Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained security vulnerabilities. These vulnerabilities stemmed from the fact that GET...

8.1CVSS5.8AI score0.00257EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained security vulnerabilities. These vulnerabilities stemmed from the...

9CVSS5.8AI score0.00292EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

dalfox 代码问题漏洞

Dalfox is an automated cross-site script scanning tool developed by HAHWUL. Versions of Dalfox prior to 2.13.0 contained code vulnerabilities. These vulnerabilities stemmed from the REST API server mode, where the output, output-all, and debug fields were deserialized directly from the attacker’s...

8.2CVSS5.9AI score0.00243EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Budibase 代码问题漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.35.10 contained code-related vulnerabilities. These vulnerabilities stemmed from the plugin UR...

7.7CVSS5.8AI score0.00263EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Bird-lg-go 资源管理错误漏洞

Bird-lg-go is a BGP routing query tool developed by Yuhui Xu. Versions of Bird-lg-go prior to 1.4.5 contained a resource management vulnerability. This vulnerability stemmed from the apiHandler not limiting the maximum read size when processing the JSON payload provided by users. As a result,...

7.5CVSS5.8AI score0.00441EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

elFinder SQL注入漏洞

ElFinder is an open-source web file manager developed by Studio 42. Versions of ElFinder prior to 2.1.68 contained a SQL injection vulnerability. This vulnerability stemmed from an SQL injection flaw in the MySQL volume driver, allowing any logged-in user to inject SQL statements through a...

8.8CVSS5.9AI score0.00243EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.7 views

Streamlink 安全漏洞

Streamlink is an open-source command-line tool developed by Streamlink that pushes live streaming media to video players. Versions of Streamlink prior to 8.4.0 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the HLS and DASH parsers did not validate the URI...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/Bearer-token authorization when the NEF module mounted the 3gpp-traffic-influence...

9.4CVSS5.8AI score0.00311EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

free5GC 代码问题漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained code vulnerabilities. These vulnerabilities stemmed from the UDR DELETE handler’s type assertion panic when the ueId was not present, which could potentially result in a 5...

6.5CVSS5.9AI score0.0042EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the UDM component failing to validate the supi path parameters of the six GET processors in the nudm-sdm...

8.7CVSS5.8AI score0.00324EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

GuardDog 安全漏洞

GuardDog is an open-source CLI tool developed by GuardDog, which allows for the identification of malicious PyPI packages. Versions 1.0.0 to 2.9.0 of GuardDog contain security vulnerabilities. These vulnerabilities stem from the use of blind strings in the programmatic remote project scanning...

8.2CVSS5.8AI score0.00198EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Nocturne Memory 访问控制错误漏洞

Nocturne Memory is an AI long-term memory server developed by Niwato. Versions prior to Nocturne Memory 2.4.1 contained an access control vulnerability. This vulnerability occurred when the APITOKEN was not set or was empty, allowing the BearerTokenAuthMiddleware to bypass identity verification f...

8.7CVSS5.8AI score0.00215EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from not restricting the size of BPF program signatures. This vulnerability may cause the kernel to...

5.8AI score0.00121EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the starfiveaesaeaddoonereq function failing when sgcopytobuffer or starfiveaeshwinit does not release...

5.8AI score0.00122EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an iterator error during driver separation in the crypto/inside-secure/eip93 module. This error...

5.8AI score0.00121EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the GETDATADIRECTSYSFSPATH function in the RDMA/mlx5 driver. This function does not release the...

5.8AI score0.00155EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a memory leak in the amdxdnaubufmap function. This issue occurs when operations like...

5.8AI score0.00153EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect processing of out-of-order data during the mptcp receive buffer expansion. This can...

6AI score0.00153EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect use of kfree to release memory allocated by kvcalloc in the amdgpugmcgetnpsmemrange...

5.8AI score0.00163EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

pam_usb 参数注入漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contained a parameter injection vulnerability. This vulnerability stems from the use of specially crafted UUIDs in configurations e.g., $id/tmp/rce,...

8.2CVSS6.2AI score0.00154EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

pam_usb 安全漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained security vulnerabilities. These vulnerabilities occurred when the denyremote setting was set to false, causing the PAMRHOST check to be...

8.1CVSS5.8AI score0.00342EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Himmelblau 安全漏洞

Himmelblau is an open-source Azure Entra ID authentication module developed by Himmelblau. Versions of Himmelblau from 2.0.0 to 3.1.5, as well as versions prior to 2.3.11, contained security vulnerabilities. These vulnerabilities stemmed from the tokenvalidate function, which did not verify wheth...

8.4CVSS5.8AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.7 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained security vulnerabilities. These vulnerabilities stemmed from the webhook...

7.5CVSS5.8AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Budibase 代码问题漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained code-related vulnerabilities. These vulnerabilities stemmed from the OAuth2 tok...

7.7CVSS5.8AI score0.00217EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

BentoML 安全漏洞

BentoML is an open-source model service library developed by BentoML. It is used to build high-performance and scalable artificial intelligence applications using Python. Versions of BentoML prior to 1.4.39 contained a security vulnerability. This vulnerability stemmed from the lack of escaping f...

8.8CVSS5.9AI score0.00317EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Nx Console 安全漏洞

Nx Console is an open-source repository management interface that supports visual workflows and AI enhancements. Version Nx Console 18.95.0 contains a security vulnerability. This vulnerability stems from the release of a malicious version on the Visual Studio Marketplace and OpenVSX, which could...

9.8CVSS5.8AI score0.0185EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

RabbitMQ 安全漏洞

RabbitMQ is an open-source, feature-rich multi-protocol message and streaming media broker. There were security vulnerabilities in versions of RabbitMQ from 3.7.0 to 4.1.2, as well as in version 4.0.13. Attackers could exploit these vulnerabilities to execute cross-site scripting attacks...

5.6CVSS5.8AI score0.0018EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fbnic network card driver not verifying changes to the MTU. This vulnerability may cause...

5.8AI score0.00126EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the synclinked regs function in bpf. When this function copies the id of knownreg, it may cause a...

7.8CVSS5.8AI score0.00172EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iommusvaunbinddevice function in accel/amdxdna, where it accesses iommumm after releasing the...

7.8CVSS5.8AI score0.00173EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a deadlock issue between devlink and netdev instances. Due to an error in the lock order during t...

5.8AI score0.00118EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

go-git 路径遍历漏洞

go-git is an open-source, highly scalable Git implementation written entirely in Go. Versions of go-git prior to 5.19.1 and 6.0.0-alpha.4 contained a path traversal vulnerability. This vulnerability stemmed from path validation issues, which could allow malicious data from a specially crafted...

5.4CVSS5.8AI score0.00297EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

go-git 安全漏洞

go-git is an open-source, highly scalable Git implementation written entirely in Go. Versions of go-git prior to 5.19.1 and 6.0.0-alpha.4 contained security vulnerabilities. These vulnerabilities stemmed from the use of SSH for transmitting commands remotely; the repository path was enclosed in...

2.3CVSS5.8AI score0.00365EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.17 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the uninitialized data in the RTMGETNEIGH response message in the net/mctp module. This could lead to t...

5.8AI score0.00128EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ipvs module failing to skip the extended header when calculating the IPv6 checksum. This coul...

5.8AI score0.0016EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

HTTP::Daemon 安全漏洞

HTTP::Daemon is a simple HTTP class developed under the open-source license of libwww-perl. Versions of HTTP::Daemon prior to version 6.17 contained security vulnerabilities. These vulnerabilities stemmed from the use of the Perl’s 2-arg open method to open string parameters, which could lead to ...

9.1CVSS5.8AI score0.01452EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from a problem with reusing inputs after they were released, which could allow a remote attacker who has compromised...

8.3CVSS5.9AI score0.00178EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability, which was caused by an improper implementation in the ANGLE framework. This vulnerability could allow remote attackers to execute arbitrary code within a...

8.8CVSS6.2AI score0.00225EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Google MCP Toolbox for Databases 安全漏洞

Google MCP Toolbox for Databases is an open-source Model Context Protocol MCP server developed by Google, Inc. There is a security vulnerability in Google MCP Toolbox for Databases. This vulnerability arises from the susceptibility to DNS redirection attacks when using SSE, and the hard-coded...

9.4CVSS5.8AI score0.00279EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.25 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after they were released in the network, which could allow remote attackers to execute...

8.8CVSS6.2AI score0.00301EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a buffer overflow vulnerability, which was caused by out-of-bound writes from ANGLE. This vulnerability could allow remote attackers to exploit heap corruption through specially...

8.8CVSS6.1AI score0.00243EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.16 views

OpenStack Swift 安全漏洞

OpenStack Swift is an open-source distributed object storage system under OpenStack. There were security vulnerabilities in versions of OpenStack Swift prior to 2.36.2 and 2.37.2. These vulnerabilities stemmed from the s3api middleware handling truncated aws-chunked PUT request bodies, leading to...

7.1CVSS5.8AI score0.00322EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WordPress plugin CDN Linker lite 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.17 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymbCONNECT24 is an internal...

7.1CVSS5.9AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

WordPress plugin Islamic Database 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.8AI score0.00187EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the use of GPU components that were reused after being released, potentially allowing remote attackers who had...

8.3CVSS5.9AI score0.00214EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the Network component reusing resources after they were released, which could allow remote attackers to execute...

8.8CVSS6.2AI score0.00234EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient validation of untrusted inputs by UI components, which could allow a remote attacker...

8.3CVSS5.9AI score0.00228EPSS
Exploits0References3
Total number of security vulnerabilities195539