Lucene search
K

130931 matches found

CNVD
CNVD
•added 2025/02/06 12:0 a.m.•3 views

coolLabs Coolify Command Injection Vulnerability

Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. A command injection vulnerability exists in coolLabs Coolify that stems from a failure to properly filter constructed command special characters, commands, etc. when changing the name of a project when creating or...

9.3CVSS7.8AI score0.00282EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•2 views

coolLabs Coolify Denial of Service Vulnerability

Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. coolLabs Coolify suffers from a denial of service vulnerability that stems from the fact that any authenticated user can revoke any team invitation on an instance by simply providing a predictable incremental ID, whic...

6.5CVSS6.7AI score0.00348EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•7 views

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2025-02824)

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting...

6.4CVSS6.1AI score0.00215EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•5 views

Centreon SQL Injection Vulnerability (CNVD-2025-03203)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. An SQL injection vulnerability exists in Centreon centreon-web, which stems from the application's lack...

9.1CVSS7.5AI score0.0109EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•6 views

Unspecified Vulnerability in LunaSVG (CNVD-2025-04485)

LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG, which stems from the inclusion of a segmentation violation found via the component compositionsourceover. No detailed vulnerability details are provided at this time...

6.5CVSS6.8AI score0.00334EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•7 views

Unspecified Vulnerability in LunaSVG (CNVD-2025-04484)

LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG that stems from the inclusion of a segmentation violation found via the component grayrecordcell. No detailed vulnerability details are provided at this time...

6.5CVSS6.9AI score0.00334EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•7 views

Unspecified Vulnerability in LunaSVG (CNVD-2025-04486)

LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG that stems from a containment segmentation violation found via the component plutovgpathaddpath. No detailed vulnerability details are provided at this time...

6.5CVSS6.9AI score0.00334EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•8 views

IBM Planning Analytics File Upload Vulnerability

IBM Planning Analytics is a suite of business planning analytics solutions from International Business Machines IBM. The solution supports automated execution of processes such as business planning, budgeting and analysis. A file upload vulnerability exists in IBM Planning Analytics that stems fr...

8.8CVSS7.2AI score0.00377EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•10 views

IBM Common Licensing Information Disclosure Vulnerability

IBM Common Licensing is a license management solution from International Business Machines IBM. IBM Common Licensing suffers from an information disclosure vulnerability that stems from storing user credentials in plain plaintext, which can be exploited by an attacker to cause them to be readable...

6.2CVSS5.9AI score0.00136EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•7 views

IBM Cognos Mobile Client Trust Management Issue Vulnerability

IBM Cognos Mobile Client is a mobile application for the IBM Cognos BI platform from International Business Machines IBM. IBM Cognos Mobile Client suffers from a trust management issue vulnerability that stems from a lack of certificate fixing, which can be exploited by an attacker to cause...

5.9CVSS6.1AI score0.00193EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•9 views

IBM Maximo Application Suite SQL Injection Vulnerability

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. An SQL injection vulnerability exists in IBM Maximo Application Suite. The vulnerability stems from the...

8.8CVSS7.4AI score0.00346EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•7 views

IBM Maximo Application Suite Input Validation Error Vulnerability

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. IBM Maximo Application Suite has an input validation error vulnerability that stems from not neutralizin...

5.3CVSS6.6AI score0.00273EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•9 views

IBM Maximo Application Suite Cross-Site Scripting Vulnerability (CNVD-2025-02820)

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Maximo Application Suite version 9.0.0. The...

6.1CVSS6.2AI score0.00248EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•4 views

IBM Analytics Content Hub Buffer Overflow Vulnerability

The IBM Analytics Content Hub is a clean streaming experience from International Business Machines IBM that visualizes relevant analytics content by extracting content from IBM and other analytics providers. IBM Analytics Content Hub suffers from a buffer overflow vulnerability that stems from...

8.8CVSS7.9AI score0.00701EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•8 views

IBM Cloud Pak System Information Disclosure Vulnerability (CNVD-2025-02817)

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An information disclosure vulnerability exists in...

7.5CVSS5.7AI score0.00314EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•6 views

IBM Cloud Pak System Path Traversal Vulnerability

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. A path traversal vulnerability exists in IBM Cloud...

5.3CVSS6.5AI score0.00478EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•7 views

Unspecified Vulnerability in SunGrow WiNet-S

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A security vulnerability exists in SunGrow WiNet-S version V200.001.00.P027 and prior versions, which can be exploited by an attacker to decrypt all firmware updates...

6.5CVSS6.9AI score0.00238EPSS
Exploits0References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•7 views

Unspecified Vulnerability in LunaSVG (CNVD-2025-04483)

LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG that stems from the component blendtransformedtiledargb.isra.0 containing a segmentation violation. No detailed vulnerability details are provided at this time...

6.5CVSS6.8AI score0.00386EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/06 12:0 a.m.•5 views

Unspecified vulnerability in LunaSVG (CNVD-2025-04482)

LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG that stems from the discovery of a containment allocation size oversize error via the component plutovgsurfacecreate. No detailed vulnerability details are provided at this time...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References1
CNVD
CNVD
•added 2025/02/05 12:0 a.m.•8 views

Nanjing Guanbao Technology Development Co., Ltd. safety education and training information system has information leakage vulnerability

Nanjing Tube Bao Technology Development Co., Ltd. is a high-tech enterprise focusing on computer hardware and software research and development, sales, service and system integration. There is an information leakage vulnerability in the security education and training information system of Nanjin...

6.8AI score
Exploits0
CNVD
CNVD
•added 2025/01/28 12:0 a.m.•5 views

File Upload Vulnerability in Operation and Maintenance Management Audit System of Shanghai Shangxun Information Technology Co.

Shanghai Shangxun Information Technology Co., Ltd. is a leading provider specializing in information security technology. A file upload vulnerability exists in the Operations and Maintenance Management and Audit System of Shanghai Shangxun Information Technology Company Limited, which can be...

7.2AI score
Exploits0
CNVD
CNVD
•added 2025/01/25 12:0 a.m.•11 views

Apache Hadoop Code Injection Vulnerability

Apache Ambari is an application from the Apache USA Foundation. Provides software developed to configure, manage and monitor Apache Hadoop clusters to simplify Hadoop management. A code injection vulnerability exists in Apache Hadoop. The vulnerability is due to a vulnerability in the Ambari...

8.8CVSS7.7AI score0.01421EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•12 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02436)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. Oracle MySQL has a security vulnerability in MySQL Server that can be exploited by an attacker to cause MySQL Server to hang or crash frequently and...

5.5CVSS6AI score0.00702EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•1 views

Magma null pointer dereference vulnerability (CNVD-2025-15069)

Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...

6.5CVSS6.2AI score0.00373EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•11 views

Microsoft Excel Code Problem Vulnerability (CNVD-2025-02829)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code issue vulnerability exists in Microsoft Excel. An attacker could exploit the vulnerability to bypass certain functionality...

7.8CVSS7.4AI score0.01565EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•4 views

Mattermost Mobile Apps Denial of Service Vulnerability (CNVD-2025-11092)

Mattermost Mobile Apps is a messaging mobile application from Mattermost USA. A denial of service vulnerability exists in Mattermost Mobile Apps that stems from a failure to properly validate post props, which can be exploited by an attacker to cause the application to crash...

6.5CVSS6.9AI score0.00502EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•3 views

Mattermost Mobile Apps Denial of Service Vulnerability (CNVD-2025-11094)

Mattermost Mobile Apps is a messaging mobile application from Mattermost USA. A denial of service vulnerability exists in Mattermost Mobile Apps that stems from the application failing to properly handle specially crafted attachment names. An attacker could use this vulnerability to cause the...

4.3CVSS6.9AI score0.00352EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•7 views

IBM Jazz Foundation Cross-Site Scripting Vulnerability (CNVD-2025-02830)

IBM Jazz Foundation is a next-generation collaboration platform for software delivery technology from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Jazz Foundation. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web ...

5.4CVSS6AI score0.00215EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•16 views

Microsoft Office Visio Remote Code Execution Vulnerability (CNVD-2025-02828)

Microsoft Office is a widely used office software suite that includes Word, Excel, PowerPoint, Visio, and other components that provide document editing, data analysis, presentation creation, and more. A remote code execution vulnerability exists in Microsoft Office Visio, which arises due to Use...

7.8CVSS7.9AI score0.00577EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•18 views

Microsoft Office Visio Remote Code Execution Vulnerability (CNVD-2025-02827)

Microsoft Office is a widely used office software suite that contains a variety of applications such as Word, Excel, PowerPoint and Visio. A remote code execution vulnerability exists in Microsoft Office Visio, which arises due to the use of incompatible types when accessing resources type...

7.8CVSS7.9AI score0.00707EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•18 views

Microsoft Access Remote Code Execution Vulnerability (CNVD-2025-02826)

Microsoft Access is a database management system widely used to create and manage database applications. A remote code execution vulnerability exists in Microsoft Access that originates from a Heap-based Buffer Overflow. An attacker could exploit this vulnerability to execute arbitrary code via...

7.8CVSS8AI score0.01117EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•15 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02310)

Oracle MySQL is an open source relational database management system from Oracle. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit the vulnerability to cause MySQL Server to hang or crash frequently and repeatedly...

4.9CVSS6AI score0.00985EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•11 views

Dell Display Manager Competitive Conditions Vulnerability

Dell Display Manager is a software for managing and adjusting Dell monitor settings. A competitive condition vulnerability exists in versions of Dell Display Manager prior to 2.3.2.20, which arises because shared resources are not properly synchronized during installation. An attacker could use...

6.6CVSS6.8AI score0.00102EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•4 views

Mattermost Mobile Apps Denial of Service Vulnerability (CNVD-2025-11093)

Mattermost Mobile Apps is a messaging mobile application from Mattermost USA. Mattermost Mobile Apps suffers from a denial of service vulnerability that stems from a failure to properly validate post attributes. An attacker could exploit the vulnerability to cause the application to crash...

6.5CVSS6.9AI score0.00502EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•8 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02308)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

4.9CVSS6AI score0.01228EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•9 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02306)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. Oracle MySQL has a security vulnerability in MySQL Server. An attacker can exploit the vulnerability to read a subset of MySQL Server accessible data...

4.3CVSS5.7AI score0.00541EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•13 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02324)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

4.9CVSS6AI score0.00833EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•23 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02305)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

4.9CVSS6AI score0.00968EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•20 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02440)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

4.9CVSS6AI score0.01025EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•9 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02434)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

6.5CVSS6AI score0.00975EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•13 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02325)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit the vulnerability to update, insert, or delete access to some...

5.4CVSS5.7AI score0.00481EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•12 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02321)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

4.4CVSS6AI score0.00828EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•28 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02320)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

4.9CVSS6AI score0.01025EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•13 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02313)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

6.5CVSS6AI score0.00994EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•12 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02309)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

4.9CVSS6AI score0.01236EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•16 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02433)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

4.9CVSS6AI score0.00911EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•4 views

Dell VxRail Plaintext Storage Password Vulnerability

Dell VxRail is a hyper-converged infrastructure HCI solution jointly designed by Dell Technologies and VMware, optimized for VMware workloads for virtualized applications, cloud computing and hybrid cloud management. Dell VxRail suffers from a plaintext storage password vulnerability that could b...

7.5CVSS6.8AI score0.00126EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•3 views

Grav Cross-Site Scripting Vulnerability (CNVD-2025-30358)

Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML via a specially crafte...

6.1CVSS6.1AI score0.00364EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•7 views

Linksys E8450 action parameter buffer overflow vulnerability

The Linksys E8450 is an E-series wireless router from Linksys USA. A buffer overflow vulnerability exists in the Linksys E8450 v1.2.00.360516, which originates when action parameters are copied to the stack without length validation, and can be exploited by a remote attacker to execute arbitrary...

6.5CVSS8.3AI score0.00693EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/24 12:0 a.m.•7 views

Linksys E8450 id_email_check_btn Command Injection Vulnerability

The Linksys E8450 is a router from Linksys USA. A command injection vulnerability exists in the Linksys E8450 v1.2.00.360516, which stems from idemailcheckbtn failing to correctly filter constructed command special characters, commands, and more. An attacker can exploit this vulnerability to caus...

8.8CVSS7.4AI score0.01729EPSS
Exploits1References1
Total number of security vulnerabilities130931