Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

Check Point Quantum Security Gateway 安全漏洞

Check Point Quantum Security Gateway is a series of enterprise-level security gateway devices developed by the Israeli company Check Point. There is a security vulnerability in Check Point Quantum Security Gateway. This vulnerability stems from the improper handling of unexpected IKE fragment...

8.1CVSS5.8AI score0.02658EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Lumiverse 参数注入漏洞

Lumiverse is a full-featured AI chat application suite developed by Prolix OCs’ individual developers. Versions of Lumiverse prior to 0.9.7 contained a parameter injection vulnerability. This vulnerability occurred when the toSmbPath call failed, resulting in a fallback to dirname/basename...

9.1CVSS5.9AI score0.00451EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

Blitz 代码注入漏洞

Blitz is an open-source full-stack Next.js development toolkit developed by Blitz. Versions of Blitz 3.0.2 and earlier contained a code injection vulnerability. This vulnerability stemmed from an unknown function in the packages/generator/templates/app/src/app/auth/components/LoginForm.tsx file,...

5.3CVSS5.7AI score0.00336EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

algernon 安全漏洞

Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.7 contained a security vulnerability. This vulnerability stemmed from the process of traversing parent directories upwards during directory requests to find the handler.lua file. This could allow...

9CVSS6.3AI score0.00437EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 环境问题漏洞

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty are web server integration plugins developed by IBM. Versions 8.5 and 9.0 of these plugins contain environmental issues, which stem from vulnerabilities that can be exploited by HTTP request payload attacks...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Joomla! CMS 跨站请求伪造漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site request forgeing vulnerability, which stems from the lack of CSRF token validation. This vulnerability may lead to cross-site request forgeing attacks at the comusers...

4.6CVSS5.7AI score0.00104EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

Joomla! CMS 路径遍历漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a path traversal vulnerability, which stems from improper validation of search parameters in the commedia file API endpoints, potentially leading to path traversal attacks...

7.5CVSS5.8AI score0.00445EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

Joomla! CMS 跨站脚本漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site scripting vulnerability, which stems from the lack of output escaping. This vulnerability may lead to cross-site scripting attacks through the "readmore" link in the comconte...

6.9CVSS5.6AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

Joomla! CMS 跨站脚本漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site scripting vulnerability, which stems from the lack of output escaping. This vulnerability may lead to cross-site scripting attacks within the content history component of the...

6.9CVSS5.6AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Check Point Security Gateway 安全漏洞

Check Point Security Gateway is a series of network security gateway devices developed by Check Point Corporation in Israel. There is a security vulnerability in Check Point Security Gateway, which stems from incorrect validation of length values in specific IKE packets during NAT-T operations...

8.1CVSS5.8AI score0.02139EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

IBM Cloud Pak for Data System 安全漏洞

IBM Cloud Pak for Data System is an enterprise data and AI integration platform provided by IBM. The version 11.3.0.2 of IBM Cloud Pak for Data System, as well as the Interim Fix 002, contain security vulnerabilities. These vulnerabilities stem from the use of default passwords during the...

7.5CVSS5.8AI score0.00269EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe 26 and earlier contained security vulnerabilities; these vulnerabilities stemmed from out-of-bound read operations, which could potentially cause applications to...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Autodesk 3ds Max 安全漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There is a security vulnerability in Autodesk 3ds Max, which may lead to a denial-of-service attack due to a stack overflow issue occurring during the parsing of specially crafted WRL files...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Autodesk 3ds Max 安全漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There is a security vulnerability in Autodesk 3ds Max. This vulnerability arises from the possibility of memory corruption during the parsing of specially crafted WRL files. Malicious actors may exploit...

7.8CVSS6.2AI score0.00132EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

itsourcecode Electronic Judging System 代码注入漏洞

itsourcecode Electronic Judging System is an open-source electronic judging system developed by itsourcecode. Version 1.0 of the itsourcecode Electronic Judging System contains a code injection vulnerability. This vulnerability arises from improper handling of the fname parameter in the...

5.3CVSS5.7AI score0.00336EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

TOTOLINK CA750-PoE is a wireless network access device produced by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of the PIN parameter in the setWiFiWpsConfig...

6.5CVSS6.6AI score0.01803EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

TOTOLINK CA750-PoE is a wireless network access device produced by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of theFileName parameter in the setUpgradeUboot...

6.5CVSS6.6AI score0.01803EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

WordPress plugin WpBookingly 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.8 views

IBM Engineering Lifecycle Management 安全漏洞

IBM Engineering Lifecycle Management is an engineering lifecycle management platform provided by American multinational company International Business Machines IBM. Versions 7.0.3, 7.1.0, and 7.2.0 of IBM Engineering Lifecycle Management contain security vulnerabilities. These vulnerabilities ste...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.14 views

IBM HTTP Server 代码问题漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain code vulnerabilities that could lead to denial-of-service attacks due to the optional module modibmUpload...

7.5CVSS5.9AI score0.0038EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

IBM HTTP Server 安全漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain security vulnerabilities. These vulnerabilities stem from invalid pointer dereferencing, which could allow privileged users to disclose...

7.3CVSS5.8AI score0.00252EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

WordPress plugin SW Core 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

NVIDIA GPU Display Driver 信息泄露漏洞

NVIDIA GPU Display Driver is a display driver developed by NVIDIA Corporation. The NVIDIA GPU Display Driver for Linux has a vulnerability known as information leakage. This vulnerability stems from the possibility of advanced attackers exploiting race conditions to leak sensitive memory. As a...

5.6CVSS5.8AI score0.00155EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

NVIDIA vGPU Software 资源管理错误漏洞

NVIDIA vGPU Software is a management software developed by NVIDIA Corporation in the United States, designed to provide GPU capabilities for virtual machines. This software enables multiple virtual machines to access the host’s GPU, thereby providing graphics performance and application...

7CVSS5.9AI score0.00167EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.14 views

Joomla! 跨站脚本漏洞

Joomla! is an open-source, free-content management system developed by Joomla! Foundation. The Joomla! Framework has a cross-site scripting vulnerability, which stems from insufficient content filtering in the checkAttribute method. This vulnerability exposes various components to cross-site...

6.9CVSS5.6AI score0.00144EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. This vulnerability allows for privilege escalation through the comusers batch task...

9.8CVSS5.8AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.8 views

SourceCodester Hospitals Patient Records Management System 代码注入漏洞

SourceCodester Hospitals Patient Records Management System is an open-source hospital medical record management system developed by SourceCodester. Version 1.0 of the SourceCodester Hospitals Patient Records Management System contains a code injection vulnerability. This vulnerability arises from...

4.8CVSS5.6AI score0.00202EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

Autodesk 3ds Max 代码问题漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There are code vulnerabilities in Autodesk 3ds Max. These vulnerabilities stem from parsing specially crafted PAR files, which may lead to null pointer dereferencing. Successful exploitation of these...

5.5CVSS5.9AI score0.00155EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

Check Point Multi-Domain Management 安全漏洞

Check Point Multi-Domain Management is a centralized security management platform provided by Check Point Israel. Check Point Multi-Domain Management has a security vulnerability. This vulnerability arises from the fact that when compliance is enabled in the multi-domain management system, verifi...

4.1CVSS5.8AI score0.04102EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Lumiverse 竞争条件问题漏洞

Lumiverse is a full-featured AI chat application suite developed by Prolix OCs’ individual developers. Versions of Lumiverse prior to 0.9.7 contained a race condition vulnerability. This vulnerability stemmed from the fact that the consumeNonce function only checked whether module-level variables...

4.8CVSS5.8AI score0.00118EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.15 views

Joomla! CMS SQL注入漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a SQL injection vulnerability, which stems from improper validation of sorting clauses. This vulnerability may lead to SQL injections within com tags...

9.8CVSS5.9AI score0.0031EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

WordPress plugin Zohocorp Zoho Mail 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.7CVSS5.7AI score0.00371EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

NVIDIA Display Driver 竞争条件问题漏洞

NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver has a race condition vulnerability, which arises from user-side reorders in the kernel module that may lead to race conditions through compiler or processor memory instructions, potentially causing...

4.7CVSS5.8AI score0.00092EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

NVIDIA Display Driver 缓冲区错误漏洞

NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver has a buffer error vulnerability, which can lead to out-of-bounds write attacks, potentially causing denial of service, privilege escalation, information leakage, data corruption, and code execution...

7.8CVSS6.1AI score0.00197EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

itsourcecode Electronic Judging System SQL注入漏洞

itsourcecode Electronic Judging System is an open-source electronic referee system developed by itsourcecode. Version 1.0 of the itsourcecode Electronic Judging System has a SQL injection vulnerability. This vulnerability arises from improper handling of the numid parameter in the unknown code...

7.5CVSS7.2AI score0.00319EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

CODESYS Development System 安全漏洞

CODESYS Development System is a set of programming tools developed by the German company CODESYS, used in the fields of industrial controllers and automation technology. There is a security vulnerability in the CODESYS Development System. This vulnerability stems from the incorrect default...

8.5CVSS5.8AI score0.00105EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Joomla! 跨站脚本漏洞

Joomla! is an open-source, free-content management system developed by Joomla! Foundation. The Joomla! Framework has a cross-site scripting vulnerability, which stems from the lack of input filtering. This leads to the presence of cross-site scripting vectors in the HTML filtering code...

6.9CVSS5.6AI score0.00144EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Vanetza 安全漏洞

Vanetza is an open-source implementation of a vehicle communication protocol suite developed by Raphael Riebl. Versions of Vanetza prior to 26.02 contained security vulnerabilities. These vulnerabilities stemmed from the ASN.1 decoder accepting V2X messages that are syntactically valid but...

7.5CVSS5.8AI score0.00202EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

WordPress plugin Taxi Booking Manager for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

5.3CVSS5.8AI score0.00191EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Silicon Simplicity SDK 安全漏洞

The Silicon Simplicity SDK is an embedded software development platform provided by Silicon Corporation. It is used to build IoT products based on our 2-series and upcoming 3-series wireless and MCU devices. The Silicon Simplicity SDK has a security vulnerability. Attackers can compromise the...

8.8CVSS5.8AI score0.00202EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Eppendorf BioFlo 320 安全漏洞

The Eppendorf BioFlo 320 is a laboratory bioreactor control system developed by the German company Eppendorf. The Eppendorf BioFlo 320 has a security vulnerability, which stems from the VNC server using hard-coded passwords. This vulnerability could allow remote attackers to gain complete control...

9.8CVSS5.8AI score0.00498EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

IBM HTTP Server 资源管理错误漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain resource management vulnerabilities that can lead to denial-of-service attacks when attackers have permission to write to certain server...

9.1CVSS5.8AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

IBM HTTP Server 安全漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain security vulnerabilities; these vulnerabilities stem from the optional module modmemcache, which may lead to denial-of-service attacks...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control. This vulnerability arises from improper access checks, allowing unauthorized users to elevate their privileges by editing Web service...

9.8CVSS5.8AI score0.00292EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

MediaInfoLib 安全漏洞

MediaInfoLib is a tool developed by MediaArea for displaying technical information and tag data related to audio and video files. MediaInfoLib has a security vulnerability, which stems from a heap buffer overflow issue during LXF parsing...

7.8CVSS6AI score0.00207EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Joomla! CMS 授权问题漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has authorization-related vulnerabilities, which stem from insufficient state checks, allowing bypasses of 2FA authentication...

8.2CVSS5.8AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

GnuTLS 安全漏洞

GnuTLS is an open-source, free security communication library developed by GnuTLS that enables the implementation of SSL, TLS, and DTLS protocols. GnuTLS has a security vulnerability, which stems from a single-bit error in the bounds checking of PKCS12 package elements. This vulnerability could...

5.3CVSS5.8AI score0.00727EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.23 views

GnuTLS 信任管理问题漏洞

GnuTLS is an open-source, free security communication library developed by GnuTLS. GnuTLS has a trust management vulnerability, which stems from the certificate verification process. Customized certificates may cause incorrect backtracking during the verification of the common name field,...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Starlette 环境问题漏洞

Starlette is a lightweight ASGI framework/toolkit developed by Encode. It’s ideal for building asynchronous web services using Python. Versions of Starlette prior to 1.0.1 contained an environmental issue vulnerability. This vulnerability stemmed from the lack of validation of the HTTP Host reque...

6.5CVSS5.8AI score0.01438EPSS
Exploits2References7
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of null pointer checking in the l2capsockstatechangecb function within the Bluetooth L2CAP...

5.8AI score0.00123EPSS
Exploits0References5
Total number of security vulnerabilities195539