Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

WordPress plugin Geo Mashup 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.00171EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Bugsink 安全漏洞

Bugsink is an open-source, self-hosted bug tracking software developed by Bugsink. Versions of Bugsink prior to 2.2.0 contained security vulnerabilities. These vulnerabilities stemmed from the source mapping and debugging file searching mechanisms, which did not limit the scope of the projects. A...

4.3CVSS5.8AI score0.00178EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Genetec RabbitMQ 安全漏洞

Genetec RabbitMQ is a messaging queue service component provided by the American company Genetec. Genetec RabbitMQ has a security vulnerability, which stems from deployment issues and may lead to privilege escalation attacks...

7.8CVSS5.8AI score0.00145EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

Joomla! CMS 安全漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a security vulnerability, which stems from the password and username reset function creating plaintext HTTP links for HTTPS connections when a mandatory SSL flag is not set...

9.8CVSS5.8AI score0.0019EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

FreeRDP 安全漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.26.0 contained security vulnerabilities. These vulnerabilities stemmed from a heap buffer overflow in the gdiCacheToSurface function, which could allow remote attackers ...

8.8CVSS6.5AI score0.00827EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Kubevirt 后置链接漏洞

Kubevirt is an open-source virtual machine manager developed by KubeVirt. Kubevirt has a post-installation vulnerability, which stems from improper verification of symbolic links. This vulnerability may allow authenticated OpenShift users to manipulate the console socket in a single namespace by...

9.9CVSS5.8AI score0.00596EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

NVIDIA Display Driver 安全漏洞

NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver contains a security vulnerability that could allow attackers to disclose the driver’s lock keys, potentially leading to denial-of-service attacks...

6.5CVSS5.8AI score0.00125EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

CodeAstro Leave Management System SQL注入漏洞

The CodeAstro Leave Management System is a leave management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Leave Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the emailid parameter by an unknown function in the file...

6.5CVSS6.6AI score0.00196EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

WordPress plugin WpTravelly 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.3CVSS5.8AI score0.00157EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Student Management System 访问控制错误漏洞

Student Management System is a student management system developed by Krishanmurariji as an individual project. The Student Management System has a security access control vulnerability, which stems from an unknown function in the file/index.php/students/addStudentView, leading to improper access...

7.5CVSS7.1AI score0.0039EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Joomla! CMS 授权问题漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has authorization-related vulnerabilities, which stem from insufficient state checks, allowing bypasses of 2FA authentication...

8.2CVSS5.8AI score0.00297EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

NVIDIA vGPU Software 缓冲区错误漏洞

NVIDIA vGPU Software is a management software developed by NVIDIA Corporation in the United States, designed to provide GPU capabilities for virtual machines. This software enables multiple virtual machines to access the GPU of a host, thereby providing graphics performance and application...

5.8CVSS6AI score0.00143EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.16 views

IBM Db2 日志信息泄露漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain a vulnerability related to log information leakage. This vulnerability stems from the storage of potentially sensitive information in log files, which may allow...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 代码注入漏洞

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty are web server integration plugins developed by IBM. Versions 8.5 and 9.0 of these plugins contain a code injection vulnerability that can be exploited by remote code execution attacks...

9.8CVSS6.4AI score0.00847EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.28 views

libsolv 安全漏洞

Libsolv is a library in OpenSUSE that is used for checking software package dependencies. Libsolv has a security vulnerability, which stems from insufficient input validation when decompressing compressed data controlled by an attacker. This leads to a heap buffer overflow, potentially causing...

7.8CVSS5.9AI score0.00205EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

Lumiverse 安全漏洞

Lumiverse is a full-featured AI chat application suite developed by Prolix OCs’ individual developers. Versions of Lumiverse prior to 0.9.7 contained security vulnerabilities. These vulnerabilities stemmed from component overlay systems, which used Sucrase to translate user-provided TSX files and...

9.3CVSS5.8AI score0.0023EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

WordPress plugin Nyla 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.9AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

100xDevs CMS 安全漏洞

100xDevs CMS is an open-source content management system developed by code100x. There is a security vulnerability in 100xDevs CMS, which stems from an authentication bypass in the Mobile API. This vulnerability could allow unauthenticated attackers to impersonate any user by submitting specially...

8.8CVSS5.8AI score0.0049EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Babel 安全漏洞

Babel is a JavaScript compiler developed by Babel OpenSource. Versions of Babel from 7.12.0 to 7.29.4, as well as 8.0.0-alpha.13, have security vulnerabilities. These vulnerabilities stem from the possibility of generating outputs that can execute arbitrary code during the compilation of speciall...

8.2CVSS6.2AI score0.00125EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. This vulnerability may allow unauthorized access to the comconfig web service endpoints...

9.8CVSS5.8AI score0.00348EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

MaxKB 代码问题漏洞

MaxKB is an open-source question-answering system based on large language models and RAG, developed by 1Panel-dev. Versions of MaxKB prior to 2.8.1 contained code vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing vulnerability in the OSS file service URL retrieval...

6.3CVSS5.9AI score0.00232EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

Backdrop CMS 安全漏洞

Backdrop CMS is an open-source content management system developed by Backdrop CMS. Versions of Backdrop CMS prior to 1.x-1.3.5 contained security vulnerabilities. These vulnerabilities stemmed from insufficient protection against cross-site scripting attacks. If optional information fields in th...

1.8CVSS5.6AI score0.00264EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.14 views

WordPress plugin Mayosis Core 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

WordPress plugin RepairBuddy 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

OpenKM 路径遍历漏洞

OpenKM is a document management system developed by OpenKM Company in Spain. This system offers features such as version control, file history, and file sharing. Version OpenKM 6.3.12 has a path traversal vulnerability; this vulnerability stems from a local file inclusion vulnerability present in...

6.9CVSS5.9AI score0.00387EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

Pingvin Share 代码注入漏洞

Pingvin Share is a self-hosted file sharing platform developed by Elias Schneider as an individual project. Versions of Pingvin Share prior to 1.13.0 contain a code injection vulnerability. This vulnerability stems from improper handling of the redirect parameter in the getServerSideProps functio...

5.3CVSS5.7AI score0.00336EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.16 views

Joomla! CMS 路径遍历漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a path traversal vulnerability, which stems from improper input validation provided to users, potentially leading to local file inclusion...

9.8CVSS5.8AI score0.00482EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

Joomla! CMS SQL注入漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a SQL injection vulnerability, which stems from improper construction of filter clauses. This vulnerability may lead to SQL injection in the comfinder search query...

9.8CVSS5.9AI score0.0031EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

SourceCodester eDoc Doctor Appointment System 安全漏洞

SourceCodester eDoc Doctor Appointment System is an open-source appointment system for doctors developed by SourceCodester. Version 1.0 of the SourceCodester eDoc Doctor Appointment System contains a security vulnerability. This vulnerability stems from incorrect parameter handling in the...

6.9CVSS6.6AI score0.00325EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

TOTOLINK CA750-PoE is a wireless network access device produced by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of theFileName parameter in the setUploadUserDat...

6.5CVSS6.6AI score0.01803EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

NVIDIA Display Driver for Linux 缓冲区错误漏洞

NVIDIA Display Driver for Linux is a graphics driver developed by NVIDIA Corporation. The NVIDIA Display Driver for Linux contains a buffer error vulnerability; this vulnerability can lead to out-of-bounds read attacks, potentially causing system crashes and information leaks...

7.1CVSS6AI score0.00166EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.14 views

Check Point Quantum Security Gateway 安全漏洞

Check Point Quantum Security Gateway is a series of enterprise-level security gateway devices developed by the Israeli company Check Point. There is a security vulnerability in Check Point Quantum Security Gateway, which stems from the improper parsing and validation of HTTP requests by the HTTP...

5.3CVSS5.8AI score0.02607EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

NVIDIA Display Driver for Linux 安全漏洞

NVIDIA Display Driver for Linux is a graphics driver developed by NVIDIA Corporation. The NVIDIA Display Driver for Linux contains a security vulnerability. This vulnerability stems from the insecure default initialization of memory subsystem routing resources during Multi-Instance GPU partitioni...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

IBM Cloud Pak for Data System SQL注入漏洞

IBM Cloud Pak for Data System is an enterprise data and AI integration platform provided by IBM. Version 11.3.0.2 of IBM Cloud Pak for Data System, as well as the Interim Fix 002, contain a SQL injection vulnerability. This vulnerability allows for SQL injection attacks, potentially enabling remo...

9.8CVSS5.9AI score0.0031EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.8 views

IBM HTTP Server 安全漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain security vulnerabilities; these vulnerabilities stem from the optional module modfastcgi, which may lead to denial-of-service attacks...

7.5CVSS5.8AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

NVIDIA Display Driver for Linux 安全漏洞

NVIDIA Display Driver for Linux is a graphics driver developed by NVIDIA Corporation in the United States. The NVIDIA Display Driver for Linux contains security vulnerabilities. These vulnerabilities stem from improper handling of permissions in the kernel mode layer processing routine. As a...

7.8CVSS5.9AI score0.00152EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

Hitachi Energy HiDraw 安全漏洞

Hitachi Energy HiDraw is a power transformer design software developed by Hitachi Corporation in Japan. Hitachi Energy HiDraw contains a security vulnerability caused by a heap buffer overflow. This vulnerability could allow malicious users with local access to cause memory corruption and potenti...

4.4CVSS6.6AI score0.00103EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

NVIDIA Display Driver 输入验证错误漏洞

NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver has a vulnerability related to input validation errors. This vulnerability stems from improper permission allocation in the kernel driver code, which may lead to data corruption and denial of service...

4.4CVSS5.8AI score0.00175EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

IBM webMethods Integration 代码问题漏洞

IBM webMethods Integration is a hybrid enterprise iPaaS offered by International Business Machines IBM. There are code vulnerabilities in versions 10.15 and later of IBM webMethods Integration, as well as in versions IS10.15CoreFix2611.1 and 11.1, up to IS11.1CoreFix10. These vulnerabilities stem...

5.4CVSS5.8AI score0.00182EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

OpenVPN Connect 安全漏洞

OpenVPN Connect is a VPN Virtual Private Network client application developed by OpenVPN Inc. Versions 3.5.1 to 3.8.1 of OpenVPN Connect have security vulnerabilities. These vulnerabilities stem from an issue with permissions in the background service on macOS, which may allow attackers to execut...

9.4CVSS6.1AI score0.00574EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

TOTOLINK CA750-PoE is a wireless network access device developed by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of the fwUrl/magicid parameters in the...

6.5CVSS6.6AI score0.01803EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

SailingLab AppLock 安全漏洞

SailingLab AppLock is a mobile application privacy protection tool developed by SailingLab. It supports features such as app locking, PIN verification, and fingerprint unlocking. Version 4.3.8 of SailingLab AppLock contains a security vulnerability. This vulnerability stems from the...

5.2CVSS5.9AI score0.00177EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

OpenKM 代码注入漏洞

OpenKM is a document management system developed by OpenKM Company in Spain. This system offers features such as version control, file history, and file sharing. Version OpenKM 6.3.12 has a code injection vulnerability. This vulnerability arises from allowing authenticated administrators to submi...

8.6CVSS6AI score0.00679EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

CODESYS多款产品 安全漏洞

CODESYS and others are products of the German CODESYS company. CODESYS is an industrial control automation software. CODESYS HMI is a visualization software. CODESYS Control RTE is a high-performance programmable controller. Several CODESYS products have security vulnerabilities; these...

8.1CVSS5.9AI score0.00348EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

TOTOLINK N300RH 安全漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. Version 6.1c.1353B20190305 of TOTOLINK N300RH contains a security vulnerability. This vulnerability stems from improper handling of parameters in the setPasswordCfg function of the file/cgi-bin/cstecgi.cgi within th...

10CVSS7.3AI score0.02133EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

Joomla! CMS 安全漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. There is a security vulnerability in Joomla! CMS, which stems from the InputFilter::getInstance method omitting secure-sensitive parameters from the instance cache key...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

NVIDIA Display Driver 安全漏洞

NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver contains a security vulnerability that may lead to issues with check-time operations, potentially causing denial-of-service attacks, privilege escalation, information leakage, data corruption, and co...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

NVIDIA Display Driver 输入验证错误漏洞

NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver has a vulnerability related to input validation errors. This vulnerability arises from improper input validation by users within the User Virtual Machine UVM, which may lead to denial-of-service...

7.1CVSS5.8AI score0.00162EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.15 views

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. This vulnerability allows for privilege escalation through the comusers batch task...

9.8CVSS5.8AI score0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.8 views

Autodesk 3ds Max 安全漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There is a security vulnerability in Autodesk 3ds Max. This vulnerability arises from the possibility of memory corruption during the parsing of specially crafted WRL files. Malicious actors may exploit...

7.8CVSS6.2AI score0.00166EPSS
Exploits0References2
Total number of security vulnerabilities195539