Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

WordPress plugin AIWU 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

9.8CVSS5.5AI score0.00328EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. These vulnerabilities stem from the misleading or insufficient UI provided by the getApplicationLabel function in KeyChainActivity.java, which may lead...

7.8CVSS5.3AI score0.00058EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from improper input validation in the setGlobalProxy function within DevicePolicyManagerService.java. This vulnerability may lead to persiste...

7.8CVSS5.3AI score0.00079EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

eLabFTW 信息泄露漏洞

eLabFTW is an open-source experimental data hosting platform developed by eLabFTW. This platform runs on the Linux system and supports the storage of various types of objects. Versions of eLabFTW prior to 5.4.2 contained a vulnerability related to information leakage. This vulnerability occurred...

4.3CVSS5.3AI score0.00186EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Lightweight Music Server 跨站脚本漏洞

Lightweight Music Server is a self-hosted music streaming service developed by Emeric POUPON. Versions of Lightweight Music Server 3.76.0 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from stored-xss attacks, allowing attackers to execute arbitrary...

5.4CVSS5.5AI score0.00171EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

itsourcecode Content Management System SQL注入漏洞

itsourcecode Content Management System is an open-source content management system developed by itsourcecode. Version 1.0 of the itsourcecode Content Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the topicid parameter in the file...

6.5CVSS6.6AI score0.00204EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

ThorVG 代码问题漏洞

ThorVG is a high-performance, lightweight vector graphics engine developed under open source. Versions of ThorVG prior to 1.0.5 contained code vulnerabilities. These vulnerabilities stemmed from null pointer dereferencing in the SvgLoader::run function, which could cause the process to crash for...

4.3CVSS5.4AI score0.00235EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from the use of a uint16t counter for xappid assignment, but the counter is stored in a uint32t field. As a result of this counter...

7.5CVSS5.4AI score0.00488EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a denial-of-service attack in the user space for the cifs.spnego process. This vulnerability could lead...

7.8CVSS6.3AI score0.00353EPSS
Exploits4References10
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Fsas ServerView Agents 安全漏洞

Fsas ServerView Agents is a server monitoring and management software developed by the Japanese company Fsas. Versions of Fsas ServerView Agents prior to V11.60.04 contain security vulnerabilities. These vulnerabilities stem from permission chain issues, which may allow local authenticated...

8.5CVSS7.3AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

SOPlanning 跨站脚本漏洞

SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the /process/uploadbackup endpoint, which was vulnerable to storage-based cross-site scripti...

5.1CVSS5.3AI score0.00295EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

itsourcecode Online House Rental System SQL注入漏洞

itsourcecode Online House Rental System is an open-source online housing rental system developed by itsourcecode. Version 1.0 of the itsourcecode Online House Rental System has a SQL injection vulnerability. This vulnerability stems from improper handling of the Username parameter in the...

7.5CVSS7.5AI score0.00263EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

CloudPirates Open Source Helm Charts 代码注入漏洞

CloudPirates Open Source Helm Charts is a collection of Helm Charts for cloud-native applications, developed by CloudPirates.io. Previous versions of CloudPirates Open Source Helm Charts had a code injection vulnerability. This vulnerability stemmed from GitHub Actions workflows exposing sensitiv...

10CVSS5.4AI score0.0026EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Apache ActiveMQ 安全漏洞

Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ. This vulnerability stems from the MessageServlet in the web...

6.1CVSS5.3AI score0.01107EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Kiteworks 安全漏洞

Kiteworks is a secure private network data software developed by Kiteworks Corporation in the United States. Versions of Kiteworks prior to 9.3.0 contained security vulnerabilities. These vulnerabilities were caused by insecure direct object references, which could allow authentication attackers ...

6.5CVSS5.4AI score0.00184EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

VMware Spring Cloud Function 安全漏洞

VMware Spring Cloud Function is a Java functional application development framework provided by the American company VMware. There is a security vulnerability in VMware Spring Cloud Function, which stems from attempting to add an unlimited number of functions to the function registry, potentially...

6.5CVSS5.3AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...

6.5CVSS5.5AI score0.00665EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

SOPlanning SQL注入漏洞

SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had a SQL injection vulnerability. This vulnerability stemmed from multiple endpoints and parameters that were vulnerable to SQL injection attacks. It was possible fo...

8.7CVSS5.8AI score0.00211EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

itsourcecode Content Management System SQL注入漏洞

itsourcecode Content Management System is an open-source content management system developed by itsourcecode. Version 1.0 of the itsourcecode Content Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the topicid parameter in the...

6.5CVSS6.6AI score0.002EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

CodeAstro Ingredients Stock Management System SQL注入漏洞

The CodeAstro Ingredients Stock Management System is a inventory management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Ingredients Stock Management System has a SQL injection vulnerability. This vulnerability arises from incorrect operations with the parameter txtsearchcatego...

6.5CVSS6.6AI score0.002EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

SourceCodester Pet Grooming Management Software 安全漏洞

SourceCodester Pet Grooming Management Software is an open-source pet grooming management system developed by SourceCodester. Version 1.0 of SourceCodester Pet Grooming Management Software contains a security vulnerability. This vulnerability arises from improper operations with files in the admi...

6.9CVSS5.6AI score0.00329EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Code-Projects Online Hospital Management System SQL注入漏洞

Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. The 1.php version of the Code-Projects Online Hospital Management System has a SQL injection vulnerability. This vulnerability stems from improper handling of the Userna...

7.5CVSS7.5AI score0.00263EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. Qualcomm Chipsets have a buffer error vulnerability, which stems from memory corruption when processing device identifier strings that exceed the expected maximum length...

7.8CVSS5.7AI score0.00075EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Code-Projects Online Hospital Management System SQL注入漏洞

Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. Version 1.0 of the Code-Projects Online Hospital Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the editid...

6.5CVSS6.6AI score0.002EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

CodexBar 安全漏洞

CodexBar is an AI programming service usage monitoring tool developed by Peter Steinberger. Versions of CodexBar prior to 0.32.0 contained security vulnerabilities. These vulnerabilities were caused by a session cookie leakage issue, which could allow network attackers to exploit the improper...

8.2CVSS5.3AI score0.00186EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Dassault Systèmes DELMIA Service Process Engineer 安全漏洞

Dassault Systèmes DELMIA Service Process Engineer is a process planning software developed by Dassault Systèmes, a French company. There are security vulnerabilities in Dassault Systèmes DELMIA Service Process Engineer versions from 3DEXPERIENCE R2024x to 3DEXPERIENCE R2026x. These vulnerabilitie...

8.7CVSS5.6AI score0.00199EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from trusting the xappid field in the trust E42 message without binding it to the sender’s SCTP association. As a result, remote...

7.5CVSS5.4AI score0.0057EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from an integer overflow in the l2cfcrclonebuf function found in l2cfcr.cc. This vulnerability may lead to controlled heap corruption within...

8CVSS5.7AI score0.00107EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Dräger Infinity Explorer C700 安全漏洞

The Dräger Infinity Explorer C700 is an integrated medical-grade monitoring workstation component developed by the German company Dräger. The Dräger Infinity Explorer C700 has a security vulnerability that stems from privilege escalation. This vulnerability could allow attackers to break through...

8.6CVSS5.3AI score0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Capsule 安全漏洞

Capsule is an open-source Kubernetes framework developed by Project Capsule. Versions prior to Capsule 0.13.0 have security vulnerabilities. These vulnerabilities stem from the processing of TenantResource RawItems, which does not set namespaces for cluster-wide resources. This could allow tenant...

9.1CVSS5.4AI score0.0043EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.42 views

Nextcloud Server 访问控制错误漏洞

NextCloud Server is an open-source NextCloud server program. Versions of NextCloud Server from 32.0.0 to 32.0.9 and from 33.0.0 to 33.0.3 had a access control vulnerability due to improper sharing token access controls. This vulnerability could allow malicious users to access temporarily uploaded...

6.3CVSS5.3AI score0.00231EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

nanobot 代码问题漏洞

Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained code vulnerabilities. These vulnerabilities stemmed from issues with server-side request forgeing in the webFetch tool. This could allow remote attackers to access...

5.3CVSS5.5AI score0.00287EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from the use of the assert function to enforce mapping relationships before sending the E2SETUPREQUEST message. This could allow remote...

7.5CVSS5.4AI score0.00347EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Nextcloud Server 授权问题漏洞

NextCloud Server is an open-source NextCloud server program. Versions of NextCloud Server from 32.0.0 to 32.0.9 and from 33.0.0 to 33.0.3 had authorization-related vulnerabilities. These vulnerabilities stemmed from authentication bypasses, allowing attackers who know the user’s password to...

5.9CVSS5.3AI score0.0029EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X of OTRS, as well as versions before 2026.4.X. These vulnerabilities stem from improper handling of permissions in the document search...

3.5CVSS5.3AI score0.00143EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Qualcomm Chipsets 代码问题漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have code-related vulnerabilities; these vulnerabilities arise from heap memory exhaustion during secure data initialization, leading to memory corruption when writing to invalid memory locations...

7.8CVSS5.6AI score0.00075EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a GPU driver toolkit developed by the British company Imagination. There is a security vulnerability in Imagination Graphics DDK, which stems from an address translation logic error. This vulnerability may allow the compromised host kernel to perform arbitrary writes t...

4.3CVSS5.5AI score0.00143EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.26 views

AMD Processors 安全漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from insufficient access control granularity. This vulnerability could allow attackers to exploit trusted user-space applications to map...

7.1CVSS5.3AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a buffer error vulnerability, which stems from insufficient output buffer size during the execution of random number generator commands, leading to memory corruption...

6.7CVSS5.9AI score0.00079EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Nextcloud Files approval 信息泄露漏洞

NextCloud Files Approval is an open-source file approval software developed by NextCloud. Versions of NextCloud Files Approval prior to version 2.7.2 had a vulnerability related to information leakage. This vulnerability stemmed from a lack of permission checks, allowing authenticated users to...

3.3CVSS5.3AI score0.0013EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

Assimp 缓冲区错误漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained a buffer error vulnerability. This vulnerability stemmed from incorrect handling of the parameter aiString in the...

4.8CVSS4.9AI score0.00113EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

Nextcloud Forms 安全漏洞

NextCloud Forms is an open-source, hosted questionnaire and form creation tool developed by NextCloud. Versions of NextCloud Forms prior to 5.2.6 contained a security vulnerability due to a lack of permission checks. This vulnerability could allow users to request access to other users’ form...

6.5CVSS5.3AI score0.00291EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Nextcloud Teams 安全漏洞

NextCloud Teams is an open-source team collaboration and group management tool developed by NextCloud. There were security vulnerabilities in versions of NextCloud Teams between 32.0.0 and 32.0.9, as well as between 33.0.0 and 33.0.3. These vulnerabilities stemmed from the system automatically...

6.4CVSS5.4AI score0.00293EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Nextcloud Calendar 信息泄露漏洞

NextCloud Calendar is an open-source calendar application developed by NextCloud. There were information leakage vulnerabilities in versions 5.5.13 to 5.5.17 and 6.2.0 to 6.2.3 of NextCloud Calendar. These vulnerabilities stemmed from the lack of shared restrictions applied to the meeting...

4.3CVSS5.3AI score0.00281EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from insufficient permission checks, potentially leading to local privilege escalation...

7.8CVSS5.3AI score0.00072EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

sendportal 代码注入漏洞

SendPortal is a self-hosted email marketing management tool developed by Mattel. Versions of SendPortal 3.0.1 and earlier had a code injection vulnerability. This vulnerability stemmed from incorrect handling of the content parameter by the Campaign Handler component in the /webview/ file, which...

5.1CVSS4.6AI score0.00203EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

IBM WebSphere Application Server(WAS) 安全漏洞

IBM WebSphere Application Server is a Java enterprise application server developed by IBM. It is primarily used for deploying and managing enterprise-level web applications. IBM WebSphere Application Server has a vulnerability known as “Identity Spoofing.” This vulnerability arises from the failu...

9.1CVSS5.8AI score0.0033EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Nextcloud Server 安全漏洞

NextCloud Server is an open-source NextCloud server program. There were security vulnerabilities in versions 31.0.0 to 31.0.12, and in versions 32.0.0 to 32.0.3 of NextCloud Server. These vulnerabilities stemmed from a lack of relational checks, which could allow authenticated users to read all...

6.8CVSS5.3AI score0.00252EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

ArmCode Arm Whois 安全漏洞

ArmCode Arm Whois is a web information query tool developed by ArmCode Corporation. Version 3.11 of ArmCode Arm Whois contains a security vulnerability. This vulnerability stems from a stack buffer overflow, which could allow remote attackers to execute arbitrary code by providing excessive input...

9.8CVSS6.2AI score0.00923EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X. These vulnerabilities stem from improper handling of permissions for external interfaces and the configuration ite...

3.5CVSS5.3AI score0.00143EPSS
Exploits0References1
Total number of security vulnerabilities195539