnerabilities. These vulnerabilities stem from unauthenticated remote code execution in the MessageQueue.re...

9.8CVSS6.7AI score0.01104EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.23 views

Nextcloud Server 安全漏洞

NextCloud Server is an open-source NextCloud server program developed by NextCloud. There were security vulnerabilities in versions 32.0.0 to 32.0.9 and 33.0.0 to 33.0.3 of NextCloud Server. These vulnerabilities stemmed from improper authorization control in the calendar backend, allowing...

8.1CVSS5.3AI score0.00284EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Nextcloud 授权问题漏洞

Nextcloud is an open-source, self-hosted communication platform for file synchronization and sharing developed by the German company Nextcloud. Versions of Nextcloud prior to 2.7.2 contained an authorization vulnerability. This vulnerability stemmed from permission escalation, which could...

6.5CVSS5.2AI score0.00358EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

F5-TTS 路径遍历漏洞

F5-TTS is a voice synthesis tool based on stream matching, developed by Yushen CHEN. Versions of F5-TTS prior to 1.1.20 contained a path traversal vulnerability. This vulnerability stemmed from path traversal within theGradio processing program, allowing unauthenticated attackers to write arbitra...

8.8CVSS5.5AI score0.00393EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

VMware Spring Cloud Function 安全漏洞

VMware Spring Cloud Function is a Java functional application development framework provided by the American company VMware. There is a security vulnerability in VMware Spring Cloud Function, which stems from infinite recursion at the routing layer, potentially leading to a memory insufficiency...

6.5CVSS5.3AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

openairinterface5G 安全漏洞

openairinterface5G is an open-source implementation of the OAI project, focusing on the research, development, and testing of 5G NR New Radio core networks and access networks. Version 2.4.0 of openairinterface5G contains a security vulnerability. This vulnerability stems from the E2SM-KPM RAN...

8.6CVSS5.3AI score0.00393EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability stems from a failure in ASN.1 PER decoding, resulting in a reachable assertion in e2apcreatepdu. This could allow unauthorized remote attackers ...

7.5CVSS5.4AI score0.00624EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from handling RICINDICATION messages that do not contain the ranfuncid field, causing an assert to be triggered or null pointer...

7.5CVSS5.3AI score0.00642EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability stems from the assertion in the e2aprecvsctpmsg function, where assertrc len is used. This could allow unauthorized remote attackers to send SCT...

7.5CVSS5.4AI score0.00642EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.16 views

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities. These vulnerabilities stem from competitive conditions in the geniezone mechanism, which lead to unauthorized writing operations. This can result in an...

6.4CVSS5.3AI score0.00078EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Cloud Foundry Foundation 安全漏洞

Cloud Foundry Foundation is an open-source platform as a service PaaS offered by the Cloud Foundry Foundation. There is a security vulnerability in Cloud Foundry Foundation’s cf-auth-proxy component. This vulnerability stems from authentication bypassing, allowing unauthenticated remote attackers...

7.5CVSS5.4AI score0.00393EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

OFCMS SQL注入漏洞

OFCMS is a content management system developed by the Oufu individual developers. Version OFCMS 1.1.3 has a SQL injection vulnerability, which stems from an SQL injection in the Query function of the SystemParamController.java file within the JSON query interface...

6.5CVSS6.6AI score0.00196EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Nextcloud user_oidc 输入验证错误漏洞

Nextcloud useroidc is an application developed by the German company Nextcloud. In versions 6.1.0 to 8.2.2, there was a vulnerability related to input validation errors. This vulnerability stemmed from improper redirection handling, which could allow attackers to create links that redirect users ...

6.1CVSS5.3AI score0.00232EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

CowAgent 操作系统命令注入漏洞

CowAgent is an intelligent assistant and scalable agent framework developed by zhayujie’s individual developer. Versions of CowAgent 2.0.8 and earlier had a vulnerability related to operating system command injection. This vulnerability stems from the getsafetywarning function in the...

7.5CVSS7.7AI score0.01336EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a logical error in the InstallRepository.kt file. This vulnerability may lead to an increase in local privileges...

7.8CVSS5.2AI score0.00083EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow, whic...

7.2CVSS5.3AI score0.00649EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

WordPress plugin WP AutoSuggest SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS6.2AI score0.00341EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Nextcloud Android app 授权问题漏洞

The Nextcloud Android app is a mobile application developed by the German company Nextcloud, designed for accessing Nextcloud servers on the Android platform. In versions 33.0.0 to 33.1.0 of the Nextcloud Android app, there was an authorization vulnerability. This vulnerability occurred when...

4.6CVSS5.3AI score0.00153EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Apache ActiveMQ 安全漏洞

Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ, which stems from improper input validation and inadequate code...

8.8CVSS5.7AI score0.00577EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Code-Projects Hotel and Tourism Reservation System 代码注入漏洞

Code-Projects Hotel and Tourism Reservation System is an open-source hotel and tourism reservation system developed by Code-Projects. Version 1.0 of the Code-Projects Hotel and Tourism Reservation System has a code injection vulnerability. This vulnerability arises from unauthorized operations on...

5.3CVSS4.7AI score0.00338EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X of OTRS contained security vulnerabilities. These vulnerabilities were due to improper handling of SVG content during the rendering of ticke...

6.5CVSS5.4AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

CloudPirates Open Source Helm Charts 代码注入漏洞

CloudPirates Open Source Helm Charts is a collection of Helm Charts for cloud-native applications, developed by CloudPirates.io. Previous versions of CloudPirates Open Source Helm Charts had a code injection vulnerability. This vulnerability stems from executing code controlled by the attacker in...

10CVSS5.4AI score0.00275EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.31 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from improper input validation in multiple functions within DevicePolicyManagerService.java. These vulnerabilities may lead to local...

5.5CVSS5.3AI score0.00066EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.18 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the exhaustion of function resources in ubsanthrowingruntime.cpp. This vulnerability may lead to local persistent denial-of-service...

5.5CVSS5.3AI score0.00071EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Fsas ServerView Agents 安全漏洞

Fsas ServerView Agents is a server monitoring and management software developed by the Japanese company Fsas. Fsas ServerView Agents for Windows versions 11.60.04 and earlier contain security vulnerabilities. These vulnerabilities stem from improper allocation of permissions for critical resource...

8.5CVSS7.4AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Fsas ServerView Agents 安全漏洞

Fsas ServerView Agents is a server monitoring and management software developed by the Japanese company Fsas. Versions of Fsas ServerView Agents prior to V11.60.04 contain security vulnerabilities. These vulnerabilities stem from permission chain issues, which may allow local authenticated...

8.5CVSS7.3AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.18 views

JeecgBoot 代码问题漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.1 and earlier contain code vulnerabilities. These vulnerabilities stem from a server-side request forgeing vulnerability in the...

6.5CVSS6.6AI score0.0027EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Poppler 数字错误漏洞

Poppler is an open-source PDF rendering library developed by Poppler. Poppler has a vulnerability related to input validation errors. This vulnerability stems from an integer overflow in the tilingPatternFill function within the Splash backend. As a result of this overflow, insufficient heap memo...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References13
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a resource exhaustion issue in the getPreferredSize function within LauncherProcessImageListener.kt. This vulnerability may lead to loca...

5.5CVSS5.3AI score0.00071EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

microtar 安全漏洞

microtar is a lightweight ANSI C language tar library developed by rxi’s individual developers. Versions of microtar 0.1.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the rawtoheader function using strcpy to copy fields in the ustar format that are not empty...

8.8CVSS5.4AI score0.00318EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from SQL injections in several functions, potentially leading to local privilege escalation...

7.8CVSS5.7AI score0.00094EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from logical errors in multiple locations. These vulnerabilities may bypass user interaction when pairing LE devices. This can lead to an...

8CVSS5.4AI score0.00121EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability stems from the iApp registry using assert instead of gracefully rejecting forced node ID uniqueness. This could allow remote unauthenticated...

7.5CVSS5.4AI score0.00428EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Qualcomm Chipsets 访问控制错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. Qualcomm Chipsets contain an access control vulnerability, which stems from encryption issues when processing certain partitions. This vulnerability may allow unauthorized write access to load custo...

8.2CVSS5.3AI score0.00071EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

UTT HiPER 1200GW 安全漏洞

UTT HiPER 1200GW is a wireless gateway device developed by UTT Corporation. Versions of UTT HiPER 1200GW prior to 2.5.3-170306 contained security vulnerabilities. These vulnerabilities were caused by incorrect parameter handling in the strcpy function within the file/goform/formFireWall, which...

9CVSS8.4AI score0.00472EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

PackageKit 授权问题漏洞

PackageKit is an open-source system for installing and updating software. Versions of PackageKit 1.3.5 and earlier have a licensing issue vulnerability. This vulnerability stems from incorrect handling of the parameter ‘frontend-socket’ in the function gfiletest within the API component file...

5.3CVSS5AI score0.00222EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Assimp 资源管理错误漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained a resource management vulnerability. This vulnerability stemmed from a issue with the ASE File Parser component in the scene.cpp...

5.3CVSS5.5AI score0.00115EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There is a security vulnerability in Qualcomm Chipsets, which stems from memory corruption during data copying operations when the size of the output buffer is smaller than that of the input buffer...

6.7CVSS5.7AI score0.00078EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. Qualcomm Chipsets have a buffer error vulnerability, which stems from insufficient input validation in the diagnostic service, leading to memory corruption...

6.7CVSS5.7AI score0.00079EPSS
Exploits0References1
Total number of security vulnerabilities195539