Lucene search
K

131179 matches found

CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Google Android Authorization Vulnerability (CNVD-2026-26392)

Google Android is an operating system based on Linux, open-sourced by the American company Google. Google Android has authorization-related vulnerabilities; these vulnerabilities stem from the lack of permission checks. Attackers can exploit these vulnerabilities to gain higher levels of access...

10CVSS5.9AI score0.00218EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Dell PowerFlex Manager encryption vulnerability (CNVD-2026-26082)

Dell PowerFlex Manager is a software-defined storage management platform developed by the American company Dell. Versions of Dell PowerFlex Manager prior to 4.5.1.1 contained security vulnerabilities. Attackers could exploit these vulnerabilities to carry out man-in-the-middle attacks using DNS...

6.5CVSS5.9AI score0.00124EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Dell PowerStore cross-site scripting vulnerability (CNVD-2026-26084)

Dell PowerStore is an enterprise-level network storage system developed by the American company Dell. Dell PowerStore has a cross-site scripting vulnerability. This vulnerability stems from the lack of effective filtering and escaping of data provided by users in the PowerStore Manager. Attackers...

5.4CVSS5.9AI score0.00199EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.3 views

Dell EMC VxRail Appliance permission licensing and access control issue vulnerabilities

The Dell EMC VxRail Appliance is an integrated hypervisor-enabled hyper-converged infrastructure device developed by the American company Dell. Versions of the Dell EMC VxRail Appliance prior to 7.0.520 contain security vulnerabilities. Attackers can exploit these vulnerabilities to escape from...

7CVSS6AI score0.00081EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Google Android has an unknown vulnerability (CNVD-2026-26390)

Google Android is an operating system based on Linux, open-sourced by Google Inc. There are security vulnerabilities in Google Android, which stem from a lack of boundary checks in the mfccorenalqgetdecmetadataseinal function in mfccorenal.q. Attackers can exploit these vulnerabilities to execute...

8.8CVSS6AI score0.00277EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.3 views

Rockwell Automation CompactLogix 5370 suffers a denial-of-service vulnerability

Rockwell Automation CompactLogix 5370 is a programmable automation controller developed by Rockwell Automation in the United States. The CompactLogix 5370 has a denial-of-service vulnerability, which stems from the lack of verification of sequence numbers and source IP addresses in the CIP...

8.7CVSS6AI score0.0017EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.3 views

Google Android competition conditions issue vulnerability (CNVD-2026-26393)

Google Android is an open-source operating system based on Linux, developed by Google Inc. Google Android has a vulnerability known as a race condition. This vulnerability stems from a persistent synchronization issue within the createSessionInternal function in PackageInstallerService.java...

10CVSS5.9AI score0.00123EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Dell PowerFlex Manager permission and access control vulnerabilities

Dell PowerFlex Manager is a software-defined storage management platform developed by the American company Dell. Dell PowerFlex has vulnerabilities related to permission licensing and access control. These vulnerabilities stem from improper access control mechanisms, and attackers can exploit the...

6.5CVSS5.9AI score0.0021EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.3 views

Cisco Identity Services Engine Software Authorization Vulnerability

Cisco Identity Services Engine Software is a identity management platform developed by the American company Cisco. There are authorization-related vulnerabilities in Cisco Identity Services Engine Software. These vulnerabilities stem from improper authorization checks during resource access...

7.5CVSS5.9AI score0.00407EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.5 views

Cisco Webex App input validation vulnerability (CNVD-2026-26204)

The Cisco Webex App is a video conferencing and collaboration software developed by Cisco, Inc. in the United States. The Cisco Webex App has a vulnerability related to input validation. This vulnerability stems from improper input validation of URL parameters in HTTP requests. Attackers can...

4.3CVSS6AI score0.00202EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Apple Safari permissions vulnerability (CNVD-2026-26338)

Apple Safari is a web browser developed by Apple Inc., integrated into iOS, iPadOS, and macOS systems. It is primarily used for accessing and browsing web content. Apple Safari has a permissions vulnerability. This vulnerability stems from improper handling of permissions restrictions during...

6.5CVSS5.9AI score0.00312EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Rockwell Automation FactoryTalk Analytics PavilionX Authorization Issues Vulnerability

Rockwell Automation FactoryTalk Analytics PavilionX is an industrial automation analysis platform developed by the Rockwell Automation Foundation in the United States. There is a vulnerability related to authorization in Rockwell Automation FactoryTalk Analytics PavilionX. This vulnerability stem...

8.3CVSS6.1AI score0.00235EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.5 views

TP-Link TL-WR841N Web interface stack buffer overflow vulnerability

The TP-Link TL-WR841N v14 is a wireless router produced by the Chinese company TP-Link. The TP-Link TL-WR841N v14 has a stack buffer overflow vulnerability in its web interface. This vulnerability arises from improper handling of specially crafted HTTP requests, leading to a buffer overflow...

6.8CVSS6.4AI score0.00554EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Dell Peripheral Manager permissions and access control vulnerabilities (CNVD-2026-26537)

Dell Peripheral Manager is a peripheral device management software developed by the American company Dell. Versions of Dell Peripheral Manager prior to 1.7.3 contained security vulnerabilities. Attackers could exploit these vulnerabilities to execute arbitrary code by preloading malicious DLLs...

7.8CVSS6.2AI score0.00098EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Google Chrome Input Validation Vulnerability (CNVD-2026-26522)

Google Chrome is a cross-platform web browser developed by Google Inc. of the United States. There is a security vulnerability in Google Chrome. This vulnerability stems from improper implementations in extensions. Attackers can exploit this vulnerability to bypass the origin policy using a...

4.2CVSS5.9AI score0.00137EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Dell Peripheral Manager permissions and access control vulnerabilities

Dell Peripheral Manager is a peripheral device management software developed by the American company Dell. There are security vulnerabilities in Dell Peripheral Manager. Attackers can exploit these vulnerabilities to execute arbitrary code by preloading malicious executable files...

6.7CVSS6.2AI score0.00099EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.5 views

Google Chrome Authorization Vulnerability (CNVD-2026-26521)

Google Chrome is a cross-platform web browser developed by Google Inc. of the United States. There is a security vulnerability in Google Chrome. This vulnerability stems from improper handling of passwords in the Password module. Attackers can exploit this vulnerability to leak cross-source data...

4.3CVSS5.9AI score0.00194EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.5 views

Apple Safari buffer overflow vulnerability (CNVD-2026-26434)

Apple Safari is a web browser developed by Apple Inc., primarily used on iOS, iPadOS, and macOS systems. It provides web browsing functionality. Apple Safari has a buffer overflow vulnerability. This vulnerability stems from insufficient validation of boundary checks. Attackers can exploit this...

6.5CVSS6.2AI score0.00257EPSS
Exploits0
CNVD
CNVD
added 2026/06/27 12:0 a.m.4 views

OpenBSD Resource Management Vulnerability (CNVD-2026-26371)

OpenBSD is a Unix-like operating system that focuses on security and code quality. There is a resource management vulnerability in OpenBSD. This vulnerability stems from the use of the syssem.get function in sys/kern/sysvsem.c, where a memory error occurs due to a context switch after tsleep. An...

7.8CVSS6AI score0.00116EPSS
Exploits0
CNVD
CNVD
added 2026/06/27 12:0 a.m.4 views

Linux Kernel Memory Error Reference Vulnerability (CNVD-2026-25961)

The Linux kernel is an open-source operating system kernel that provides core functions such as process management, memory management, network protocol stack, and hardware drivers. The Linux kernel has a memory error reference vulnerability. This vulnerability arises from processing MLD queries,...

8.8CVSS6AI score0.00252EPSS
Exploits0
CNVD
CNVD
added 2026/06/27 12:0 a.m.5 views

Dell Container Storage Module OS Command Injection Vulnerability

Dell Container Storage Modules is a container storage management module that primarily provides storage orchestration and data management functions in a containerized environment. Dell Container Storage Modules has an OS command injection vulnerability. This vulnerability stems from the failure t...

8CVSS6AI score0.00954EPSS
Exploits1
CNVD
CNVD
added 2026/06/27 12:0 a.m.5 views

Linux Kernel TEe Optee Memory Error Reference Vulnerability

The Linux kernel is the core of the Linux operating system, responsible for managing hardware resources and providing system services. The TEE OP-TEE driver in the Linux kernel has a memory error reference vulnerability. This vulnerability arises from the possibility for the client to exit while...

7.8CVSS6AI score0.00126EPSS
Exploits0
CNVD
CNVD
added 2026/06/27 12:0 a.m.4 views

Apache Kerby Kerberos Pre-authentication Bypass Vulnerability

Apache Kerby is a Java implementation of the Kerberos protocol, primarily used for providing authentication and authorization services. Apache Kerby has a vulnerability related to bypassing Kerberos pre-authentication. This vulnerability arises when users send PA-DATA that includes unrecognized o...

7.3CVSS6AI score0.00321EPSS
Exploits0
CNVD
CNVD
added 2026/06/27 12:0 a.m.5 views

Linux Kernel Memory Vulnerability (CNVD-2026-26372)

The Linux kernel is the core of the Linux operating system, responsible for managing system resources, process scheduling, file systems, and other functions. The Linux kernel has a memory corruption vulnerability. This vulnerability arises due to the btrfs module releasing dirty page IO trees...

7.5CVSS6.2AI score0.00432EPSS
Exploits0
CNVD
CNVD
added 2026/06/27 12:0 a.m.5 views

Google Chrome Resource Management Error Vulnerability (CNVD-2026-26523)

Google Chrome is a cross-platform web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.201 contained a resource management vulnerability, which stemmed from a reuse issue in AdFilter. Attackers could exploit this vulnerability by using specially crafted HTML pages an...

7.5CVSS6.3AI score0.00229EPSS
Exploits0
CNVD
CNVD
added 2026/06/27 12:0 a.m.4 views

Google Chrome Input Validation Vulnerability (CNVD-2026-26524)

Google Chrome is a cross-platform web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.201 contained a vulnerability related to input validation errors. This vulnerability stemmed from an integer overflow issue in the Mojo component. Attackers could exploit this...

8.3CVSS6AI score0.00177EPSS
Exploits0
CNVD
CNVD
added 2026/06/26 12:0 a.m.3 views

GPAC mp4box gf_cenc_set_pssh function buffer overflow vulnerability

GPAC mp4box is a multimedia file processing tool open-sourced by the GPAC team. Version 2.4 of GPAC mp4box contains a buffer overflow vulnerability. This vulnerability stems from the failure of the gfcencsetpssh function located in isomedia/drmsample.c to correctly verify the length of the input...

5.5CVSS6.2AI score0.00235EPSS
Exploits1
CNVD
CNVD
added 2026/06/25 12:0 a.m.6 views

Oracle WebCenter Content permission licensing and access control issues

Oracle WebCenter Content is a content management product within Oracle Fusion Middleware. It is primarily used for creating, managing, and publishing corporate content. Oracle WebCenter Content has vulnerabilities related to permission verification and access control. These vulnerabilities stem...

7.2CVSS5.9AI score0.00453EPSS
Exploits0
CNVD
CNVD
added 2026/06/25 12:0 a.m.4 views

Oracle WebCenter Sites permission and access control issue vulnerabilities

Oracle WebCenter Sites is a content management system component within Oracle Fusion Middleware, primarily used for website content management and publishing. There is a security vulnerability in Oracle WebCenter Sites. This vulnerability stems from improper handling of user permission...

8.8CVSS5.9AI score0.00402EPSS
Exploits0
CNVD
CNVD
added 2026/06/25 12:0 a.m.3 views

Oracle Unified Directory permission and access control vulnerabilities

Oracle Unified Directory is a unified directory service provided by Oracle Corporation in the United States. Versions 12.2.1.4.0 and 14.1.2.1.0 of Oracle Unified Directory contain vulnerabilities related to permission licensing and access control. These vulnerabilities stem from issues with the O...

9.8CVSS7.2AI score0.00518EPSS
Exploits0
CNVD
CNVD
added 2026/06/25 12:0 a.m.3 views

Google Chrome Blink memory error and reference vulnerability

Google Chrome is a web browser developed by Google, primarily providing web browsing, multimedia support, and additional features. Google Chrome has a memory error reference vulnerability. This vulnerability arises due to the Blink component failing to properly handle object lifecycle issues,...

8.8CVSS6.2AI score0.00233EPSS
Exploits1
CNVD
CNVD
added 2026/06/25 12:0 a.m.3 views

Google Chrome Autofill memory error and reference vulnerability

Google Chrome is a web browser developed by Google. It primarily offers web browsing capabilities, extension support, and cross-platform synchronization features. The Autofill component of Google Chrome has a memory error reference vulnerability. This vulnerability stems from Autofill’s failure t...

8.8CVSS6.3AI score0.0026EPSS
Exploits0
CNVD
CNVD
added 2026/06/25 12:0 a.m.8 views

Google Chrome Blink memory error reference vulnerability (CNVD-2026-25582)

Google Chrome is a web browser developed by Google, primarily used for browsing web content on the internet. Google Chrome has a memory error reference vulnerability, which stems from the use of memory after it has been released. Attackers can exploit this vulnerability to execute arbitrary code ...

8.8CVSS6.3AI score0.00233EPSS
Exploits0
CNVD
CNVD
added 2026/06/25 12:0 a.m.3 views

Oracle VM VirtualBox Permission Licensing and Access Control Vulnerabilities

Oracle VM VirtualBox is one of the virtual machine components developed by Oracle Corporation in the United States. Version 7.2.8 of Oracle VM VirtualBox contains vulnerabilities related to permissions and access control. Attackers can exploit these vulnerabilities to log into virtual machines an...

6CVSS6.3AI score0.0015EPSS
Exploits0
CNVD
CNVD
added 2026/06/25 12:0 a.m.7 views

Oracle Application Development Framework Permission Licensing and Access Control Vulnerabilities

The Oracle Application Development Framework is an application development framework developed by Oracle Corporation in the United States. There were vulnerabilities related to permission licensing and access control in the ADF versions 12.2.1.4.0 and 14.1.2.0.0. These vulnerabilities stemmed fro...

6.1CVSS6.3AI score0.00245EPSS
Exploits0
CNVD
CNVD
added 2026/06/25 12:0 a.m.4 views

Google Chrome FileSystem memory error reference vulnerability

Google Chrome is a web browser developed by Google. Google Chrome has a memory error reference vulnerability. This vulnerability stems from a memory error reference within the FileSystem component. An attacker can exploit this vulnerability to trigger heap corruption through carefully crafted HTM...

8.8CVSS6AI score0.00195EPSS
Exploits0
CNVD
CNVD
added 2026/06/25 12:0 a.m.6 views

Google Chrome Bluetooth memory error and reference vulnerability

Google Chrome is a cross-platform web browser developed by Google. It primarily provides features for web browsing, extension support, and multi-platform synchronization. Google Chrome has a memory error reference vulnerability, which stems from the Bluetooth component failing to properly manage...

8.8CVSS6.4AI score0.00215EPSS
Exploits0
CNVD
CNVD
added 2026/06/24 12:0 a.m.4 views

Google Pixel remote code execution vulnerability (CNVD-2026-25584)

The Google Pixel is an Android smart device produced by Google, used for mobile communication and application execution. The Google Pixel has a remote code execution vulnerability. This vulnerability arises due to memory corruption in the Modem component during the processing of SIP REFER request...

8.8CVSS6.9AI score0.00231EPSS
Exploits0
CNVD
CNVD
added 2026/06/24 12:0 a.m.4 views

Dell Wyse Management Suite Trust Management Vulnerability

Dell Wyse Management Suite WMS is a software suite developed by Dell that is used for centralized management of thin client devices. Versions of the Dell Wyse Management Suite prior to 2605 contained a trust management vulnerability, which was caused by the system using default or preset login...

6CVSS6AI score0.00104EPSS
Exploits0
CNVD
CNVD
added 2026/06/24 12:0 a.m.2 views

Google Android Buffer Overflow Vulnerability (CNVD-2026-26526)

Google Android is an operating system based on Linux, open-sourced by Google Inc. Google Android has a buffer overflow vulnerability. This vulnerability stems from the lack of boundary checks in the RtcpHeader::decodeRtcpHeader function, which may lead to out-of-bounds reads, resulting in remote...

4.3CVSS6.2AI score0.00169EPSS
Exploits0
CNVD
CNVD
added 2026/06/24 12:0 a.m.2 views

Google Android Out-of-Bounds Write Vulnerability (CNVD-2026-26527)

Google Android is an operating system based on Linux, open-sourced by Google Inc. in the United States. There is a buffer overflow vulnerability in Google Android. The cause of this vulnerability lies in the incorrect boundary checking of the Write function in msgtoHostbuffer.cc; it is possible f...

7.8CVSS6.2AI score0.00068EPSS
Exploits0
CNVD
CNVD
added 2026/06/24 12:0 a.m.2 views

Google Android DDoS Vulnerability (CNVD-2026-26529)

Android is Google's mobile operating system, used for managing the operation of smartphones, tablets, and embedded devices. Google Android has a denial-of-service vulnerability. The vulnerability arises due to a lack of null pointer checking in the checkSsrcCollisionOnRcv function in...

7.5CVSS6.1AI score0.00211EPSS
Exploits0
CNVD
CNVD
added 2026/06/24 12:0 a.m.2 views

J-BusinessDirectory SQL Injection Vulnerability

J-BusinessDirectory is a Joomla component used to expand the content and functionality of Joomla sites. J-BusinessDirectory has a SQL injection vulnerability. The vulnerability arises because the categories.getCategories task does not properly filter the SQL statement fragments in the type...

8.8CVSS6.3AI score0.00366EPSS
Exploits0
CNVD
CNVD
added 2026/06/24 12:0 a.m.2 views

Google Android Buffer Overflow Vulnerability (CNVD-2026-26528)

Google Android is an operating system based on Linux, open-sourced by Google Inc. There is a buffer overflow vulnerability in Google Android. This vulnerability stems from memory corruption in the NrmmMsgCodec::DecodeUPUTransparentContext function found in the cnNrmmDecoder.cpp file. This can lea...

6.5CVSS6.2AI score0.00253EPSS
Exploits0
CNVD
CNVD
added 2026/06/24 12:0 a.m.6 views

Google Pixel remote code execution vulnerability (CNVD-2026-25585)

The Google Pixel is a Android smart device produced by Google, used for mobile communication and application execution. The Google Pixel has a remote code execution vulnerability. This vulnerability arises due to a lack of boundary checks in the modem component, allowing unauthorized access to...

7.8CVSS6.9AI score0.00103EPSS
Exploits0
CNVD
CNVD
added 2026/06/24 12:0 a.m.3 views

Google Android Buffer Overflow Vulnerability (CNVD-2026-25586)

Google Android is an open-source operating system based on Linux, developed by Google Inc. Google Android has a buffer overflow vulnerability. This vulnerability stems from a lack of boundary checks in the TextRtpPayloadDecoderNode::DecodeT140 function found in TextRtpPayloadDecoderNode.cpp. This...

8.8CVSS6.6AI score0.00231EPSS
Exploits0
CNVD
CNVD
added 2026/06/24 12:0 a.m.4 views

Google Pixel remote code execution vulnerability (CNVD-2026-25583)

The Google Pixel is a Android smart device produced by Google, used for mobile communication and application execution. The Google Pixel has a remote code execution vulnerability. This vulnerability arises due to a lack of boundary checks in the modem component, allowing unauthorized writing beyo...

8.8CVSS6.9AI score0.00231EPSS
Exploits0
CNVD
CNVD
added 2026/06/22 12:0 a.m.5 views

Mozilla Firefox for iOS: Input validation error vulnerability

Mozilla Firefox for iOS is a mobile web browser developed by the Mozilla Foundation. Mozilla Firefox for iOS has a vulnerability related to input validation. This vulnerability stems from a problem in TemporaryDocument where cross-source HTTP redirection retains the initial PDF request settings f...

4.3CVSS6AI score0.001EPSS
Exploits0
CNVD
CNVD
added 2026/06/22 12:0 a.m.4 views

NVIDIA NeMo Framework Deserialization Vulnerability (CNVD-2026-25394)

NVIDIA NeMo Framework is an open-source generative AI development platform designed specifically for researchers and developers. It aims to efficiently build, customize, and deploy large language models, multimodal models, and voice AI models. The NVIDIA NeMo Framework has a deserialization...

7.8CVSS6.1AI score0.00161EPSS
Exploits0
CNVD
CNVD
added 2026/06/22 12:0 a.m.4 views

NVIDIA NeMo Framework arbitrary code execution vulnerability

NVIDIA NeMo Framework is an open-source generative AI development platform designed specifically for researchers and developers. It aims to efficiently build, customize, and deploy large language models, multimodal models, and voice AI models. The NVIDIA NeMo Framework has a code execution...

7.8CVSS6.5AI score0.00193EPSS
Exploits0
Total number of security vulnerabilities131179