Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability, which originated from improper implementations in ANGLE. This vulnerability could allow remote attackers to execute out-of-bound memory access through...

4.3CVSS5.9AI score0.00234EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

8.7CVSS5.9AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from a problem with the WebAudio component, where objects were reused after being released. This could allow remote...

8.8CVSS6.2AI score0.00383EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WordPress plugin MinhNhut Link Gateway 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.4CVSS5.6AI score0.00237EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

WordPress plugin AWP Classifieds 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

ZTE ZXUniPOS NDS-LTE 安全漏洞

ZTE ZXUniPOS NDS-LTE is an operator network positioning platform developed by ZTE Corporation. ZTE ZXUniPOS NDS-LTE has a security vulnerability, which stems from ineffective access control. This vulnerability may allow unauthorized users to access system data that exceeds their permissions, such...

9.1CVSS5.8AI score0.00293EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Jenkins LDAP Plugin 安全漏洞

The Jenkins LDAP Plugin is an open-source Jenkins directory service authentication plugin developed by Jenkins. The Jenkins LDAP Plugin version 807.v7d7de30930cf and earlier versions have security vulnerabilities, which stem from adherence to LDAP references...

6.6CVSS5.8AI score0.00285EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

WordPress plugin Active Products Tables for WooCommerce SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

9.3CVSS5.8AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

WordPress plugin Two-factor authentication 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.00139EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Synology Active Backup for Business Agent 访问控制错误漏洞

Synology Active Backup for Business Agent is an enterprise data backup and recovery management platform developed by Synology, a Chinese company. Versions of Synology Active Backup for Business Agent prior to 3.1.0-4967 contained a access control vulnerability caused by a source verification erro...

6.1CVSS5.8AI score0.00086EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of WebRTC after it was released, which could allow remote attackers to execute arbitrary code within a...

8.8CVSS6.2AI score0.00355EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

8.7CVSS5.9AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

7.1CVSS5.9AI score0.00324EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome on Windows before 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of ANGLE components after their release, which could allow remote attackers to exploit the...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymbCONNECT24 is an internal...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.17 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a buffer overflow vulnerability, which was caused by out-of-bounds writes in the V8 engine. This vulnerability could allow remote attackers to execute arbitrary code within a sandbo...

8.8CVSS6.5AI score0.00291EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

UFO³ 安全漏洞

UFO³ is an open-source cross-device collaboration multi-agent task orchestration tool developed by Microsoft. Version UFO³ 3.0.1-4-ge2626659 contains security vulnerabilities. These vulnerabilities stem from the WebSocket control plane’s reliance on identity and role fields provided by clients,...

8.8CVSS5.8AI score0.00502EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the Media component, which could allow remote attackers to obtain...

5.3CVSS5.8AI score0.00182EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from a problem with the ANGLE component, where reusing resources after release could lead to a situation where a remo...

8.3CVSS5.9AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

dalfox 安全漏洞

Dalfox is an automated cross-site script scanning tool developed by HAHWUL. Versions of Dalfox prior to 2.13.0 contained security vulnerabilities. These vulnerabilities stemmed from the REST API server mode, where the custom-payload-file field directly deserialized from the attacker’s request bod...

7.5CVSS5.8AI score0.00251EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability caused by an XML integer overflow. This vulnerability could allow remote attackers who have compromised rendering processes to execute a sandbox escape...

8.3CVSS6.1AI score0.00214EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Frappe HR 安全漏洞

Frappe HR is an open-source human resources management system developed by Frappe. Versions of Frappe HR prior to 16.5.0 contained security vulnerabilities. These vulnerabilities were caused by improper authorization checks, which could allow authorized employees to access the leave details of...

6.5CVSS5.8AI score0.00201EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

GitLab Enterprise Edition(EE) 安全漏洞

GitLab Enterprise Edition EE is a content management system developed by the American company GitLab. There were security vulnerabilities in versions of GitLab Enterprise Edition EE from 18.7 to 18.10.7, from version 18.11 to 18.11.4, and from version 19.0 to 19.0.1. These vulnerabilities stemmed...

4.3CVSS5.8AI score0.00196EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

WordPress plugin PropertyHive 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.6AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

WordPress plugin WPCS 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.6AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Gladinet Triofox 安全漏洞

Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox, which stems from listening on the TCP port 7878 and processing URL paths that start with /resources, /status, /sysinfo,...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Synology Surveillance Station 路径遍历漏洞

Synology Surveillance Station is an application developed by Synology, a Chinese company. It provides intelligent monitoring and video management tools to protect your valuable assets. Versions of Synology Surveillance Station prior to 9.2.2-11575 and 9.2.2-9575 have a path traversal vulnerabilit...

2.7CVSS5.8AI score0.00325EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ext4 file system failing to discard expired interval caches when splitting intervals. This...

5.8AI score0.0016EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

libjxl 安全漏洞

libjxl is an open-source implementation of the JPEG XL image format. Version 0.12.0 of libjxl contains a security vulnerability, which stems from a heap buffer overflow caused by a specially crafted PBM image in the jxl::extras::DecodeImagePNM function...

7.3CVSS6AI score0.00367EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.16 views

WordPress plugin WPComplete 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alarms. MB Connect Line mymbCONNECT24 is an internal...

8.7CVSS5.9AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WordPress plugin HBook 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.2CVSS5.8AI score0.0019EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

IBM App Connect Enterprise 安全漏洞

IBM App Connect Enterprise is an operating system developed by IBM Corporation. IBM App Connect Enterprise combines existing, industry-trusted IBM Integration Bus technology with IBM App Connect Professional and new cloud-native technologies, providing a platform that meets the comprehensive...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of objects after their release in the DOM, which could allow remote attackers to execute arbitrary cod...

8.8CVSS6.2AI score0.00252EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability, which was caused by improper implementation of the Tint component. This vulnerability could allow remote attackers to escape the sandbox through specially...

9.6CVSS5.8AI score0.00243EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

OpenLearnX 数据伪造问题漏洞

OpenLearnX is a decentralized adaptive learning and evaluation platform developed by th30d4y. Versions of OpenLearnX prior to 2.0.4 had a data manipulation vulnerability, which stemmed from a critical authentication flaw. This vulnerability could allow unauthorized access to user accounts under...

6.9CVSS5.7AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Anchor 输入验证错误漏洞

Anchor is a lightweight blog system developed by OtterSec. Versions 1.0.0 to 1.0.2 of Anchor contained a vulnerability related to input validation errors. This vulnerability arose from the use of Pubkey::default when comparing IDs within the Program type implementation. As a result, the system’s...

8.2CVSS5.9AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.7 views

claude-code-cache-fix 代码注入漏洞

claude-code-cache-fix is a caching optimization tool developed by Chris Nighswonger. Versions 3.5.0 to 3.5.2 of claude-code-cache-fix had a code injection vulnerability. This vulnerability stemmed from the use of tools/quota-statusline.sh, which directly inserted the hook’s standard input payload...

8.6CVSS5.9AI score0.00188EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

pam_usb 竞争条件问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.0 contained a race condition vulnerability. This vulnerability stemmed from the use of non-reentrant functions like strtok, which led to race conditions...

6.3CVSS5.9AI score0.00108EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

pam_usb 代码问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 have code vulnerabilities. This vulnerability stems from the fact that in src/device.c, the return values of udisksdrivegetserial, udisksdrivegetvendo...

4.6CVSS5.9AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

pam_usb 安全漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained security vulnerabilities. These vulnerabilities stemmed from the silent ignoring of EACCES errors in the src/evdev.c file. This could lead t...

4.4CVSS5.8AI score0.00128EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.15 views

pam_usb 输入验证错误漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained a input validation vulnerability. This vulnerability stems from the lack of an upper limit on the number of ndevices being counted in...

6.7CVSS5.9AI score0.00149EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Pi.Alert 代码注入漏洞

Pi.Alert is a WIFI/LAN intrusion detector developed by the individual developer jokob-sk. Versions of Pi.Alert prior to version 2026-05-07 contained a code injection vulnerability. This vulnerability stemmed from the SaveConfigFile endpoint, which directly wrote user-provided numerical...

9.8CVSS6.4AI score0.00314EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

systeminformation 操作系统命令注入漏洞

SystemInformation is a NPM software library developed by Sebastian Hildebrandt, which allows access to operating system information. Versions of SystemInformation from 4.17.0 to 5.31.5 contain a vulnerability related to operating system command injection. This vulnerability arises on Linux when t...

7.8CVSS5.8AI score0.0062EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

FacturaScripts 代码问题漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia of Spain. Versions of FacturaScripts prior to 2025.81 contained code vulnerabilities. These vulnerabilities stemmed from the unlimited file upload feature in the product image upload function. Attackers could upload PHP file...

6.3CVSS5.9AI score0.00229EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.19 views

FacturaScripts 信息泄露漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to v2026 contained a vulnerability related to information leakage. This vulnerability stemmed from unvalidated information during the installation of controllers, allowi...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of the raw...

8.5CVSS5.8AI score0.00174EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Budibase 跨站脚本漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the Text...

8.1CVSS5.6AI score0.00226EPSS
Exploits0References2
Total number of security vulnerabilities195539