Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.1 contained security vulnerabilities. These vulnerabilities stemmed from action triggers th...

5.4CVSS5.8AI score0.00146EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Budibase 安全漏洞

Budibase is an open-source low-code platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.1 contained security vulnerabilities. These vulnerabilities stemmed from the POST...

8.8CVSS5.8AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.34.8 contained security vulnerabilities. These vulnerabilities stemmed from the processUrlFile...

7.7CVSS5.8AI score0.00258EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

FileRise 访问控制错误漏洞

FileRise is a lightweight, self-hosted web-based file manager developed by Ryan. Versions of FileRise prior to 3.12.0 contained an access control vulnerability. This vulnerability stemmed from the /api/totpsetup.php endpoint, which could be accessed via a session that only requires password...

7.4CVSS5.8AI score0.00265EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Botan 安全漏洞

Botan is a C++ encryption library developed by Jack Lloyd as an individual project. Versions of Botan prior to 3.12.0 contained security vulnerabilities. These vulnerabilities were caused byBER data, which led to reassembly behavior by the parser, potentially resulting in denial-of-service attack...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Cinny 输入验证错误漏洞

Cinny is a simple and secure instant messaging client developed by Cinny OpenSource. Versions of Cinny prior to 4.10.3 contained a vulnerability related to input validation errors. This vulnerability arose due to EmojiBoard using an untrusted pack.meta.avatar as a URL without validation, and...

7.1CVSS5.8AI score0.00302EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.15 views

go-ipld-prime 安全漏洞

go-ipld-prime is an implementation of the IPLD open-source specification interface. Versions of go-ipld-prime prior to 0.23.0 contained security vulnerabilities. These vulnerabilities stemmed from the DAG-CBOR and DAG-JSON decoders having no depth limit when decoding nested mappings or lists, whi...

6.2CVSS5.8AI score0.0012EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/bearer-token authorization when the NEF route group nnef-pfdmanagement was mounted...

10CVSS5.8AI score0.00287EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/bearer-token authorization when the NEF module mounted the nnef-oam routing group...

10CVSS5.8AI score0.00311EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

free5GC 代码问题漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained code vulnerabilities. These vulnerabilities stemmed from the DELETE handler in UDR containing null pointer dereferencing, which could potentially cause a repeated panic to...

6.5CVSS5.9AI score0.0035EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

free5GC 代码问题漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained code vulnerabilities. These vulnerabilities stemmed from the NEF patch handler’s inability to handle UDR calls properly, leading to null pointer dereferencing and...

7.5CVSS5.9AI score0.0039EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the DELETE handler in SMF unconditionally canceling the reference to UPF objects, which could lead to a null...

8.2CVSS5.8AI score0.00324EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the PUT processor in the BSF module, which allowed unsynchronized writes to the global Subscriptions mapping,...

6.5CVSS5.8AI score0.00268EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

free5GC 代码问题漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained code vulnerabilities. These vulnerabilities stemmed from null pointer dereferencing in the PCF’s app-sessions handler under certain conditions, which could lead to a 500...

6.5CVSS5.9AI score0.0035EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/bearer-token authorization when the NEF module mounted the 3gpp-pfd-management API...

9.4CVSS5.8AI score0.00314EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by node.js’s built-in APIs. There is a security vulnerability in Erlang/OTP, which stems from improper certificate verification in the publickey module. This vulnerability allows...

8.1CVSS5.8AI score0.00338EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the absence of authentication middleware in the PCF NpcfSMPolicyControl component, which could allow...

8.2CVSS5.8AI score0.00323EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the PCF’s HandleCreateSmPolicyRequest handler, which encountered a null pointer dereferencing when UDR returne...

7.5CVSS5.8AI score0.00404EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from AMF’s failure to verify the UE security capabilities in NGAP PathSwitchRequest messages. This could allow...

7.1CVSS5.8AI score0.00266EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.33 views

Webmin 安全漏洞

Webmin is a set of web-based system management tools for Unix-like operating systems, developed by the Webmin community. Versions of Webmin prior to 2.640 contained a security vulnerability, which stemmed from the insecure construction of the attachment save file name in the mailboxes/detachall.c...

9.4CVSS5.8AI score0.00303EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Agent Zero 跨站脚本漏洞

Agent Zero is an artificial intelligence framework developed by Jan Tomášek. Versions of Agent Zero prior to 1.15 contained a cross-site scripting vulnerability. This vulnerability stemmed from the lack of security headers when SVG files were provided through the imageget endpoint, which could le...

6.1CVSS5.6AI score0.00236EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Dolibarr ERP/CRM 安全漏洞

Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system developed by the Dolibarr Foundation in France. This system can be used to manage products, inventory, invoices, orders, etc. Versions of Dolibarr ERP/CRM from 22.0.0 to 22.0.4, as wel...

7.3CVSS6.1AI score0.00384EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

PostgreSQL Anonymizer 安全漏洞

PostgreSQL Anonymizer is an open-source extension developed by DALIBO in France, designed to mask or replace personally identifiable information PII or commercially sensitive data in PostgreSQL databases. PostgreSQL Anonymizer has a security vulnerability that stems from allowing users to obtain...

8.8CVSS6AI score0.0025EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

IBM多款产品 安全漏洞

IBM WebSphere Application Server WAS, among others, are products of the American multinational company IBM. IBM WebSphere Application Server is an application server product. IBM WebSphere Application Server Liberty is a Java application server built upon the Open Liberty project. IBM webMethods...

7.5CVSS5.9AI score0.005EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the WebAppInstalls component reusing resources after release, potentially allowing remote attackers to exploit...

7.5CVSS5.8AI score0.00173EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

IBM Netezza Performance Server Replication Services 安全漏洞

IBM Netezza Performance Server Replication Services is a data warehouse replication and synchronization service provided by IBM. There are security vulnerabilities in versions 3.0.2.0 to 3.0.5.0 of IBM Netezza Performance Server Replication Services. These vulnerabilities allow low-privilege...

7.8CVSS5.9AI score0.00151EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

IBM i 安全漏洞

IBM i is an operating system developed by the American International Business Machines IBM company, which runs on IBM Power Systems and IBM PureSystems. Versions 7.6, 7.5, 7.4, and 7.3 of IBM i have security vulnerabilities. These vulnerabilities stem from uncontrolled recursion in the Integrated...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Jenkins Multijob Plugin 安全漏洞

Jenkins Multijob Plugin is an open-source plugin for Jenkins that manages multi-task builds. The Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier versions have security vulnerabilities. These vulnerabilities stem from cross-site request forgery attacks, which may allow attackers to restore...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability, which stemmed from type confusion in the V8 engine. This vulnerability could allow attackers to execute arbitrary code within a sandbox by convincing users...

8.8CVSS6.2AI score0.00151EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

sherlock 操作系统命令注入漏洞

Sherlock is an open-source username search tool developed by Sherlock. Versions of Sherlock prior to 0.16.1 contained a vulnerability related to operating system command injection. This vulnerability originated from the pullrequesttarget trigger in the GitHub Actions workflow...

9.3CVSS6.1AI score0.01141EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymbCONNECT24 is an internal...

6.9CVSS5.9AI score0.00281EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Synology Surveillance Station 安全漏洞

Synology Surveillance Station is an application developed by Synology, a Chinese company. It provides intelligent monitoring and video management tools to protect your valuable assets. There are security vulnerabilities in versions of Synology Surveillance Station prior to 9.2.2-11575 and...

4.9CVSS5.8AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the Skia component’s tendency to reuse resources after release, which could allow remote attackers with access t...

8.3CVSS5.9AI score0.00267EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.16 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

7CVSS5.9AI score0.00295EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a buffer overflow vulnerability. This vulnerability stemmed from an out-of-bounds read issue in the WebGL component, which could allow remote attackers to exploit the vulnerability...

4.3CVSS6AI score0.00209EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Google Chrome on Android 输入验证错误漏洞

Google Chrome on Android is a web browser in the Android operating system developed by Google Inc. Versions prior to 148.0.7778.216 of Google Chrome on Android had a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs in Skia, whi...

8.3CVSS5.8AI score0.00198EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Synology Surveillance Station 安全漏洞

Synology Surveillance Station is an application developed by Synology, a Chinese company. It provides intelligent monitoring and video management tools to protect your valuable assets. There are security vulnerabilities in versions of Synology Surveillance Station prior to 9.2.2-11575 and...

4.9CVSS5.8AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. In versions of Google Chrome on iOS prior to 148.0.7778.216, there was a security vulnerability. This vulnerability stemmed from improper implementation in iOS, which could allow remote attackers to leak cross-source data through specially...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Northern.tech Mender Client 安全漏洞

The Northern.tech Mender Client is a device remote update and management client provided by the Northern.tech company in the United States. Versions of the Northern.tech Mender Client prior to version 5.0.4 contained security vulnerabilities, which were caused by bypassing encryption signature...

5.3CVSS5.8AI score0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Jenkins buildgraph-view Plugin 安全漏洞

The Jenkins buildgraph-view Plugin is an open-source plugin for visualizing Jenkins build processes. The Jenkins buildgraph-view Plugin versions 1.8 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of escaping of build URLs, which may lead to storage-side...

5.5CVSS5.6AI score0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome on Windows before 148.0.7778.216 contained a buffer overflow vulnerability. This vulnerability stemmed from out-of-bounds read operations in Dawn, which could allow remote attackers to exploit the vulnerability by...

4.3CVSS6.1AI score0.00209EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.7 views

WordPress plugin MetaMagic SEO Plugin 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.00124EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

WordPress plugin Enable jQuery Migrate Helper 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.5CVSS5.8AI score0.00277EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Hitachi Vantara Pentaho Data Integration and Analytics 安全漏洞

Hitachi Vantara Pentaho Data Integration and Analytics is a business intelligence dashboard designer developed by the American company Hitachi Vantara. Versions of Hitachi Vantara Pentaho Data Integration and Analytics prior to 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, contained security...

7.7CVSS5.8AI score0.00201EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs during USB communication, which could allow remote attackers...

8.8CVSS6.2AI score0.00234EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Gladinet Triofox 安全漏洞

Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox, which stems from path traversal when processing URL paths starting with /woshome...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Synology Surveillance Station 安全漏洞

Synology Surveillance Station is an application developed by Synology, a Chinese company. It provides intelligent monitoring and video management tools to protect your valuable assets. There are security vulnerabilities in versions of Synology Surveillance Station prior to 9.2.2.2-11575 and...

4.9CVSS5.8AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 148.0.7778.216 for Android, there was a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs by the WebAppInstalls component, which could allow local...

7.8CVSS6.2AI score0.00099EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

IBM Aspera High-Speed Transfer Endpoint和IBM Aspera High-Speed Transfer Server 代码问题漏洞

IBM Aspera High-Speed Transfer Endpoint and IBM Aspera High-Speed Transfer Server are products of American International Business Machines Corporation IBM. The IBM Aspera High-Speed Transfer Endpoint is a high-speed file transfer and data exchange node service. The IBM Aspera High-Speed Transfer...

7.5CVSS5.9AI score0.00319EPSS
Exploits0References2
Total number of security vulnerabilities195539