Lucene search
K

130931 matches found

CNVD
CNVD
•added 2025/02/17 12:0 a.m.•6 views

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2025-04977)

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting...

5.4CVSS6.1AI score0.00213EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•7 views

Linux kernel mlx5_lag_port_sel_create function resource management error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from the mlx5lagportselcreate function failing to properly clean up allocated resources when ...

5.5CVSS7.7AI score0.00199EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•8 views

Linux kernel fec_enet_update_cbd function code issue vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel that stems from the fecenetupdatecbd function not properly handling the return of NULL when calling...

5.5CVSS7.2AI score0.002EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•6 views

Google Android elevation of privilege vulnerability (CNVD-2025-05219)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to elevate privileges...

8.4CVSS7.1AI score0.00089EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•13 views

GNU Binutils Buffer Overflow Vulnerability (CNVD-2025-03953)

GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

7.5CVSS8AI score0.00732EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•8 views

Tenda A18 Buffer Overflow Vulnerability

Tenda A18 is an AC1200 dual-band Wi-Fi repeater from China's Tenda. A buffer overflow vulnerability exists in Tenda A18 15.13.07.09 and earlier versions, which stems from the parameter wpapskcrypto5g failing to correctly validate the length and size of the input data, and can be exploited by an...

9.8CVSS8.4AI score0.01116EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•4 views

FreeBSD ktrace Information Disclosure Vulnerability

FreeBSD ktrace is a tool from the FreeBSD Foundation for tracing system calls. An information disclosure vulnerability exists in FreeBSD ktrace due to a flaw in the ktrace facility. An attacker can exploit the vulnerability to obtain the contents of kernel structure information...

4.9CVSS5.9AI score0.00348EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•2 views

SonicWall NetExtender Windows client elevation of privilege vulnerability (CNVD-2025-12370)

SonicWall NetExtender Windows client is a software application from SonicWALL USA that allows remote users to connect to remote networks in a secure manner. Provides simple and secure access for Windows and Linux users. An elevation of privilege vulnerability exists in the SonicWall NetExtender...

5.5CVSS6.5AI score0.00194EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•3 views

Dell NetWorker Code Execution Vulnerability

Dell NetWorker is an enterprise-class data protection solution offered by Dell as part of the Dell Data Protection Suite that supports the protection of critical workloads across heterogeneous environments. A code execution vulnerability exists in Dell NetWorker. An attacker could exploit the...

7.8CVSS7.7AI score0.00198EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•1 views

GNU Binutils Memory Corruption Vulnerability (CNVD-2025-09685)

GNU Binutils is a set of programming language utility programs developed by the American GNU community. A memory corruption vulnerability exists in GNU Binutils, which originates from the function bfdelfrelocsymboldeletedp in bfd/elflink.c. No details of the vulnerability are provided at this tim...

5.1CVSS7.2AI score0.00542EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•2 views

GNU Binutils Buffer Overflow Vulnerability

GNU Binutils is a set of programming language utility programs developed by the American GNU community. A buffer overflow vulnerability exists in GNU Binutils. No details of the vulnerability are available at this time...

5.1CVSS7.5AI score0.00619EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•1 views

GNU Binutils Memory Corruption Vulnerability (CNVD-2025-09688)

GNU Binutils GNU Binary Utilities is a set of programming language utilities developed by the American GNU community. A memory corruption vulnerability exists in GNU Binutils. The vulnerability originates from the function bfdelfgcmarkrsec in bfd/elflink.c. No details of the vulnerability are...

5.1CVSS7.2AI score0.00657EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•3 views

GNU Binutils Memory Corruption Vulnerability (CNVD-2025-09689)

GNU Binutils is a set of programming language utility programs developed by the American GNU community. A memory corruption vulnerability exists in GNU Binutils. The vulnerability originates from the bfdputl64 function in the bfd/libbfd.c file, and no details of the vulnerability are provided at...

7.5CVSS7.2AI score0.00523EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•4 views

GNU Binutils Memory Corruption Vulnerability (CNVD-2025-09687)

GNU Binutils is a set of programming language utility programs developed by the American GNU community. A memory corruption vulnerability exists in GNU Binutils. No details of the vulnerability are available at this time...

6.3CVSS7.2AI score0.00735EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•2 views

JetBrains TeamCity Cross-Site Scripting Vulnerability (CNVD-2025-13413)

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

6.1CVSS5.9AI score0.00349EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•4 views

FreeBSD Buffer Overflow Vulnerability (CNVD-2025-09231)

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD suffers from a buffer overflow vulnerability that stems from the implementation of VOPVPTOFH in the cd9660, tarfs, and ext2fs filesystems that causes the target FID buffer to overflow by 4 bytes, which can be...

6CVSS7.9AI score0.0042EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•1 views

Ivanti CSA Path Traversal Vulnerability

Ivanti CSA is a locally deployed virtual appliance designed to simplify and enhance the integration of Ivanti products with cloud services. The Ivanti CSA suffers from a path traversal vulnerability that arises when the program fails to properly filter special elements in the path of a resource o...

5.3CVSS7.1AI score0.00947EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•8 views

FreeBSD Information Disclosure Vulnerability (CNVD-2025-09230)

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD suffers from an information disclosure vulnerability that is caused by a failure to properly assign privileges flaw. An attacker could exploit this vulnerability to access system files...

6.5CVSS6.2AI score0.0029EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•6 views

GNU Binutils ldelfgen.c file memory leak vulnerability

GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

3.1CVSS6.7AI score0.00591EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•11 views

Unspecified Vulnerability in Google Chrome (CNVD-2025-03649)

Google Chrome is a web browser from Google, an American company. Google Chrome has a security vulnerability that can be exploited by attackers to cause phishing attacks that spoof users...

5.4CVSS6.3AI score0.00368EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•12 views

GNU Binutils xstrdup.c file memory leak vulnerability

GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

3.7CVSS6.7AI score0.00564EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•15 views

GNU Binutils format.c File Buffer Overflow Vulnerability

GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

5.9CVSS8.1AI score0.01252EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•6 views

GNU Binutils nm.c File Buffer Overflow Vulnerability

GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

5.3CVSS8.1AI score0.00619EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/17 12:0 a.m.•7 views

Linux kernel cifs_put_tcp_session function resource management error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from the fact that the cifsputtcpsession function may still be attempting to reconnect to a D...

5.5CVSS6.5AI score0.002EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•14 views

Microsoft Excel Resource Management Error Vulnerability (CNVD-2025-02966)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A resource management error vulnerability exists in Microsoft Excel. An attacker exploiting this vulnerability could remotely execute code...

8.4CVSS8.2AI score0.00934EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•9 views

Microsoft Office Resource Management Error Vulnerability (CNVD-2025-02963)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A resource management error vulnerability exists in Microsoft Office. No detailed vulnerability details are...

7.8CVSS7.5AI score0.01087EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•15 views

Microsoft Access Code Execution Vulnerability

Microsoft Access is a relational database management system in the Office suite of the U.S. Microsoft Microsoft Corporation. A code execution vulnerability exists in Microsoft Access, which can be exploited by an attacker to execute arbitrary code on the system...

7.8CVSS7.6AI score0.00997EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•5 views

Microsoft Office Security Feature Bypass Vulnerability (CNVD-2025-04196)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A security feature bypass vulnerability exists in Microsoft Office, which can be exploited by attackers to...

7.8CVSS6.6AI score0.00659EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•11 views

Microsoft Office Code Problem Vulnerability (CNVD-2025-02965)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. Common components of this product include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code issue vulnerability exists in Microsoft Office. An attacker exploiting this vulnerability cou...

7.8CVSS7.6AI score0.00917EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•11 views

Microsoft SharePoint Input Validation Error Vulnerability (CNVD-2025-02964)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. An input validation...

7.8CVSS7.4AI score0.00826EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•10 views

Microsoft SharePoint Authorization Issues Vulnerability (CNVD-2025-02968)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. Microsoft SharePoint ...

7.2CVSS6.7AI score0.01742EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•1 views

Adobe Commerce Cross-Site Scripting Vulnerability

Adobe Commerce is an enterprise-grade e-commerce solution designed to deliver a superior online shopping experience for B2B and B2C businesses worldwide. A cross-site scripting vulnerability exists in Adobe Commerces. The vulnerability stems from a failure to properly process user input and can b...

8.7CVSS5.4AI score0.00736EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•2 views

Microsoft Word Code Execution Vulnerability (CNVD-2025-17477)

Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8AI score0.00755EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•6 views

Microsoft Outlook Code Execution Vulnerability (CNVD-2026-00043)

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A code execution vulnerability exists in Microsoft Outlook, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8AI score0.00732EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•11 views

Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2025-02967)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A cross-site scriptin...

6.3CVSS5.8AI score0.01041EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•6 views

Unspecified vulnerability in Linux kernel (CNVD-2025-03201)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the SCSI ufs module not properly freeing HBAs upon removal, which could lead to a memory leak. No details of...

5.5CVSS6.5AI score0.00175EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•12 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-04189)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

8.4CVSS7.6AI score0.00941EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•8 views

Fortinet FortiOS Elevation of Privilege Vulnerability

FortiOS is a core network security operating system developed by Fortinet, widely used in FortiGate next-generation firewall, providing users with firewall, VPN, intrusion prevention, application control and other security functions. An elevation of privilege vulnerability exists in Fortinet...

8.8CVSS6.8AI score0.00574EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•7 views

Adobe Illustrators stack buffer overflow vulnerability (CNVD-2025-06309)

Adobe Illustrator is a professional vector graphic design software developed by Adobe, widely used in graphic design, illustration creation, web design and other fields. A stack buffer overflow vulnerability exists in Adobe Illustrators in versions 29.1, 28.7.3 and earlier. The vulnerability is...

7.8CVSS7.8AI score0.00362EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/14 12:0 a.m.•4 views

Microsoft Outlook Code Execution Vulnerability (CNVD-2026-00044)

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A code execution vulnerability exists in Microsoft Outlook, which can be exploited by an attacker to execute arbitrary code on a system...

6.7CVSS8AI score0.00551EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/13 12:0 a.m.•7 views

Google Pixel Stack Buffer Overflow Vulnerability

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a stack buffer overflow vulnerability that stems from a missing boundary check in the MTKFLPMSGHALDIAGREPORTDATANTF handler of flp2halinterface.c, which can be exploited by an attacker to cause a local...

7.8CVSS9.3AI score0.00085EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/13 12:0 a.m.•7 views

Google Pixel out-of-bounds write vulnerability (CNVD-2025-03265)

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an out-of-bounds write vulnerability that stems from a missing MTKWMT device driver boundary check in WMTunlockedioctl, which can be exploited by an attacker to cause a local privilege escalation...

7.8CVSS9.1AI score0.00084EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/13 12:0 a.m.•31 views

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel is a spreadsheet software written by Microsoft for computers using Windows and macOS operating systems. A remote code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute code on the target host...

7.8CVSS7.7AI score0.01072EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/13 12:0 a.m.•11 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-04193)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS7.6AI score0.00783EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/13 12:0 a.m.•6 views

Microsoft Excel Information Disclosure Vulnerability (CNVD-2025-04190)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information disclosure vulnerability exists in Microsoft Excel, which can be exploited by attackers to obtain sensitive information...

7.8CVSS5.9AI score0.00909EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/13 12:0 a.m.•10 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-04194)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS7.6AI score0.00783EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/13 12:0 a.m.•9 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-04191)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS7.6AI score0.00783EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/13 12:0 a.m.•8 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-04192)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS7.6AI score0.00875EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/13 12:0 a.m.•2 views

Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2025-24455)

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code...

8CVSS8.3AI score0.29778EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/13 12:0 a.m.•3 views

Google Chrome Resource Management Error Vulnerability (CNVD-2025-17128)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a resource management error vulnerability, which stems from post-release reuse in Skia, that can be exploited by an attacker to cause heap corruption via a crafted HTML page...

6.3CVSS6.9AI score0.00348EPSS
Exploits0References1
Total number of security vulnerabilities130931