Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

BankPro E-Service Service Center 安全漏洞

The BankPro E-Service Service Center is a digital banking service management platform provided by BankPro E-Service in Taiwan, China. There is a security vulnerability in the BankPro E-Service Service Center. This vulnerability stems from insecure direct object references, which may allow...

7.1CVSS5.8AI score0.00259EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

ASUS System Control Interface 安全漏洞

ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a security vulnerability in the ASUS System Control Interface, which stems from improper allocation of permissions for critical resources. This vulnerability could allow local users...

7.3CVSS6.1AI score0.00135EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

Waterfall WF-500 安全漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. A security vulnerability exists in the Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040; this vulnerability stems from...

9.1CVSS5.8AI score0.00437EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1...

4.8CVSS5.7AI score0.00205EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

Waterfall WF-500 安全漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. There are security vulnerabilities in the Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040; these vulnerabilities stem fr...

8.7CVSS5.9AI score0.00434EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

Pencak Silat Digital Scoring SQL注入漏洞

Pencak Silat Digital Scoring is a digital scoring system for martial arts competitions developed by Yudha Yogasara. Version 18.10 of Pencak Silat Digital Scoring contains an SQL injection vulnerability. This vulnerability arises from injecting malicious code through the idpartai parameter, which...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

JetBrains IntelliJ IDEA 操作系统命令注入漏洞

JetBrains IntelliJ IDEA is an integrated development environment for the Java language developed by the Czech company JetBrains. Versions of JetBrains IntelliJ IDEA prior to version 2026.1.1 had a vulnerability related to operating system command injection, which stemmed from filename completion...

7.8CVSS5.8AI score0.00455EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

Waterfall WF-500 安全漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. A security vulnerability exists in the Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040. This vulnerability stems from an...

9.8CVSS5.9AI score0.00407EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

WordPress plugin Link Whisper Free 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.2CVSS5.9AI score0.00233EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

JetBrains IntelliJ IDEA 安全漏洞

JetBrains IntelliJ IDEA is an integrated development environment for the Java language developed by the Czech company JetBrains. Versions of JetBrains IntelliJ IDEA prior to version 2026.1 contained security vulnerabilities, which were caused by template injection in the Copyright plugin,...

7.8CVSS5.9AI score0.00135EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

JetBrains IntelliJ IDEA 代码问题漏洞

JetBrains IntelliJ IDEA is an integrated development environment for the Java language developed by the Czech company JetBrains. Versions of JetBrains IntelliJ IDEA prior to 2026.1 contained code vulnerabilities due to XML external entity injections in the UI Designer form parser...

3.3CVSS5.9AI score0.00109EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

Klever Blockchain 安全漏洞

Klever Blockchain is a high-performance blockchain network implemented by Klever in open source. Versions of Klever Blockchain prior to 1.7.17 contained security vulnerabilities. These vulnerabilities stemmed from a remote unauthenticated denial-of-service issue in the Batch.Decompress function...

8.6CVSS5.8AI score0.0038EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

Bolt CMS 安全漏洞

Bolt CMS is an open-source content management system based on PHP, developed by Bolt CMS. Versions of Bolt CMS 3.7.0 and earlier contain security vulnerabilities, which stem from SQL injection vulnerabilities in the order parameter of the content list page. Attackers with low privileges and...

6.5CVSS5.9AI score0.00241EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

liboqs 缓冲区错误漏洞

Liboqs is an open-source project under Open Quantum Safe, which is an open-source C library for quantum secure encryption algorithms. Versions of Liboqs prior to 0.16.0 contained a buffer error vulnerability. This vulnerability stems from out-of-bounds reads in the XMSS and XMSS^MT state signatur...

5.3CVSS6AI score0.00305EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.16 views

arcane 操作系统命令注入漏洞

Arcane is an open-source Docker management software developed by Arcane. Versions of Arcane 1.18.1 and earlier contain a vulnerability related to operating system command injection. This vulnerability stems from the path cleaner in the GET /environments/id/volumes/volumeName/browse endpoint not...

6.3CVSS6.1AI score0.0021EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

Manga/Image Translator 安全漏洞

Manga/Image Translator is a text-to-image translation tool developed by zyddnys’ individual developers. Manga/Image Translator has a security vulnerability, which stems from insecure deserialization during the shared API server mode. This vulnerability could allow remote attackers to execute...

9.8CVSS6.2AI score0.00622EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

rustfs 访问控制错误漏洞

RustFS is a high-performance object storage system developed by RustFS. Versions prior to RustFS 1.0.0-beta.2 contained an access control vulnerability. This vulnerability stemmed from improper validation of the PUT /rustfs/admin/v3/import-iam endpoint, allowing users with the ImportIAMAction...

9.3CVSS5.8AI score0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

arcane 路径遍历漏洞

Arcane is an open-source Docker management software developed by Arcane. Versions of Arcane prior to 1.19.4 contained a path traversal vulnerability. This vulnerability stemmed from ProjectService.GetProjectFileContent returning Docker Compose containing instructions before performing path...

7.7CVSS5.9AI score0.00307EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

Trilium Notes 安全漏洞

Trilium Notes is a hierarchical note application developed by Zadam, a personal developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.2 contained a security vulnerability. This vulnerability stemmed from the import of malicious ZIP archives whe...

9.3CVSS6.5AI score0.0017EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

arcane 安全漏洞

Arcan is an open-source Docker management software developed by Arcane. Versions of Arcan prior to 1.19.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of an administrator authorization check for the PUT /api/environments/id/templates/variables endpoint. This...

8.8CVSS5.8AI score0.00245EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

Home Assistant 安全漏洞

Home Assistant is an open-source family automation management system developed by Home Assistant. This system is primarily used to control household automation devices. Versions of Home Assistant prior to 2026.4.1 for iOS and 2026.4.4 for Android have security vulnerabilities. These vulnerabiliti...

8.3CVSS6.1AI score0.00136EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

libsoup 安全漏洞

Libsoup is a GNOME project’s HTTP client/server library. Libsoup has a security vulnerability, which stems from an error in the unsigned-to-signed conversion in the soupbodyinputstreamreadchunked function. This vulnerability could allow remote attackers to bypass security controls by sending...

4.8CVSS5.8AI score0.00872EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

Danelec Marine Danelec MacGregor Voyage Data Recorder 安全漏洞

The Danelec Marine Danelec MacGregor Voyage Data Recorder is a series of ship navigation data recording systems developed by Danelec Marine. There is a security vulnerability present in the Danelec Marine Danelec MacGregor Voyage Data Recorder, which stems from the use of a hash method for storin...

5.9CVSS5.8AI score0.00141EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

WordPress plugin Plus Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.6AI score0.00273EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1...

6.5CVSS5.9AI score0.00208EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.13 views

Red Hat Quay 安全漏洞

Red Hat Quay is a container image repository platform operated by the American company Red Hat. Red Hat Quay has a security vulnerability; this vulnerability stems from the fact that GitLab’s OAuth verifier transmits sensitive credentials as plain-text parameters in URL queries, which may lead to...

2.7CVSS5.8AI score0.00196EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

Waterfall WF-500 操作系统命令注入漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. Version 7.9.1.0 R2502171040 of the Waterfall WF-500 contains an operating system command injection vulnerability. This vulnerability...

8.6CVSS6.1AI score0.00882EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2025.11.2...

4.3CVSS5.9AI score0.00669EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

WordPress plugin StatCounter 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.8AI score0.00305EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP contains a security vulnerability. This vulnerability stems from a stack buffer overflow in the parameter peerPin within the goform/formWPS file, which could allow remote...

9CVSS7.6AI score0.00853EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

Indian Motorcycle Scout Bobber + Tech 安全漏洞

The Indian Motorcycle Scout Bobber + Tech is a mid-level cruiser motorcycle produced by the Japanese company Indian Motorcycle. The Scout Bobber + Tech 2025 has a security vulnerability caused by weak authentication in the Wireless Control Module. This vulnerability could allow neighboring networ...

4.3CVSS5.8AI score0.00103EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

JetBrains TeamCity 输入验证错误漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Prior to JetBrains TeamCity 2026.1, there was a...

6.1CVSS5.9AI score0.00164EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1.1...

8.2CVSS5.7AI score0.00252EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.15 views

Red Hat assisted-service 安全漏洞

Red Hat Assisted-Service is a backend service component provided by Red Hat Inc. in the United States, which offers REST APIs. It primarily serves the OpenShift ecosystem. There is a security vulnerability in Red Hat Assisted-Service. This vulnerability arises from writing the original key conten...

6.3CVSS5.8AI score0.00182EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

FreeScout 授权问题漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.221 contained an authorization vulnerability. This vulnerability stemmed from a lack of email membership checks in the...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

FastGPT 代码问题漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT prior to 4.15.0-beta1 contained code vulnerabilities. These vulnerabilities were caused by server-side request forgery, allowing authenticated attackers to...

7.7CVSS6AI score0.00263EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

Emlog Pro 安全漏洞

Emlog Pro is an open-source blog system developed by Emlog. Version 2.6.9 of Emlog Pro contains a security vulnerability, which stems from a path traversal vulnerability in the template upload function. This vulnerability allows authenticated administrators to execute arbitrary PHP code. By...

7.2CVSS6.1AI score0.00782EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.15 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.18 contained security vulnerabilities. These vulnerabilities stemmed from a range-bypass vulnerability in the Gateway chat.send route, allowing clients with restricted ranges to...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.14 views

FreeRDP 安全漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.26.0 contained security vulnerabilities. These vulnerabilities stemmed from malicious RDP servers that could trigger a client heap buffer overflow by sending specially...

8.8CVSS6.1AI score0.0042EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

Shibby Tomato 安全漏洞

Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Versions of Shibby Tomato prior to 1.28 contained security vulnerabilities. These vulnerabilities were caused by a stack buffer overflow in the tomatoups.cgi file within the UPS service component, which...

9CVSS7.5AI score0.00438EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

Waterfall WF-500 操作系统命令注入漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. The version 7.9.1.0 R2502171040 of the Waterfall WF-500 contains an operating system command injection vulnerability. This...

9.8CVSS6.1AI score0.0138EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.16 views

SillyTavern 安全漏洞

SillyTavern is a frontend interface for the SillyTavern open-source language model. Versions of SillyTavern prior to 1.18.0 contained security vulnerabilities. These vulnerabilities stemmed from automatic login using the Remote-User and X-Authentik-Username HTTP headers, without verifying whether...

9.8CVSS5.8AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

Dokploy 安全漏洞

Dokploy is an open-source software developed by Dokploy itself. Versions of Dokploy prior to 0.26.5 contain security vulnerabilities. These vulnerabilities stem from path traversal during the application deployment process, which allows authenticated users to write arbitrary files on the file...

9.9CVSS6.2AI score0.0066EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

Naviwebs Navigate CMS 路径遍历漏洞

Naviwebs Navigate CMS is an open-source content management system developed by Naviwebs Inc. In the version 2.8.5 of Naviwebs Navigate CMS, there is a path traversal vulnerability. This vulnerability stems from the injection of directory traversal sequences in the id parameter, which may allow...

7.1CVSS5.9AI score0.00565EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

Red Hat Quay 代码问题漏洞

Red Hat Quay is a container image repository platform operated by the American company Red Hat. Red Hat Quay has code-related vulnerabilities; these vulnerabilities stem from the LDAP and SMTP authentication functions of the config-tool, which do not filter IP or host addresses. This may allow...

4.1CVSS5.8AI score0.00186EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

Waterfall WF-500 操作系统命令注入漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. Version 7.9.1.0 R2502171040 of the Waterfall WF-500 TX and RX Hosts contains an operating system command injection vulnerability. Thi...

9.8CVSS6.1AI score0.0138EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

TP-Link TL-SG108PE 安全漏洞

The TP-Link TL-SG108PE is an 8-port Gigabit Ethernet intelligent managed PoE switch from TP-Link Corporation. The TP-Link TL-SG108PE v5 has a security vulnerability, which stems from improper cleaning of SYSNAM configuration parameters during the file configuration import process in the web...

5.3CVSS5.6AI score0.00239EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.13 views

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a browser-based error tracking and project management software developed by Czech company JetBrains. This software features error tracking, workflow creation, and project progress monitoring. Versions of JetBrains YouTrack prior to 2026.1.13162 contained security...

7.5CVSS5.8AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

JetBrains YouTrack 跨站脚本漏洞

JetBrains YouTrack is a browser-based error tracking and project management software developed by Czech company JetBrains. This software features error tracking, the ability to create workflows, and monitoring of project progress. Versions of JetBrains YouTrack prior to 2026.1.13162 contained a...

8.7CVSS5.6AI score0.00199EPSS
Exploits0References1
Total number of security vulnerabilities195539