Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/04/15 12:0 a.m.•7 views

Adobe Framemaker Out-of-Bounds Read Vulnerability (CNVD-2026-19997)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. Adobe Framemaker suffers from an out-of-bounds read vulnerability that could be exploited by an attacker to cause...

7.8CVSS6.2AI score0.00173EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•7 views

Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2026-19438)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS6.2AI score0.00184EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•11 views

Adobe InDesign Desktop Out-of-Bounds Read Vulnerability (CNVD-2026-19442)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

7.8CVSS6.2AI score0.00161EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•10 views

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-19441)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause an application crash or denial of service...

5.5CVSS6AI score0.00143EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•8 views

Adobe DNG SDK Out-of-Bounds Write Vulnerability (CNVD-2026-19444)

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An out-of-bounds write vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause a denial of service in an application...

5.5CVSS5.8AI score0.00121EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•9 views

Adobe Connect Cross-Site Scripting Vulnerability (CNVD-2026-19445)

Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute malicious JavaScript in the context of the victim's browser by manipulating the DO...

9.3CVSS5.7AI score0.00304EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•9 views

Adobe InDesign Desktop Memory Misreference Vulnerability

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe InDesign Desktop, which can be exploited by an attacker to execute arbitrary code on the system...

7.8CVSS6.2AI score0.00165EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•11 views

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-19446)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

7.8CVSS6.4AI score0.00178EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•5 views

Adobe Connect Cross-Site Scripting Vulnerability (CNVD-2026-18680)

Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit the vulnerability to steal the victim's...

9.3CVSS5.7AI score0.00304EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•5 views

Adobe Connect Cross-Site Scripting Vulnerability (CNVD-2026-18678)

Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit the vulnerability to steal the victim's...

6.1CVSS5.7AI score0.00225EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•3 views

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-17785)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

7.8CVSS6.5AI score0.00178EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•6 views

Adobe Bridge heap buffer overflow vulnerability (CNVD-2026-17742)

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on a system or cause an application to crash...

7.8CVSS6.5AI score0.00254EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•11 views

Adobe Framemaker Numeric Error Vulnerability (CNVD-2026-19995)

Adobe Framemaker is a professional desktop publishing software for creating and editing large technical documents. A numeric error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

7.8CVSS6AI score0.00173EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•10 views

Adobe Framemaker Untrusted Search Path Vulnerability

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. An untrusted search path vulnerability exists in Adobe Framemaker, which could be exploited by an attacker to caus...

8.6CVSS6AI score0.00173EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•9 views

Adobe Framemaker Numeric Error Vulnerability (CNVD-2026-19994)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A numeric error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause arbitrary...

7.8CVSS6AI score0.00173EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•7 views

Schneider Electric PowerChute Serial Shutdown Log Message Disclosure Vulnerability

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a log information disclosure vulnerability that can be exploited by an attacker to cause a W...

5CVSS5.3AI score0.00103EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•13 views

Schneider Electric PowerChute Serial Shutdown Security Bypass Vulnerability (CNVD-2026-18328)

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. A security bypass vulnerability exists in Schneider Electric PowerChute Serial Shutdown that stems from improper validation of a specified number of...

5.3CVSS5.4AI score0.0017EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•4 views

Fortinet FortiWeb input validation error vulnerability (CNVD-2026-25596)

Fortinet FortiWeb is a Web Application Firewall WAF product, primarily used to protect web applications from various attacks. Fortinet FortiWeb has a security vulnerability. This vulnerability stems from improper handling of certain data. Attackers can exploit this vulnerability to trigger a...

4.9CVSS6.3AI score0.00366EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•3 views

Fortinet FortiSandbox Cross-site Scripting Vulnerability (CNVD-2026-25595)

Fortinet FortiSandbox is a advanced threat protection solution, primarily used for detecting and analyzing malware and unknown threats. Fortinet FortiSandbox has a cross-site scripting vulnerability. This vulnerability stems from the failure to properly neutralize user inputs during web page...

4.8CVSS6AI score0.00193EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•9 views

Schneider Electric PowerChute Serial Shutdown Resource Management Error Vulnerability

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a Resource Management Error vulnerability that stems from uncontrolled resource consumption,...

6.5CVSS5.5AI score0.00245EPSS
Exploits0
CNVD
CNVD
•added 2026/04/15 12:0 a.m.•10 views

Adobe Framemaker Input Validation Error Vulnerability (CNVD-2026-19992)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. An input validation error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause...

6.3CVSS5.9AI score0.00155EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•13 views

FFmpeg av_bprint_finalize() function heap buffer overflow vulnerability

FFmpeg is an open source software library for processing multimedia data. A heap buffer overflow vulnerability exists in FFmpeg. The vulnerability stems from the avbprintfinalize function failing to properly handle specially crafted input and can be exploited by an attacker to cause a denial of...

7.5CVSS6AI score0.00452EPSS
Exploits1
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•6 views

Huawei HarmonyOS File System Out-of-Bounds Write Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei HarmonyOS file system, which can be exploited by an attacker to cause availability to be compromise...

6.7CVSS5.7AI score0.00078EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•3 views

Huawei HarmonyOS and EMUI LBS module privilege bypass access vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A privilege bypass access vulnerability exists in Huaw...

7.7CVSS5.8AI score0.00169EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•6 views

Huawei HarmonyOS and EMUI kernel module memory misreference vulnerability (CNVD-2026-17177)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A memory misreference vulnerability exists in Huawei...

7.1CVSS5.7AI score0.00099EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•4 views

WordPress Plugin User Registration & Membership Input Validation Error Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin User Registration & Membership has an input validation error vulnerability tha...

6.1CVSS5.6AI score0.00663EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•9 views

Huawei HarmonyOS Communication Module Memory Misreference Vulnerability (CNVD-2026-20003)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A memory misreference vulnerability exists in the Huawei HarmonyOS communication module, which can be exploited by an attacker to cause availability to be...

5.5CVSS5.8AI score0.0007EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•7 views

Huawei HarmonyOS Screen Management Module Memory Misreference Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A memory misreference vulnerability exists in the Huawei HarmonyOS screen management module, which can be exploited by an attacker to cause availability to b...

4.7CVSS5.8AI score0.00075EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•8 views

Huawei HarmonyOS Media Platform Stack Overflow Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A stack overflow vulnerability exists in the Huawei HarmonyOS media platform, which can be exploited by an attacker to cause availability to be compromised...

6.5CVSS5.8AI score0.00156EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•5 views

TOTOLINK A7000R cstecgi.cgi setWiFiEasyGuestCfg function ssid5g parameter stack buffer overflow vulnerability

TOTOLINK A7000R is a wireless router product that is mainly used to provide network connectivity and Wi-Fi access. TOTOLINK A7000R suffers from a stack buffer overflow vulnerability. The vulnerability stems from the setWiFiEasyGuestCfg function in the /cgi-bin/cstecgi.cgi file failing to properly...

9CVSS7.6AI score0.00575EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•8 views

Totolink A3002MU formWlanSetup file wan-url parameter stack buffer overflow vulnerability

Totolink A3002MU is a wireless router product that provides network connectivity and wireless access. A stack buffer overflow vulnerability exists in the Totolink A3002MU. The vulnerability stems from a failure to properly handle the wan-url parameter in the HTTP request handling component, which...

9CVSS8.3AI score0.00472EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•5 views

Huawei HarmonyOS Memo Module Access Control Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An access control vulnerability exists in the Huawei HarmonyOS memoization module, which can be exploited by an attacker to cause confidentiality and...

6.5CVSS5.7AI score0.00135EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•3 views

Huawei HarmonyOS Communication Module Memory Misreference Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A memory misreference vulnerability exists in the Huawei HarmonyOS communication module, which can be exploited by an attacker to cause availability to be...

4.1CVSS5.7AI score0.00073EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•4 views

Huawei HarmonyOS Application Read Module Boundary Unrestricted Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A boundary-unlimited vulnerability exists in the Huawei HarmonyOS application read module, which can be exploited by an attacker to cause availability to be...

6.8CVSS5.7AI score0.00075EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•5 views

Huawei HarmonyOS Thermal Management Module Competitive Conditions Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS thermal management module that can be exploited by an attacker to cause availability to ...

6.3CVSS5.7AI score0.00064EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•6 views

Huawei HarmonyOS and EMUI kernel module out-of-bounds write vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. An out-of-bounds write vulnerability exists in the...

5.7CVSS5.7AI score0.0011EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•10 views

Huawei HarmonyOS Communication Module Memory Misreference Vulnerability (CNVD-2026-20004)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A memory misreference vulnerability exists in the Huawei HarmonyOS communication module, which can be exploited by an attacker to cause availability to be...

7.5CVSS5.8AI score0.00133EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•7 views

Huawei HarmonyOS WEB Module Out-of-Bounds Write Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei HarmonyOS WEB module, which can be exploited by an attacker to compromise confidentiality and...

5.1CVSS5.8AI score0.00077EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•5 views

Huawei HarmonyOS WEB module out-of-bounds write vulnerability (CNVD-2026-17169)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei HarmonyOS WEB module, which can be exploited by an attacker to compromise confidentiality and...

10CVSS5.8AI score0.00211EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•5 views

Huawei HarmonyOS Notification Service Competitive Conditions Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS notification service, which can be exploited by attackers to cause availability to be...

5.9CVSS5.8AI score0.00156EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•7 views

WordPress Plugin Product Filter for WooCommerce by WBW Has Unspecified Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Product Filter for WooCommerce by WBW,...

8.6CVSS5.6AI score0.00358EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•7 views

Huawei HarmonyOS multi-mode input system double release vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A double-release vulnerability exists in the Huawei HarmonyOS multi-mode input system, which can be exploited by an attacker to cause an availability impact...

5.6CVSS5.8AI score0.00088EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•6 views

Huawei HarmonyOS Power Consumption Statistics Module Competitive Conditions Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Power Consumption Statistics module, which can be exploited by an attacker to cause...

6.3CVSS5.7AI score0.00064EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•8 views

Huawei HarmonyOS and EMUI kernel module memory misreference vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A memory misreference vulnerability exists in Huawei...

7.1CVSS5.7AI score0.00077EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•12 views

Huawei HarmonyOS Event Notification Module Competitive Condition Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A contention condition vulnerability exists in the Huawei HarmonyOS event notification module, which stems from a failure of the event notification module to...

7.5CVSS5.8AI score0.00126EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•9 views

Tenda F456 fromNatStaticSetting Parameter Stack Buffer Overflow Vulnerability

Tenda F456 is a home wireless router product that is mainly used to provide wireless network access and network management functions. The Tenda F456 suffers from a stack buffer overflow vulnerability. The vulnerability stems from the failure of the fromNatStaticSetting function in...

9CVSS7.5AI score0.00447EPSS
Exploits0
CNVD
CNVD
•added 2026/04/14 12:0 a.m.•8 views

FFmpeg read_global_param() function out-of-bounds read vulnerability

FFmpeg is an open source software library for processing multimedia data. An out-of-bounds read vulnerability exists in FFmpeg. The vulnerability stems from a failure of the readglobalparam function to properly handle specially crafted input, which can be exploited by an attacker to cause a denia...

7.5CVSS5.7AI score0.00337EPSS
Exploits1
CNVD
CNVD
•added 2026/04/13 12:0 a.m.•6 views

Tenda F451 SetIpBind fromSetIpBind page parameter stack buffer overflow vulnerability

Tenda F451 is a wireless router product that provides network connectivity and wireless coverage. The Tenda F451 suffers from a stack buffer overflow vulnerability. The vulnerability stems from the failure of the fromSetIpBind function in /goform/SetIpBind to properly handle the page parameter,...

9CVSS7.6AI score0.00623EPSS
Exploits0
CNVD
CNVD
•added 2026/04/10 12:0 a.m.•7 views

Discourse authorization issue vulnerability (CNVD-2026-17262)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse is vulnerable to an authorization issue. The vulnerability stems from the fact that a user who loses access to a topic can stil...

6.3CVSS5.7AI score0.0016EPSS
Exploits0
CNVD
CNVD
•added 2026/04/10 12:0 a.m.•4 views

Discourse cross-site scripting vulnerability (CNVD-2026-17253)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a cross-site scripting vulnerability that can be exploited by an attacker to inject arbitrary HTML and JavaScript...

6.1CVSS5.7AI score0.00169EPSS
Exploits0
Total number of security vulnerabilities131179