Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained security vulnerabilities. These vulnerabilities stemmed from the automated...

5.1CVSS6AI score0.00329EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Budibase 安全漏洞

Budibase is an open-source low-code platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.2 contained security vulnerabilities. These vulnerabilities stemmed from a lack of...

9.9CVSS5.9AI score0.00286EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.2 contained security vulnerabilities. These vulnerabilities stemmed from the failure to...

4.2CVSS5.8AI score0.00163EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Budibase 安全漏洞

Budibase is an open-source low-code platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.1 contained security vulnerabilities. These vulnerabilities stemmed from the V1 vi...

6.5CVSS6.1AI score0.00263EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

dalfox 安全漏洞

Dalfox is an automated cross-site script scanning tool developed by HAHWUL. Versions of Dalfox prior to 2.13.0 contained security vulnerabilities. These vulnerabilities stemmed from two stages in ParameterAnalysis where the same closed results channel was written to, potentially causing a panic...

7.5CVSS5.7AI score0.00231EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Budibase 安全漏洞

Budibase is an open-source low-code platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.1 contained security vulnerabilities. These vulnerabilities stemmed from the data...

8.8CVSS5.8AI score0.00251EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.21 views

BentoML 代码注入漏洞

BentoML is an open-source model service library developed by BentoML. It is used to build high-performance and scalable artificial intelligence applications using Python. Prior to BentoML 1.4.39, there was a code injection vulnerability. This vulnerability stemmed from the envs.name value...

8.8CVSS5.9AI score0.00321EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WeGIA 输入验证错误漏洞

WeGIA is a network manager for welfare institutions developed by Nilson Lazarin as an individual project. Versions of WeGIA prior to 3.7.3 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation or restrictions on the nextPage parameter...

5.4CVSS5.9AI score0.0015EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WeGIA 安全漏洞

WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.7.3 contained security vulnerabilities. These vulnerabilities stemmed from the use of a salted SHA-256 hash algorithm in login and password change processes, which could lead to rainbow...

5.9CVSS5.8AI score0.00136EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

RVF 安全漏洞

RVF is a React form validation and state management tool developed by Aaron Pettengill. Versions of RVF prior to 6.0.0, 6.0.4, and 7.0.2 contained security vulnerabilities. These vulnerabilities stemmed from the setPath function in @rvf/set-get, which did not prevent the proto, constructor, or...

8.2CVSS5.9AI score0.00271EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Ella Core 安全特征问题漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Versions of Ella Core prior to 1.10.0 contained security feature vulnerabilities. These vulnerabilities stemmed from the lack of enforcement of the security program concurren...

3.7CVSS5.8AI score0.00134EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Ella Core 安全特征问题漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Versions of Ella Core prior to 1.10.0 contained security feature vulnerabilities. These vulnerabilities stemmed from an unvalidated check to ensure that the UE security...

6.1CVSS5.8AI score0.00148EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of an OAuth2/bearer-token authorization middleware when SMF mounted UPI management routing groups,...

10CVSS5.8AI score0.00331EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from SMF failing to include the necessary inbound OAuth2 middleware when mounting UPI management routing groups. Th...

7.5CVSS5.8AI score0.00364EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/bearer-token authorization when the NEF route group nnef-callback was mounted, whic...

7.3CVSS5.8AI score0.00241EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from NEF terminating the entire process when PFD subscription notifications could not be delivered, potentially...

7.5CVSS5.8AI score0.00404EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

free5GC 安全特征问题漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security feature vulnerabilities. These vulnerabilities stemmed from AMF not implementing the concurrent security procedures defined in 3GPP TS 33.501, which could lead to...

5.4CVSS5.8AI score0.00251EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions of Mattermost Plugins 1.1.5 and earlier contained security vulnerabilities. These vulnerabilities stemmed...

8CVSS6AI score0.00296EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

pretix 安全漏洞

Pretix is a ticketing system developed by the German company Pretix. There is a security vulnerability in Pretix. This vulnerability stems from an API endpoint that does not verify whether the UUID used for downloading corresponds to the file that should be downloaded and whether it belongs to th...

7CVSS5.8AI score0.00219EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Webmin 跨站脚本漏洞

Webmin is a set of web-based system management tools for Unix-like operating systems, developed by the Webmin community. Versions of Webmin prior to 2.640 contained a cross-site scripting vulnerability. This vulnerability occurred when viewing SVG document attachments in the mailboxes component,...

6.1CVSS5.6AI score0.00155EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Taipy 路径遍历漏洞

Taipy is an open-source application developed by Avaiga. It was designed specifically for data scientists and machine learning engineers to build data and artificial intelligence network applications. Version 4.1.1 of Taipy contains a path traversal vulnerability. This vulnerability stems from th...

8.7CVSS5.8AI score0.00409EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Agent Zero 路径遍历漏洞

Agent Zero is an artificial intelligence framework developed by Jan Tomášek as a personal project. Versions of Agent Zero prior to 1.15 contained a path traversal vulnerability. This vulnerability allows unauthorized attackers to access arbitrary files through path traversal...

7.1CVSS5.9AI score0.00375EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

GuardDog 安全漏洞

GuardDog is an open-source CLI tool developed by GuardDog, which allows for the identification of malicious PyPI packages. Versions 2.6.0 to 2.9.0 of GuardDog contain security vulnerabilities. These vulnerabilities stem from the default human-readable output, which includes filenames, file...

5CVSS5.9AI score0.00113EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

opentelemetry-js 安全漏洞

opentelemetry-js is an open-source framework from OpenTelemetry - CNCF, designed for collecting traces, metrics, and logs from applications. Versions of opentelemetry-js prior to 0.217.0 contained a security vulnerability. This vulnerability stemmed from improper error handling in the URL parsing...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

go-git 数据伪造问题漏洞

go-git is an open-source, highly scalable Git implementation written entirely in Go. Versions of go-git prior to 5.19.0 and 6.0.0-alpha.3 contained a data manipulation vulnerability. This vulnerability stems from the way Git objects are parsed differently compared to upstream Git. Additionally, t...

7CVSS5.7AI score0.00159EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

LibVNCServer 缓冲区错误漏洞

LibVNCServer is a cross-platform C language library developed by LibVNC, which supports implementing VNC Virtual Network Computing server or client functions within programs. Versions of LibVNCServer prior to 0.9.15 contained a buffer error vulnerability. This vulnerability stemmed from the Tight...

8.8CVSS6AI score0.00242EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

auth0.js 安全漏洞

auth0.js is a client JavaScript toolkit developed by Auth0, open source, for the Auth0 API Application Programming Interface. Versions of auth0.js from 8.11.0 to 9.32.0 contain security vulnerabilities. These vulnerabilities arise because, under certain conditions, the Auth0.js SDK may incorrectl...

7.1CVSS5.8AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Dolibarr ERP/CRM 安全漏洞

Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system developed by the Dolibarr Foundation in France. This system can be used to manage products, inventory, invoices, orders, etc. Versions of Dolibarr ERP/CRM from 22.0.0 to 22.0.4, as wel...

7.3CVSS6.1AI score0.00384EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Dolibarr ERP/CRM 安全漏洞

Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system developed by the Dolibarr Foundation in France. This system can be used to manage products, inventory, invoices, orders, etc. Versions of Dolibarr ERP/CRM from 22.0.0 to 22.0.4, as wel...

7.3CVSS6.1AI score0.00384EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

libusb 缓冲区错误漏洞

libusb is an open-source, cross-platform USB device access library. Versions of libusb prior to 1.0.30 contained a buffer error vulnerability. This vulnerability stems from the use of the original buffer size rather than the remaining size during boundary checks in the parseiadarray function, whi...

5.5CVSS6AI score0.0013EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

uniget 操作系统命令注入漏洞

Uniget is a general-purpose tool for installing and updating software, developed by Uniget itself. Versions of Uniget prior to 0.27.1 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the direct execution of commands using the Bash shell scri...

7.8CVSS6.2AI score0.00715EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Volcano 安全漏洞

Volcano is a batch processing system built using Kubernetes, developed by Volcano OpenSource. Vulnerabilities exist in versions of Volcano before v1.14.2, v1.13.3, and v1.12.4. These vulnerabilities stem from the Webhook server’s lack of a limit on the size of the HTTP request bodies. Pods that...

6.8CVSS5.9AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

pam_usb 访问控制错误漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.0 contained an access control vulnerability; this vulnerability stemmed from the denyremote function, which only checks the first 32-bit word of utaddrv...

7.4CVSS5.8AI score0.00307EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.7 views

pam_usb 安全漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contain security vulnerabilities. These vulnerabilities stem from the code in src/tmux.c, which reads the user’s $TMUX environment variable and insert...

8.8CVSS6AI score0.00158EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

pam_usb 授权问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 have a vulnerability related to authorization issues. This vulnerability stems from symbolic link attacks involving the pad directory and pad files,...

7.9CVSS5.8AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

pam_usb 操作系统命令注入漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contained an operating system command injection vulnerability. This vulnerability stemmed from pamusb-pinentry reading the PINENTRYFALLBACKAPP...

7.8CVSS5.9AI score0.00151EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Wireshark 代码问题漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.5, as well as 4.4.0 to 4.4.15, have code vulnerabilities that can lead to a...

5.5CVSS5.9AI score0.00092EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

pam_usb 代码问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained code vulnerabilities. This vulnerability stemmed from the fact that the src/log.c file contained a process-level static pointer; each PAM ca...

5.7CVSS5.9AI score0.00116EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

LangSmith Client SDKs 代码问题漏洞

LangSmith Client SDKs are a developer toolkit open-sourced by LangChain. Versions of LangSmith Client SDKs prior to 0.8.0 and JS/TS versions prior to 0.6.0 have code vulnerabilities. This vulnerability stems from the lack of differentiation between public prompts and internal organization-specifi...

7.1CVSS5.9AI score0.00199EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

pam_usb 代码问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.0 have code vulnerabilities. These vulnerabilities arise from assertions being compiled and removed during memory allocation failures, leading to null...

5.1CVSS5.9AI score0.00122EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Mapserver 代码问题漏洞

Mapserver is a set of open-source platforms developed by the Open Geospatial Foundation, designed for publishing spatial data and interactive map applications to the Web. Versions of MapServer from 6.4.0 to 8.6.3 had code vulnerabilities. These vulnerabilities stemmed from improper handling of...

7.5CVSS5.9AI score0.0032EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Pi.Alert 代码注入漏洞

Pi.Alert is a WIFI/LAN intrusion detector developed by Jokob-sk. Versions of Pi.Alert prior to 2026-05-07 had a code injection vulnerability. This vulnerability stemmed from the Web configuration editor, which allowed arbitrary Python code to be injected into the pialert.conf file. Additionally,...

9.8CVSS6.5AI score0.00545EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Authlib 安全漏洞

Authlib is an open-source library developed by Authlib, designed to build servers for OAuth and OpenID Connect. Versions of Authlib prior to 1.6.12 and 1.7.1 contained security vulnerabilities. These vulnerabilities stemmed from unauthenticated redirection in the OpenIDImplicitGrant and...

6.1CVSS5.8AI score0.00203EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Budibase 安全漏洞

Budibase is an open-source low-code platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.35.4 contained security vulnerabilities. These vulnerabilities stemmed from the fact...

6.5CVSS5.8AI score0.00115EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.35.3 contained security vulnerabilities. These vulnerabilities stemmed from VectorDB’s...

5.3CVSS5.8AI score0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Budibase 安全漏洞

Budibase is an open-source low-code platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack ...

7.6CVSS5.6AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Budibase 信息泄露漏洞

Budibase is an open-source low-code platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.3 contained a vulnerability related to information leakage. This vulnerability...

7.7CVSS5.8AI score0.00223EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.1 contained security vulnerabilities. These vulnerabilities stemmed from action triggers th...

5.4CVSS5.8AI score0.00146EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Budibase 安全漏洞

Budibase is an open-source low-code platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.1 contained security vulnerabilities. These vulnerabilities stemmed from the POST...

8.8CVSS5.8AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.34.8 contained security vulnerabilities. These vulnerabilities stemmed from the processUrlFile...

7.7CVSS5.8AI score0.00258EPSS
Exploits0References2
Total number of security vulnerabilities195539