Lucene search
K

130931 matches found

CNVD
CNVD
•added 2025/01/03 12:0 a.m.•4 views

Google Android Out-of-Bounds Read Vulnerability (CNVD-2025-15178)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an out-of-bounds read vulnerability due to a lack of bounds checking in the ih264efmtconv420pto420sp function in the ih264efmtconv.c file, which can be exploited by an attacker to cause a denial ...

6.5CVSS6.9AI score0.00262EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•7 views

Google Android Denial of Service Vulnerability (CNVD-2025-03019)

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which stems from a lack of bounds checking in the ihevcdparseslicedata function in the ihevcdparseslice.c file, which can be exploited by an attacker to cause a...

6.5CVSS8.8AI score0.00296EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•7 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01681)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue with the handling of NULL pages by unpinuserpages in the mm/gup subsystem. No details of the...

5.5CVSS6.6AI score0.0017EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•15 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01675)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a vGPIO driver crash issue in the gpio graniterapids subsystem. No details of the vulnerability are provided...

5.5CVSS6.6AI score0.00185EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•8 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01674)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer problem in qibatch in the nested parent domain in the iommu/vt-d subsystem. No details of the...

5.5CVSS6.6AI score0.0018EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•2 views

Google Android Denial of Service Vulnerability (CNVD-2025-15177)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability due to a missing bounds check in the ih264dassignpicnum function in the ih264dutils.c file, which can be exploited by an attacker to cause a denial of service...

6.5CVSS6.9AI score0.00208EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•2 views

Unspecified vulnerability in GNU GRUB

GNU GRUB is a Linux system boot program from the GNU community. A security vulnerability exists in GNU GRUB that stems from grubcryptomemcmp not using a constant time algorithm, no details of the vulnerability are provided at this time...

5.3CVSS5.7AI score0.0038EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•4 views

Google Pixel suffers from an unspecified vulnerability (CNVD-2025-00977)

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from the presence of uninitialized data in gattsr.c's gattsprocessreadbytypereq, which can lead to information disclosure. No details of the vulnerability are...

7.5CVSS6.3AI score0.00243EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•6 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01671)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer issue in imxaudmixprobe in the ASoC imx-audmix subsystem. No detailed vulnerability details a...

5.5CVSS6.6AI score0.00209EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•8 views

Google Android Information Disclosure Vulnerability (CNVD-2025-03652)

Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability, the vulnerability stems from the lack of boundary checking in the SensorService::isDataInjectionEnabled method in the SensorService.cpp file, which can be exploite...

6.2CVSS6.2AI score0.00099EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•13 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01680)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a skb release issue caused by hcidevcdappend in the Bluetooth btmtk subsystem. No detailed vulnerability...

7.8CVSS6.6AI score0.00216EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•13 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01677)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a delay in the final release of struct net during netns disassembly in the net module. No details of the...

7.8CVSS6.5AI score0.00233EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•7 views

Information Leakage Vulnerability in Network Intelligence Analysis System of Stoneco (Nanjing) Information Technology Co.

Ltd. is an enterprise focusing on AI technology innovation, dedicated to promoting industry innovation through AI technology and building a customer-centric, business-scene-focused full-service system. There is an information leakage vulnerability in the network intelligence analysis system of...

6.6AI score
Exploits0
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•8 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01673)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an invalid progarray access issue in perfeventdetachbpfprog in the bpf, perf subsystem. No detailed...

5.5CVSS6.6AI score0.00214EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•11 views

Huawei Lion-AL00C Stack Overflow Vulnerability

The Huawei Lion-AL00C is a smartphone from the Chinese company Huawei Huawei. The Huawei Lion-AL00C suffers from a stack overflow vulnerability that stems from a lack of sufficient checksums. An attacker could exploit the vulnerability to cause tampering of information, affecting availability...

6.5CVSS7AI score0.00228EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•6 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01672)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from potential post-release reuse in the hi3110canist function in the can:hi311x module. No detailed vulnerabilit...

7.8CVSS6.6AI score0.00228EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•6 views

Linux kernel net:lapb module buffer overflow vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a buffer overflow vulnerability that originates from an insufficient value of LAPBHEADERLEN in the net:lapb module, which can be exploited by a remote...

5.5CVSS7AI score0.0022EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•1 views

GNU GRUB Buffer Overflow Vulnerability

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a buffer overflow vulnerability that originates from a boundary error in fs/hfs.c when handling untrusted input. An attacker could exploit the vulnerability via a heap-based buffer overflow caused by carefully...

8.8CVSS8AI score0.00708EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/03 12:0 a.m.•14 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01679)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inetcreate in the net:inet module not clearing the dangling sk pointer, which could lead to reuse after...

7.8CVSS6.5AI score0.00252EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/02 12:0 a.m.•11 views

SQL Injection Vulnerability in Macroview HCM of Beijing Macroview Century Software Co.

Macroview HCM is a human capital management system based on the transformation and upgrading of human resources from management to service operation. A SQL injection vulnerability exists in Hongjing HCM of Beijing Hongjing Century Software Co. Ltd, which can be exploited by attackers to obtain...

7.5AI score
Exploits0
CNVD
CNVD
•added 2024/12/31 12:0 a.m.•6 views

Elevation of Privilege Vulnerability in Hot Velvet Security Software of Beijing Hot Velvet Network Technology Co.

Firedown Security is a free computer defense and antivirus security software. Beijing FireFleece Network Technology Co. FireFleece Security Software has an elevation of privilege vulnerability that can be exploited by attackers to elevate privileges...

7.3AI score
Exploits0
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•1 views

NETGEAR R6900P/R7000P Buffer Overflow Vulnerability

The NETGEAR R6900P and R7000P are wireless routers from NETGEAR that provide high-speed Internet connectivity and network management capabilities. The NETGEAR R6900P and R7000P suffer from a buffer overflow vulnerability that stems from the sub16C4C function in the HTTP Header Handler component...

7.5CVSS7.3AI score0.00822EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•5 views

Huawei HiLink AI Life Authentication Bypass Vulnerability

HUAWEI HiLink AI Life is a full-scene smart life management platform launched by Huawei, which is mainly used to unify the management and control of all kinds of smart devices, including routers, headphones, speakers, cameras and other smart home products. Huawei HiLink AI Life suffers from an...

4CVSS7AI score0.00141EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Maid Hiring Management System /admin/contactus.php File Cross-Site Scripting Vulnerability

Maid Hiring Management System is a maid hiring management system. The Maid Hiring Management System suffers from a cross-site scripting vulnerability that stems from a lack of sufficient input validation for the page title parameter in the /admin/contactus.php file. An attacker can exploit this...

6.1CVSS6.1AI score0.00338EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•1 views

Hospital Management System manage-doctors.php File Cross-Site Scripting Vulnerability

Hospital Management System a hospital management system. Hospital Management System has a cross-site scripting vulnerability that originates from a cross-site scripting vulnerability in the Doctor Name parameter of the /hospital/hms/admin/manage-doctors.php file. An attacker can exploit this...

5.2CVSS6AI score0.00524EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Complaint Management System /admin/state.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that stems from a lack of sufficient validation of the input of the state parameter in the /admin/state.php file. No details of the vulnerability are available at...

9.8CVSS8.1AI score0.00539EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•1 views

Chat System update_user.php File Cross-Site Scripting Vulnerability

Chat System is a chat system. Chat System suffers from a cross-site scripting vulnerability that stems from a lack of sufficient validation and escaping of the name parameter input in the file /admin/updateuser.php. The vulnerability can be exploited to conduct a cross-site scripting attack by...

7.6CVSS6.2AI score0.0045EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Maid Hiring Management System search-booking-request.php file cross-site scripting vulnerability

Maid Hiring Management System is a maid hiring management system. Maid Hiring Management System suffers from a cross-site scripting vulnerability that stems from the lack of adequate validation and filtering of searchdata parameter inputs in the file /admin/search-booking-request.php. No details ...

6.1CVSS4AI score0.00289EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Maid Hiring Management System /admin/search-maid.php File Cross-Site Scripting Vulnerability

Maid Hiring Management System is a maid hiring management system. The Maid Hiring Management System suffers from a cross-site scripting vulnerability that stems from a lack of sufficient input validation of the searchdata parameter in file /admin/search-maid.php. An attacker could use this...

6.1CVSS4AI score0.00345EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•1 views

Huawei HarmonyOS Privilege Management Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a privilege management vulnerability that can be exploited by an attacker to compromise data confidentiality...

7.8CVSS7AI score0.00149EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•1 views

Small CRM admin/index.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from an SQL injection vulnerability that stems from the email parameter of the /admin/index.php file containing an SQL injection vulnerability. No details of the vulnerability are available at this time...

9.8CVSS8.1AI score0.00399EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•3 views

Small CRM /admin/quote-details.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability, which originates from an SQL injection vulnerability in the id parameter of the /admin/quote-details.php file. An attacker can exploit this vulnerability to obtain sensitive information o...

9.8CVSS7.7AI score0.0047EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•1 views

Small CRM /admin/edit-user.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability, which originates from an SQL injection vulnerability in the id parameter of the /admin/edit-user.php file. An attacker can exploit this vulnerability to obtain sensitive information or...

9.8CVSS7.7AI score0.0047EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•3 views

DELL NativeEdge Information Disclosure Vulnerability

DELL NativeEdge is an edge operations software platform from Dell Technologies designed to simplify the deployment, management and secure scaling of edge computing environments. DELL NativeEdge suffers from an information disclosure vulnerability that stems from improperly set permissions on...

6.5CVSS6.1AI score0.00169EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Maid Hiring Management System edit-category.php File SQL Injection Vulnerability

Maid Hiring Management System is a maid hiring management system. Maid Hiring Management System suffers from a SQL injection vulnerability that originates from insufficient input validation of the editid parameter in file /admin/edit-category.php. An attacker could exploit this vulnerability to...

9.8CVSS6.8AI score0.00383EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Maid Hiring Management System profile.php file cross-site scripting vulnerability

Maid Hiring Management System is a maid hiring management system. Maid Hiring Management System suffers from a cross-site scripting vulnerability in the file /admin/profile.php that stems from a lack of adequate validation and filtering of the input of the name parameter. No details of the...

6.1CVSS3.9AI score0.00289EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•8 views

Codezips Project Management System SQL Injection Vulnerability (CNVD-2025-00978)

Codezips Project Management System is a project management system that provides project management, task assignment and other features. A SQL injection vulnerability exists in the /pages/forms/advanced.php file in Codezips Project Management System version 1.0, which stems from insufficient...

8.8CVSS7.7AI score0.00508EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•7 views

Dell ECS Certification Bypass Vulnerability

Dell ECS is an enterprise-grade cloud storage solution that provides high-performance, scalable object storage services. An authentication bypass vulnerability exists in Dell ECS versions prior to 3.8.1.3 that stems from a capture replay attack. An attacker could exploit the vulnerability to...

5.4CVSS7AI score0.00298EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•6 views

D-Link DIR-823G Web Management Interface HNAP1 SetVirtualServerSettings Improper Access Control Vulnerability

The D-Link DIR-823G is a wireless router that provides network connectivity and management for homes and small offices. The D-Link DIR-823G suffers from an improper access control vulnerability that originates in the Web Management Interface component's SetAutoRebootSettings, SetClientInfo,...

9.8CVSS7AI score0.0189EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•3 views

Maid Hiring Management System /admin/search-maid.php File SQL Injection Vulnerability

Maid Hiring Management System is a maid hiring management system. The Maid Hiring Management System suffers from a SQL injection vulnerability that originates from insufficient validation of the searchdata parameter in file /admin/search-maid.php. An attacker can use this vulnerability to send a...

9.8CVSS8.4AI score0.00523EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Chat System update_user.php File SQL Injection Vulnerability

Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that stems from a lack of adequate validation of the input of the id parameter in the /admin/updateuser.php file. No details of the vulnerability are available at this time...

9.8CVSS8.1AI score0.00393EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Chat System update_room.php file cross-site scripting vulnerability

Chat System is a chat system. Chat System suffers from a cross-site scripting vulnerability that stems from the lack of sufficient validation and escaping of the name parameter input in the /admin/updateroom.php file. The vulnerability can be exploited to perform cross-site scripting attacks by...

5.3CVSS6.2AI score0.00286EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Chat System chatroom.php File SQL Injection Vulnerability

Chat System is a chat system. Chat System suffers from an SQL injection vulnerability that stems from the file /admin/chatroom.php not adequately validating and filtering the input of the id parameter. An attacker can exploit this vulnerability to obtain sensitive information...

8.8CVSS7.8AI score0.0038EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•3 views

Complaint Management System /admin/category.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from an SQL injection vulnerability that stems from a lack of sufficient validation of the input of the state parameter in the /admin/category.php file. No details of the vulnerability are available ...

9.8CVSS8.1AI score0.00735EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•4 views

Chat System update_room.php File SQL Injection Vulnerability

Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that originates from insufficient input validation of the id/name/password parameters in the /admin/updateroom.php file. An attacker can use this vulnerability to execute arbitrary SQL commands to obtain sensitiv...

7.5CVSS8.3AI score0.00312EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•3 views

Huawei connection hijacking vulnerability in some home routers

The Huawei WS8700, among others, is a router from the Chinese company Huawei Huawei. Some of Huawei's home routers are vulnerable to connection hijacking, which can be exploited by attackers to cause a DoS or information disclosure...

8.1CVSS6.6AI score0.0015EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•3 views

Responsive Hotel Site newsletter.php file SQL Injection Vulnerability

Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that originates from insufficient input validation of the eid parameter in file /admin/newsletter.php. An attacker can use this vulnerability to obtain sensitive information or...

9.8CVSS7.7AI score0.00659EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Chat System chatroom.php File Cross-Site Scripting Vulnerability

Chat System is a chat system. The Chat System suffers from a cross-site scripting vulnerability that stems from a lack of adequate validation and filtering of id parameter input in the file /admin/chatroom.php. The vulnerability can be exploited to inject arbitrary web script into a page by...

6.1CVSS6.2AI score0.00293EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•5 views

Huawei HarmonyOS AILife Solution path traversal vulnerability (CNVD-2025-0762234)

Huawei HarmonyOS AILife Solution is a linked operating system for smart devices from the Chinese company Huawei. A path traversal vulnerability exists in Huawei HarmonyOS AILife Solution, which stems from the system failing to properly handle a specific request path. An attacker could use this...

7.3CVSS6.7AI score0.00266EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/30 12:0 a.m.•2 views

Maid Hiring Management System aboutus.php file cross-site scripting vulnerability

Maid Hiring Management System is a maid hiring management system. The Maid Hiring Management System suffers from a cross-site scripting vulnerability that stems from a lack of adequate validation and escaping of the title parameter input in the file /admin/aboutus.php. An attacker can exploit thi...

6.1CVSS3.9AI score0.00387EPSS
Exploits0References1
Total number of security vulnerabilities130931