Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/03/31 12:0 a.m.•5 views

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2026-16879)

IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for data quality governance, data integration and master data management. A security vulnerability exists in IBM InfoSphere Information Server that stems from improper validation of HOST header input. An attacke...

6.5CVSS5.6AI score0.00221EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•5 views

Multiple Apple Products Cross-Border Access Vulnerability

Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. apple iPadOS is an operating system for iPad tablets. An out-of-bounds access vulnerability exists in multiple Apple products, which can be exploited by an attacker to terminate a proce...

6.5CVSS7.9AI score0.00724EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•6 views

Unspecified vulnerability in Apple macOS Tahoe (CNVD-2026-19042)

Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe contains a security vulnerability that can be exploited by attackers to cause an application to access protected user data...

5.5CVSS5.8AI score0.00124EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•5 views

Unspecified vulnerability in Apple macOS Tahoe (CNVD-2026-19036)

Apple macOS Tahoe is an operating system from the American company Apple. A security vulnerability exists in Apple macOS Tahoe, which can be exploited by an attacker to cause a document to be written to a temporary file when using Print Preview...

3.3CVSS5.8AI score0.00122EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•4 views

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2026-16131)

IBM InfoSphere Information Server is IBM's data integration platform for integrating, cleansing, transforming and managing enterprise data. An information disclosure vulnerability exists in IBM InfoSphere Information Server that stems from the system returning overly detailed error messages. An...

4.3CVSS5.9AI score0.00284EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•5 views

IBM Concert Encryption Problem Vulnerability (CNVD-2026-16134)

IBM Concert is IBM's collaborative application lifecycle management platform. A security vulnerability exists in IBM Concert that originates when the program transmits data in clear text. An attacker could exploit the vulnerability to intercept and obtain sensitive information via man-in-the-midd...

5.9CVSS5.8AI score0.00186EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•4 views

IBM Concert Access Control Error Vulnerability (CNVD-2026-16128)

IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. An Access Control Error vulnerability exists in IBM Concert 2.2.0 and prior versions. The vulnerability stems from a lack of functional-level access...

5.5CVSS5.9AI score0.00147EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•4 views

HCL Aftermarket DPC Input Validation Error Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from an input validation error vulnerability that can be exploited by an attacker to inject executable code and perform cross-site scripting, SQL injection, command injectio...

9.8CVSS5.9AI score0.00997EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•6 views

Unspecified vulnerability in Apple macOS Tahoe (CNVD-2026-19043)

Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe contains a security vulnerability that can be exploited by attackers to cause an application to bypass Gatekeeper checks...

3.3CVSS5.8AI score0.0013EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•8 views

HCL Aftermarket DPC Cross-Site Scripting Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an...

4.3CVSS5.8AI score0.00231EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•6 views

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15830)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a security vulnerability that can be exploited by an attacker to obtain system software and version details to carry out software-specific attacks...

5.3CVSS5.9AI score0.00225EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•16 views

Code execution vulnerability in multiple Mozilla products (CNVD-2026-19985)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due to...

9.1CVSS8AI score0.0043EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•8 views

Unspecified vulnerability in HCL Aftermarket DPC (CNVD-2026-15829)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a security vulnerability that can be exploited by attackers to more easily guess weak passwords or gain unauthorized access to user accounts using brute force technique...

9.8CVSS5.9AI score0.00242EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•6 views

WordPress Plugin Abandoned Cart Recovery for WooCommerce Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Abandoned Cart Recovery for WooCommerce has a cross-site scripting vulnerabili...

7.1CVSS6AI score0.00175EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•47 views

Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-17912)

Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is a suite of operating systems developed for mobile devices.Apple iPadOS is a suite of operating systems for the iPad tablet computer. A security vulnerability exists in...

4.3CVSS5.4AI score0.00636EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•5 views

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15837)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. A security vulnerability exists in HCL Aftermarket DPC, which can be exploited by an attacker to execute arbitrary commands or inject harmful content based on the way the web application handles split...

8.8CVSS6.1AI score0.00318EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•8 views

Information Disclosure Vulnerability in Multiple Mozilla Products (CNVD-2026-19990)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An information disclosure vulnerability exists in several Mozilla produc...

7.5CVSS7.3AI score0.00385EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•5 views

Unspecified Vulnerability in HCL Aftermarket DPC

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by an attacker to read sensitive files on the system and use them for further attacks...

7.5CVSS5.9AI score0.0032EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•17 views

Code Issue Vulnerability in Multiple Mozilla Products (CNVD-2026-19982)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products due to an...

7.5CVSS7.4AI score0.00452EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•9 views

Unspecified Vulnerability in Apple macOS Tahoe (CNVD-2026-19035)

Apple macOS Tahoe is an operating system from the American company Apple. A security vulnerability exists in Apple macOS Tahoe, which stems from a directory path resolution issue that can be exploited by attackers to cause an application to access sensitive user data...

5.3CVSS5.8AI score0.00299EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•7 views

FreeBSD Buffer Overflow Vulnerability (CNVD-2026-16037)

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A buffer overflow vulnerability exists in FreeBSD. The vulnerability stems from the routine to verify packet signatures in the RPCSECGSS implementation of kgssapi.ko not properly verifying data boundaries, which can be...

8.8CVSS6.4AI score0.01915EPSS
Exploits3
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•7 views

IBM Concert Code Issue Vulnerability (CNVD-2026-16136)

IBM Concert is IBM's collaborative application lifecycle management platform. An information disclosure vulnerability exists in IBM Concert that stems from the program failing to properly clear buffer resources. An attacker could exploit the vulnerability to access sensitive information in memory...

6.2CVSS6AI score0.00174EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•7 views

Unspecified vulnerability in Apple macOS Tahoe (CNVD-2026-19040)

Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe contains a security vulnerability that can be exploited by attackers to cause an application to access sensitive user data...

5.5CVSS5.8AI score0.00177EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•6 views

HCL Aftermarket DPC File Upload Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a file upload vulnerability, which stems from the application not strictly verifying or filtering user uploaded files, and can be exploited by an attacker to upload and...

9.8CVSS6AI score0.00295EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•7 views

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2026-16129)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server. The...

7.1CVSS5.9AI score0.00155EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•3 views

Linux kernel memory misreference vulnerability (CNVD-2026-16038)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A memory misreference vulnerability exists in the Linux kernel. The vulnerability stems from a mix-up in the instruction responsible for freeing memory. An attacker could explo...

7.8CVSS6.2AI score0.00119EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•5 views

HCL Aftermarket DPC SQL Injection Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements, which can be exploited by an attacker to execut...

8.3CVSS6AI score0.00271EPSS
Exploits0
CNVD
CNVD
•added 2026/03/31 12:0 a.m.•7 views

HCL Aftermarket DPC Hardcoding Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a hard-coded vulnerability that originates from hard-coded sensitive data, which can be exploited by an attacker to gain access to source code or retrieve these...

7.5CVSS6AI score0.00191EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•17 views

MailEnable Attendees Parameter Cross-Site Scripting Vulnerability

MailEnable is a Windows-based business email server. A cross-site scripting vulnerability exists in the MailEnable Attendees parameter, which stems from improper cleanup of the Attendees parameter in the FreeBusy.aspx form in the Webmail interface, and can be exploited by an attacker to execute...

6.1CVSS5.9AI score0.00307EPSS
Exploits1
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•5 views

Dell Integrated Dell Remote Access Controller Code Execution Vulnerability

Dell Integrated Dell Remote Access Controller is an embedded controller for remote management and monitoring of servers from Dell USA. A code execution vulnerability exists in Dell Integrated Dell Remote Access Controller. The vulnerability stems from the application failing to properly filter...

5.3CVSS6.5AI score0.00179EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•4 views

OpenClaw Command Execution Vulnerability (CNVD-2026-16046)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a command execution vulnerability that can be exploited by an attacker to cause an authenticated operator to execute arbitrary parameters...

8.8CVSS6.2AI score0.00406EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•5 views

WordPress Plugin Download Manager Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. The WordPress plugin Download Manager information disclosure vulnerability, which stems from a...

4.3CVSS5.8AI score0.00222EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•15 views

MailEnable SelectedIndex Parameter Cross-Site Scripting Vulnerability

MailEnable is a Windows-based business email server. A cross-site scripting vulnerability exists in the MailEnable SelectedIndex parameter. The vulnerability stems from improper cleanup of the SelectedIndex parameter of the ManageShares.aspx form in the Webmail interface, which can be exploited b...

6.1CVSS5.9AI score0.00307EPSS
Exploits1
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•6 views

OpenClaw has an unspecified vulnerability (CNVD-2026-16391)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to skip approval requirements...

5.3CVSS5.7AI score0.00108EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•2 views

OpenClaw has an unspecified vulnerability (CNVD-2026-16385)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to cause reuse of pairing approvals across multiple accounts...

8.1CVSS5.7AI score0.00165EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•4 views

OpenClaw has an unspecified vulnerability (CNVD-2026-16387)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that can be exploited by an attacker to cause an authenticated caller with operator.write scope to invoke the owner-only tool interface...

8.8CVSS5.7AI score0.00412EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•4 views

OpenClaw has an unspecified vulnerability (CNVD-2026-16389)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by attackers to bypass SSRF protection...

7.6CVSS5.8AI score0.00221EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•4 views

Unspecified Vulnerability in OpenClaw (CVE-2026-32913)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that can be exploited by an attacker to cause custom authorization headers to be forwarded during cross-origin redirection, thereby intercepting sensitive information...

9.3CVSS5.7AI score0.00316EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•4 views

OpenClaw Sandbox Escape Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a sandbox escape vulnerability that can be exploited by an attacker to cause a bypass of sandbox restrictions...

7.1CVSS5.7AI score0.00104EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•3 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-16041)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from the BlueBubbles webhook handler containing a passwordless fallback authentication path, which can be exploited by an attacker to cause an...

6.5CVSS5.9AI score0.00249EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•3 views

OpenClaw OS Command Injection Vulnerability (CNVD-2026-16043)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability. The vulnerability stems from the safeBins configuration failing to properly filter constructed command special characters, commands, etc., which can...

7.1CVSS6.1AI score0.00197EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•7 views

OpenClaw has an unspecified vulnerability (CNVD-2026-16048)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to cause a bypass of token and password requirements...

9.1CVSS5.9AI score0.00401EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•5 views

OpenClaw has an unspecified vulnerability (CNVD-2026-16049)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to execute arbitrary code without sandbox escape...

9.8CVSS6.3AI score0.00288EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•2 views

OpenClaw OS Command Injection Vulnerability (CNVD-2026-16044)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability. The vulnerability is caused by failing to filter the shell startup environment variables HOME and ZDOTDIR in the system.run function. An attacker ca...

9.8CVSS6.3AI score0.00559EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•4 views

OpenClaw Security Bypass Vulnerability (CNVD-2026-16051)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security bypass vulnerability that can be exploited by an attacker to cause a remote attacker to bypass sender authorization checks...

6.5CVSS5.9AI score0.00255EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•1 views

OpenClaw OS Command Injection Vulnerability (CNVD-2026-16050)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability that can be exploited by an attacker to execute arbitrary commands on the system...

7.5CVSS6.1AI score0.0063EPSS
Exploits1
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•2 views

OpenClaw path traversal vulnerability (CNVD-2026-16057)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to weaken bound source isolation by symbolically linking the parent directory to bypass the allowed root directory and prevent path...

7.5CVSS5.9AI score0.00254EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•1 views

OpenClaw Security Bypass Vulnerability (CNVD-2026-16055)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to cause bypassing of interactive approval prompts...

5.4CVSS5.9AI score0.00257EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•2 views

OpenClaw Command Execution Vulnerability (CNVD-2026-16054)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a command execution vulnerability that can be exploited by an attacker to bypass expected execution limits...

7.1CVSS6AI score0.00333EPSS
Exploits0
CNVD
CNVD
•added 2026/03/26 12:0 a.m.•2 views

OpenClaw Security Bypass Vulnerability (CNVD-2026-16056)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security bypass vulnerability that can be exploited by an attacker to cause replay events to bypass duplicate checks...

6.9CVSS5.9AI score0.00337EPSS
Exploits0
Total number of security vulnerabilities131179