Lucene search
K

130931 matches found

CNVD
CNVD
•added 2025/02/18 12:0 a.m.•6 views

Huawei HarmonyOS media library module privilege checksum vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege checking vulnerability exists in the Huawei HarmonyOS media library module, which can be exploited by an attacker to compromise confidentiality...

7.5CVSS6.7AI score0.00227EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•6 views

Huawei HarmonyOS ParamWatcher Module Identity Verification Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An identity verification vulnerability exists in the Huawei HarmonyOS ParamWatcher module, which can be exploited by an attacker to compromise confidentialit...

7.5CVSS6.7AI score0.00227EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•4 views

JetBrains TeamCity Cross-Site Scripting Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from a cross-site...

6.1CVSS5.8AI score0.02733EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•5 views

Google Pixel out-of-bounds write vulnerability (CNVD-2025-04495)

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an out-of-bounds write vulnerability that stems from a missing boundary check in gattServerSendResponseNative of comandroidbluetoothgatt.cpp, which can be exploited by an attacker to elevate local...

7.8CVSS6.6AI score0.0008EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•3 views

CMSimple has an unspecified vulnerability

CMSimple is a free content management system. An unspecified vulnerability exists in CMSimple, which can be exploited by an attacker to obtain sensitive information via a carefully crafted script that can be used to validate link functionality...

7.5CVSS6.3AI score0.00559EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•7 views

D-Link DIR-825 Command Injection Vulnerability

The D-Link DIR-825 is a router from China's AUO D-Link. A command injection vulnerability exists in the DLINK DIR-825 REVB version 2.03, which originates from a failure to properly filter construct command special characters, commands, etc. in the CGl interface apcclientpin.cgi. A remote attacker...

9.8CVSS7.9AI score0.01132EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•1 views

CMSimple Insecure Privilege Vulnerability

CMSimple is a PHP and HTML based content management system that helps users to quickly create simple and easy to use websites. CMSimple suffers from an insecure privilege vulnerability that can be exploited by an attacker to obtain sensitive information via a carefully crafted script to download...

7.5CVSS6.6AI score0.00544EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•3 views

Unspecified Vulnerability in CMSimple (CNVD-2026-00537)

CMSimple is a free content management system. An unspecified vulnerability exists in CMSimple, which can be exploited by an attacker to edit the log.php file via the print page...

9.1CVSS6.7AI score0.00451EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•3 views

Unspecified vulnerability in Tencent QQMail (CNVD-2025-06479)

Tencent QQMail is a mailbox software of China Tencent Tencent. An unspecified vulnerability exists in Tencent QQMail, which can be exploited by attackers to access sensitive user information...

6.5CVSS6.6AI score0.0031EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•1 views

Open5GS has an unspecified vulnerability (CNVD-2025-18579)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS has a security vulnerability that can be exploited by attackers to cause a denial of service...

7.5CVSS6.8AI score0.00712EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•10 views

Apache Hive Authorization Issues Vulnerability

Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. An...

5.5CVSS6.6AI score0.00274EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•7 views

F5 BIG-IP Next Central Manager Log Message Disclosure Vulnerability

F5 BIG-IP Next Central Manager is a centralized console from F5 USA. A log information disclosure vulnerability exists in F5 BIG-IP Next Central Manager, which originates from the possibility of recording sensitive information in log files when a user logs in using local authentication via the...

6.7CVSS6AI score0.00152EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•6 views

F5 BIG-IP Denial of Service Vulnerability (CNVD-2025-07325)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security vulnerability exists in the F5 BIG-IP that originates when SNMP v1 or v2c is disabled and can be exploited by an...

8.7CVSS6.7AI score0.00418EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•7 views

Huawei HarmonyOS Gallery Module Arbitrary Write Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An arbitrary write vulnerability exists in the Huawei HarmonyOS Gallery module, which can be exploited by an attacker to compromise confidentiality...

7.5CVSS6.8AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•6 views

Unspecified Vulnerability in LunaSVG

LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG that stems from a segmentation violation via the component grayfindcell inclusion. No detailed vulnerability details are provided at this time...

6.5CVSS6.9AI score0.00385EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•2 views

Zoom Jenkins Marketplace plugin information disclosure vulnerability

Zoom Jenkins Marketplace plugin is a plugin from Zoom USA. The Zoom Jenkins Marketplace plugin suffers from an information disclosure vulnerability that stems from a missing password field mask. An attacker can exploit this vulnerability to disclose sensitive information...

2.6CVSS5.7AI score0.0016EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•1 views

Open5GS Denial of Service Vulnerability (CNVD-2025-18578)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial-of-service vulnerability that stems from the gmmstateexception function mishandling a specific response error, which can be exploited by an...

7.5CVSS6.8AI score0.00447EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•3 views

Siemens SiPass Integrated Third-Party Component DotNetZip Directory Traversal Vulnerability

Siemens SiPass integrated is a powerful and flexible access control system for organizations of all sizes, from simple offices to large complex facilities containing thousands of doors, gates, barriers and elevators. A directory traversal vulnerability exists in DotNetZip, a third-party component...

8AI score
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•6 views

Huawei HarmonyOS and EMUI emcom module out-of-bounds write vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. An out-of-bounds write vulnerability exists in the...

9.8CVSS7.2AI score0.0026EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•2 views

Unspecified Vulnerability in Open5GS (CNVD-2025-18580)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS has a security vulnerability that can be exploited by attackers to cause a denial of service...

6.3CVSS6.8AI score0.00474EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/18 12:0 a.m.•9 views

Apache Cassandra Authorization Issues Vulnerability

Apache Cassandra is a distributed Nosql database from the American Apache Apache Foundation. Apache Cassandra suffers from an authorization issue vulnerability that stems from the inclusion of an incorrect authorization, which can be exploited by an attacker to access a datacenter or IP/CIDR grou...

5.4CVSS6.6AI score0.0099EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•12 views

Google Android onCreate function authorization issue vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an authorization issue vulnerability that stems from a lack of permission checking in the onCreate function of ChooserActivity.java, which can be exploited by an attacker to cause a bypass of...

8.4CVSS6.5AI score0.00085EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•11 views

GNU Binutils xmalloc.c file memory leak vulnerability

GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

3.1CVSS6.7AI score0.00531EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•12 views

Adobe Commerce Information Disclosure Vulnerability (CNVD-2025-04204)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An information disclosure vulnerability exists in Adobe Commerce, which can be exploited by attackers to obtain sensitive information...

6.5CVSS6AI score0.00936EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•11 views

Tenda W18E SetQuickcfgWifianDlogin Function Access Control Error Vulnerability

The Tenda W18E is a wireless router from the Chinese company Tenda. An access control error vulnerability exists in the Tenda W18E version 16.01.0.81625, which stems from a faulty access control in the SetQuickcfgWifianDlogin function, and can be exploited by an attacker to make unauthorized...

8.8CVSS7AI score0.00603EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•8 views

Tenda W18E SetLoginPassword Function Access Control Error Vulnerability

The Tenda W18E is a wireless router from the Chinese company Tenda. An access control error vulnerability exists in the Tenda W18E version 16.01.0.81625, which originates from an incorrect access control in the SetLoginPassword function, and can be exploited by an attacker to bypass the...

6.5CVSS7.3AI score0.00785EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•5 views

Adobe Commerce elevation of privilege vulnerability (CNVD-2025-05715)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause an escalation of privilege...

8.1CVSS7.3AI score0.00892EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•2 views

WAVLINK WL-WN575A3 Buffer Overflow Vulnerability

WAVLINK WL-WN575A3 is a wireless network signal extender from China RuiYin WAVLINK. The WAVLINK WL-WN575A3 suffers from a buffer overflow vulnerability that stems from a lack of length validation, and no details of the vulnerability are provided at this time...

5.1CVSS6.8AI score0.03686EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•2 views

Samsung Blockchain Keystore Out-of-Bounds Write Vulnerability

Samsung Blockchain Keystore is a secure storage solution introduced by South Korea's Samsung SAMSUNG on its mobile devices to protect users' blockchain keys and digital assets. Samsung Blockchain Keystore suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to...

6.3CVSS6.5AI score0.00137EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•2 views

TOTOLINK X6000R Buffer Overflow Vulnerability

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. No detailed vulnerability details are available at this time...

5.1CVSS6.8AI score0.00163EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•3 views

GNU Binutils Memory Corruption Vulnerability

GNU Binutils is a set of programming language utility programs developed by the American GNU community. The programs are primarily used to work with target files in a variety of formats, and are provided with connectors, assemblers, and other tools for target files and archives. A memory corrupti...

3.1CVSS3.6AI score0.00644EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•19 views

Google Chrome Code Execution Vulnerability (CNVD-2025-03651)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by out-of-bounds memory access in V8. An attacker can exploit the vulnerability to execute arbitrary code on the system...

7.5AI score
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•12 views

Google Chrome Code Execution Vulnerability (CNVD-2025-03650)

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome, which can be exploited by an attacker to execute arbitrary code on a system...

8.8CVSS7.5AI score0.0046EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•10 views

Fortinet FortiWeb OS Command Injection Vulnerability (CNVD-2025-03519)

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content...

7.2CVSS8AI score0.02316EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•11 views

Adobe InDesign Out-of-Bounds Read Vulnerability (CNVD-2025-03640)

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a sensitive memory leak...

5.5CVSS6.5AI score0.00276EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•15 views

Adobe InDesign Out-of-Bounds Write Vulnerability (CNVD-2025-03633)

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's environment...

7.8CVSS7.6AI score0.00259EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•16 views

Adobe InDesign Out-of-Bounds Write Vulnerability (CNVD-2025-03639)

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's environment...

7.8CVSS7.6AI score0.00275EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•13 views

Adobe Commerce elevation of privilege vulnerability (CNVD-2025-03637)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause an escalation of privilege...

4.3CVSS7AI score0.00481EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•16 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03635)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

8.1CVSS6.7AI score0.00851EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•8 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03632)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

6.5CVSS6.7AI score0.00708EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•7 views

Adobe Commerce elevation of privilege vulnerability (CNVD-2025-03629)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause an escalation of privilege...

5.4CVSS7AI score0.00415EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•8 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03627)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to potentially cause a security feature bypass...

4.3CVSS6.7AI score0.00514EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•7 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03624)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to perform operations with ungranted privileges...

4.3CVSS6.8AI score0.00514EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•8 views

Adobe Experience Manager cross-scripting vulnerability (CNVD-2025-03621)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS6.8AI score0.00368EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•6 views

Adobe Commerce Improper Access Control Vulnerability (CNVD-2025-04199)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An improper access control vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

6.5CVSS6.7AI score0.00708EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•6 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-04683)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS6.7AI score0.00449EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•9 views

Tenda W18E Information Disclosure Vulnerability

The Tenda W18E is a wireless router from the Chinese company Tenda. An information disclosure vulnerability exists in Tenda W18E version 16.01.0.81625, which stems from the application's lack of protection of sensitive information and can be exploited by an attacker to retrieve sensitive...

6.5CVSS6.1AI score0.0112EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•4 views

Tenda W18E Trust Management Issues Vulnerability (CNVD-2025-09403)

The Tenda W18E is a wireless router from the Chinese company Tenda. The Tenda W18E is vulnerable to a trust management issue that can be exploited by an attacker to access the web management portal...

8.8CVSS6.7AI score0.00554EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•5 views

Tenda W18E Trust Management Issues Vulnerability (CNVD-2025-09402)

The Tenda W18E is a wireless router from the Chinese company Tenda. The Tenda W18E suffers from a trust management issue vulnerability that stems from the presence of a default credentials vulnerability that can be exploited by an attacker to access the web management portal...

8.8CVSS6.7AI score0.00511EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•7 views

IBM Security Verify Access Cross-Site Scripting Vulnerability (CNVD-2025-06213)

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...

6.1CVSS6.2AI score0.00285EPSS
Exploits0References1
Total number of security vulnerabilities130931