Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

WordPress plugin Contest Gallery Pro 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS5.5AI score0.00331EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, and these vulnerabilities arise from the exposure of information when processing advertisement frames that contain format-errors MBSSID...

5.5CVSS5.3AI score0.00091EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Nextcloud Files approval 信息泄露漏洞

NextCloud Files Approval is an open-source file approval software developed by NextCloud. Versions of NextCloud Files Approval prior to version 2.7.2 had a vulnerability related to information leakage. This vulnerability stemmed from a lack of permission checks, allowing authenticated users to...

3.3CVSS5.3AI score0.0013EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

Assimp 缓冲区错误漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained a buffer error vulnerability. This vulnerability stemmed from incorrect handling of the parameter aiString in the...

4.8CVSS4.9AI score0.00113EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

Nextcloud Forms 安全漏洞

NextCloud Forms is an open-source, hosted questionnaire and form creation tool developed by NextCloud. Versions of NextCloud Forms prior to 5.2.6 contained a security vulnerability due to a lack of permission checks. This vulnerability could allow users to request access to other users’ form...

6.5CVSS5.3AI score0.00291EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Nextcloud Teams 安全漏洞

NextCloud Teams is an open-source team collaboration and group management tool developed by NextCloud. There were security vulnerabilities in versions of NextCloud Teams between 32.0.0 and 32.0.9, as well as between 33.0.0 and 33.0.3. These vulnerabilities stemmed from the system automatically...

6.4CVSS5.4AI score0.00293EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from an operation on the parameter statusstatistic in the function formResetStatistic within the file...

9CVSS7.7AI score0.00472EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

Assimp 代码问题漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the parameter operator in the function glTF2::LazyDict within the library...

4.8CVSS5.9AI score0.00118EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Assimp 代码问题漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained code vulnerabilities. These vulnerabilities originated from a function in the TF File Handler component called...

4.8CVSS5.9AI score0.00115EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.13 views

Aider 代码问题漏洞

Aider is an open-source terminal AI pair programming tool developed by Aider AI. Version 0.86.3 of Aider contains a code vulnerability. This vulnerability stems from the requests.get operation in the apidocs.py file of the AWS EC2 Metadata Endpoint, which leads to server-side request forgeing...

6.5CVSS6.6AI score0.00209EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.26 views

Assimp 安全漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a function in the 4x4 Matrix Parser component called...

5.3CVSS6.2AI score0.00124EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Aider 代码注入漏洞

Aider is an open-source terminal AI pair programming tool developed by Aider AI. Version 0.86.3 of Aider contains a code injection vulnerability. This vulnerability arises from the operation editorcoder.run in the Architect Mode component, allowing for code injection. Attackers can launch attacks...

6.5CVSS6.7AI score0.00242EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.13 views

Tenda W12 安全漏洞

Tenda W12 is a high-performance wireless access point from the Chinese company Tenda. Version 3.0.0.74763 of Tenda W12 contains a security vulnerability. This vulnerability stems from a parameter in the function cgiWifiMacFilterSet, namely wifiMacFilterSet.macList.mac, which causes a stack buffer...

9CVSS7.7AI score0.00476EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.12 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP contains a security vulnerability. This vulnerability arises from the startwizard operation in the formSetEnableWizard function, resulting in a stack buffer overflow. An...

9CVSS7.7AI score0.00472EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

Edimax BR-6478AC 命令注入漏洞

The Edimax BR-6478AC is a dual-band Gigabit router produced by Edimax Corporation. The Edimax BR-6478AC version 1.23 has a command injection vulnerability. This vulnerability stems from an operation called “rootAPmac” in the function “formWlbasic” of the component “POST Request Handler”. This...

6.5CVSS6.5AI score0.01072EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

TRENDnet TEW-432BRP 命令注入漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. The TRENDnet TEW-432BRP 3.10B20 version has a command injection vulnerability. This vulnerability stems from the parameter enrollee in the function formWlanSetup located in the file /goform/formWlanSetup. This...

6.5CVSS6.6AI score0.01072EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.9 views

OFCMS SQL注入漏洞

OFCMS is a content management system developed by the Oufu individual developers. Versions of OFCMS 1.1.3 and earlier had a SQL injection vulnerability. This vulnerability originated from the parameter “system.user.query” in the function Query of the ComnController component’s ComnController.java...

6.5CVSS6.7AI score0.00196EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

TOTOLINK N300RH 安全漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. Version 6.1c.1353B20190305 of TOTOLINK N300RH contains a security vulnerability. This vulnerability stems from a function in the Web Management Interface component called “wireless.so,” where the parameter “KeyStr” ...

10CVSS7.5AI score0.01425EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. Version 3.10B20 of TRENDnet TEW-432BRP contains a security vulnerability. This vulnerability arises from the operation of the formPortFw function in the file/goform/formPortFw, where the parameter servername caus...

9CVSS7.7AI score0.00463EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.17 views

TRENDnet TEW-432BRP 命令注入漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. The TRENDnet TEW-432BRP 3.10B20 version has a command injection vulnerability. This vulnerability stems from the parameter sysCmd in the formSysCmd function within the goform/formSysCmd file, which allows for...

6.5CVSS6.6AI score0.0105EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.9 views

Code-Projects Online Music Site SQL注入漏洞

Code-Projects Online Music Site is an online music website developed by Code-Projects as open source. Version 1.0 of Code-Projects Online Music Site has a SQL injection vulnerability. This vulnerability arises from the parameter ID operations in the file/Administrator/PHP/AdminUpdateAlbum.php,...

5.8CVSS5.9AI score0.00206EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

WordPress plugin Advanced Custom Fields 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.3CVSS5.9AI score0.00402EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Tenda W12 安全漏洞

Tenda W12 is a high-performance wireless access point from the Chinese company Tenda. Version 3.0.0.74763 of Tenda W12 contains a security vulnerability. This vulnerability stems from a parameter “sec” in the function cgiSysTimeInfoSet in the file /bin/httpd, which leads to a stack buffer overflo...

9CVSS7.4AI score0.00503EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Code-Projects Visitor Management System SQL注入漏洞

The Code-Projects Visitor Management System is an open-source visitor management system developed by Code-Projects. Version 1.0 of the code-projects Visitor Management System has a SQL injection vulnerability. This vulnerability arises from the parameter handling in the file/vms/php/phone0.php,...

6.5CVSS6.6AI score0.00244EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

Edimax BR-6478AC 安全漏洞

The Edimax BR-6478AC is a dual-band Gigabit router produced by Edimax Corporation. Version 1.23 of the Edimax BR-6478AC contains a security vulnerability. This vulnerability stems from an operation involving the parameters ShareName/SelectName in the formUSBFolder function within the component PO...

9CVSS7.7AI score0.00463EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the operation of the handleamfinfo function in the nf-instances...

5.3CVSS5.8AI score0.00277EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.14 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from a parameter in the function formWlanSetup within the file/goform/formWlanSetup, where enrollee causes a stack...

9CVSS7.4AI score0.00472EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.9 views

Assimp 代码问题漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained code vulnerabilities. These vulnerabilities originated from a function in the glTFImporter component, specifically the function...

4.8CVSS5.9AI score0.00113EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.9 views

Bdtask Multi-Store Inventory Management System 代码问题漏洞

Bdtask Multi-Store Inventory Management System is an inventory management system for multiple stores developed by the Bangladeshi company Bdtask. Version 1.0 of the Bdtask Multi-Store Inventory Management System has code vulnerabilities. These vulnerabilities stem from the parameter module in the...

6.5CVSS6.7AI score0.00206EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.12 views

Aider SQL注入漏洞

Aider is an open-source terminal AI pair programming tool developed by Aider AI. Version 0.86.3 of Aider contains a SQL injection vulnerability, which arises from the Code Generation Workflow component causing SQL injections. Attackers can launch attacks remotely due to this vulnerability...

6.5CVSS6.7AI score0.00204EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.14 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from a parameter in the function formSysCmd, specifically the submit-url field in the file/goform/formSysCmd, which...

9CVSS7.7AI score0.00472EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Code-Projects Online Hospital Management System SQL注入漏洞

Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. Version 1.0 of the code-projects Online Hospital Management System has a SQL injection vulnerability. This vulnerability arises from an unknown function parameter in the...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

School Student Management System 安全漏洞

School Student Management System is an open-source tool developed by Binary Brains for managing school student information. Version 1e70e5ad1125b86dca4ee086eb6bb121f17708b6 of the School Student Management System had a security vulnerability. This vulnerability stemmed from the operation of...

6.5CVSS6.6AI score0.00243EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.12 views

Code-Projects Online Music Site SQL注入漏洞

Code-Projects Online Music Site is an online music website developed by Code-Projects as open source. Version 1.0 of Code-Projects Online Music Site has a SQL injection vulnerability. This vulnerability arises from the parameter ID operations in the file/Administrator/PHP/AdminEditAlbum.php,...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Edimax BR-6478AC 安全漏洞

The Edimax BR-6478AC is a dual-band Gigabit router produced by Edimax Corporation. Version 1.23 of the Edimax BR-6478AC contains a security vulnerability. This vulnerability stems from an operation on the parameter “pppUserName” in the function formWanTcpipSetup of the component POST Request...

9CVSS7.7AI score0.00472EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

Tenda W12 安全漏洞

Tenda W12 is a high-performance wireless access point from the Chinese company Tenda. Version 3.0.0.74763 of Tenda W12 contains a security vulnerability. This vulnerability stems from a parameter in the function setlocaltime0 in the file/bin/httpd, where the Time value causes a stack buffer...

9CVSS7.5AI score0.00503EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Version 2026.3.1 of OTRS contains a security vulnerability. This vulnerability arises from improper default settings, which automatically enable the “Is visible for customer” flag for ticket articles, preventing users fro...

5.7CVSS5.8AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.12 views

SourceCodester Hospitals Patient Records Management System SQL注入漏洞

SourceCodester Hospitals Patient Records Management System is an open-source hospital medical record management system developed by SourceCodester. Version 1.0 of the SourceCodester Hospitals Patient Records Management System contains a SQL injection vulnerability. This vulnerability arises from...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Bdtask Multi-Store Inventory Management System SQL注入漏洞

The Bdtask Multi-Store Inventory Management System is an inventory management system developed by the Bdtask company in Bangladesh. Version 1.0 of the Bdtask Multi-Store Inventory Management System has a SQL injection vulnerability. This vulnerability arises from the accountsreportsearch function...

5.8CVSS5.9AI score0.00206EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.14 views

OpenCats SQL注入漏洞

OpenCats is an open-source recruitment process management system developed by OpenCats. Versions of OpenCats prior to 0.9.7.4 had a SQL injection vulnerability. This vulnerability stemmed from the sortDirection parameter in the DataGrid component, which allowed SQL injections. It was possible for...

8.5CVSS5.9AI score0.00263EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

Dolibarr ERP CRM 安全漏洞

Dolibarr ERP CRM is an open-source enterprise and sales management system developed by Dolibarr. Versions 23.0.0, 23.0.1, and 23.0.2 of Dolibarr ERP CRM contain security vulnerabilities. These vulnerabilities stem from unknown functions in the file htdocs/user/messaging.php, which allow...

5.3CVSS5.7AI score0.00223EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.17 views

Aider 安全漏洞

Aider is an open-source terminal AI pair programming tool developed by Aider AI. Version 0.86.3 of Aider contains a security vulnerability. This vulnerability stems from the git-commit-verify operation in the Pre-commit Hook Handler component, which causes the protection mechanism to fail. An...

6.5CVSS6.7AI score0.00228EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.12 views

Orthanc Explorer 2 代码注入漏洞

Orthanc Explorer 2 is a user interface plugin for the Orthanc Server’s open-source medical imaging management system. Versions of Orthanc Explorer 2 prior to 1.12.0 contained a code injection vulnerability. This vulnerability stemmed from the param operation in the File...

5.3CVSS5.7AI score0.00278EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

Tenda W12 安全漏洞

Tenda W12 is a high-performance wireless access point from the Chinese company Tenda. Version 3.0.0.74763 of Tenda W12 contains a security vulnerability. This vulnerability stems from a function in the Web Management Interface component called cgiSysWebTimeoutSet, where the parameter webovertime...

7.1CVSS6.7AI score0.00368EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Edimax BR-6478AC 安全漏洞

The Edimax BR-6478AC is a dual-band Gigabit router produced by Edimax Corporation. Version 1.23 of the Edimax BR-6478AC contains a security vulnerability. This vulnerability stems from a buffer overflow caused by the parameter UserName/Password in the formUSBAccount function within the component...

9CVSS7.5AI score0.00463EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

OFFIS DCMTK 安全漏洞

OFFIS DCMTK is a collection of libraries and applications developed by the German company OFFIS that implement most DICOM standards. It includes software for checking, processing, and converting DICOM image files, handling offline media, sending and receiving images via network connections, as we...

6.5CVSS6.7AI score0.00247EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.13 views

Tenda W12 安全漏洞

Tenda W12 is a high-performance wireless access point from the Chinese company Tenda. Version 3.0.0.74763 of Tenda W12 contains a security vulnerability. This vulnerability stems from a parameter in the function cgistaKickOff, located in the file /bin/httpd, which causes a stack buffer overflow...

9CVSS7.7AI score0.00476EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

School Student Management System 授权问题漏洞

School Student Management System is an open-source tool developed by Binary Brains for managing school student information. The School Student Management System has a vulnerability related to authorization. This vulnerability stems from the parameter role in the function signauthcookie of the...

7.5CVSS7.1AI score0.00409EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.12 views

OpenCats SQL注入漏洞

OpenCats is an open-source recruitment process management system developed by OpenCats. Version OpenCATS 0.9.1a contains a SQL injection vulnerability. This vulnerability stems from SQL injections in the DataGrid filter processing. It may allow authenticated attackers to bypass column filtering...

8.6CVSS6.1AI score0.00249EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

SourceCodester Hospitals Patient Records Management System SQL注入漏洞

SourceCodester Hospitals Patient Records Management System is an open-source hospital medical record management system developed by SourceCodester. Version 1.0 of the SourceCodester Hospitals Patient Records Management System has a SQL injection vulnerability. This vulnerability arises from the...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References7
Total number of security vulnerabilities195539