Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/03/17 12:0 a.m.•2 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2026-16580)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

7.5CVSS5.7AI score0.00603EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16583)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit...

8.7CVSS5.6AI score0.00452EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•4 views

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16587)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could...

8CVSS5.6AI score0.00304EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•3 views

Adobe Commerce Input Validation Error Vulnerability (CNVD-2026-16595)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. An input validation error vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security features...

5.3CVSS5.7AI score0.00302EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

OpenClaw Directory Traversal Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a directory traversal vulnerability that can be exploited by an attacker to cause data to be written to an arbitrary location on the host file system...

8.1CVSS5.9AI score0.00363EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

OpenClaw Directory Traversal Vulnerability (CNVD-2026-14394)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a path traversal vulnerability that stems from the sandbox skill image failing to properly filter special elements in the path of a resource or file, which can be exploited by an attacker to cause a file t...

7.9CVSS5.8AI score0.00134EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•4 views

Siemens SICAM SIAPP SDK Buffer Overflow Vulnerability

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. A buffer overflow vulnerability exists in Siemens SICAM SIAPP SDK versions prior to V2.1.7. The vulnerability stems from a client-side component that does not perform a maximum length check on certain variables before us...

5.9CVSS6.3AI score0.00098EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•8 views

SAP Business One Job Service Cross-Site Scripting Vulnerability

SAP Business One Job Service is a service component of SAP's Enterprise Resource Planning ERP system for scheduling and executing tasks in the background. A cross-site scripting vulnerability exists in SAP Business One Job Service. The vulnerability stems from the lack of effective filtering and...

6.1CVSS5.9AI score0.00215EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•2 views

WordPress plugin Greenshift - animation and page builder blocks information disclosure vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Greenshift - animation a...

5.3CVSS5.7AI score0.00239EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•2 views

WordPress Plugin WP Booking System Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WP Booking System, which...

5.8CVSS5.7AI score0.00316EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16582)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could...

4.8CVSS5.6AI score0.00267EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•6 views

OpenClaw Remote Code Execution Vulnerability (CNVD-2026-14393)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code...

9.8CVSS6.7AI score0.00803EPSS
Exploits2References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•4 views

Schneider Electric EcoStruxure Automation Expert Code Injection Vulnerability

Schneider Electric EcoStruxure Automation Expert is a software platform for industrial automation systems from the French company Schneider Electric Schneider Electric. A code injection vulnerability exists in Schneider Electric EcoStruxure Automation Expert, which can be exploited by an attacker...

7.2CVSS5.5AI score0.00227EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

Schneider Electric EcoStruxure Foxboro DCS Code Issue Vulnerability

The Schneider Electric EcoStruxure Foxboro DCS is an innovative fault-tolerant, highly available control component from Schneider Electric, France. A code issue vulnerability exists in the Schneider Electric EcoStruxure Foxboro DCS, which can be exploited by an attacker to cause compromise of...

7CVSS5.9AI score0.00315EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

Siemens SICAM SIAPP SDK Out-of-Bounds Write Vulnerability

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. The Siemens SICAM SIAPP SDK contains an out-of-bounds write vulnerability that can be exploited by an attacker to cause a denial of service or execute arbitrary code...

7.8CVSS6.1AI score0.00143EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

Microsoft Excel Code Execution Vulnerability (CNVD-2026-16153)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute code...

7.8CVSS6.3AI score0.00458EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•4 views

Microsoft Excel Code Execution Vulnerability (CNVD-2026-16152)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS6.5AI score0.00493EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•6 views

Google Chrome Extensions Resource Management Error Vulnerability (CNVD-2026-14595)

Google Chrome is a free web browser developed by Google Inc. A security vulnerability exists in Google Chrome Extensions, which originates from re-referencing or using freed memory and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.1AI score0.00261EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•3 views

Fortinet FortiSandbox Cloud OS Command Injection Vulnerability

Fortinet FortiSandbox Cloud is a malware sandbox analysis platform from US-based Fiat Fortinet. Fortinet FortiSandbox Cloud version 5.0.4 suffers from an OS command injection vulnerability. The vulnerability stems from improper neutralization of special elements in os commands and can be exploite...

7.2CVSS6AI score0.0176EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•9 views

Huawei EMUI and Huawei HarmonyOS IMS Module Out-of-Bounds Write Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei EMUI and Huawei HarmonyOS IMS modules, which can be...

7.5CVSS5.8AI score0.00281EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•3 views

Adobe Commerce License Issues Vulnerability (CNVD-2026-15169)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that can be exploited by an attacker to bypass security measures and gain unauthorized viewing...

7.5CVSS5.9AI score0.0056EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•2 views

Google Chrome Agents Resource Management Error Vulnerability

Google Chrome is a free web browser developed by Google Inc. A security vulnerability exists in Google Chrome Agents, which originates from re-referencing or using freed memory and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.1AI score0.00349EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•4 views

Fortinet FortiSandbox Cross-Site Scripting Vulnerability (CNVD-2026-14601)

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A cross-site scripting vulnerability exists in Fortinet FortiSandbox. The...

4.8CVSS5.8AI score0.00306EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•3 views

WordPress Plugin Classified Listing Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Classified Listing, whic...

6.5CVSS5.7AI score0.00355EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•3 views

Fortinet FortiWeb OS Command Injection Vulnerability (CNVD-2026-14602)

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...

7.2CVSS6.1AI score0.01667EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•6 views

Siemens SICAM SIAPP SDK Command Execution Vulnerability

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. The Siemens SICAM SIAPP SDK suffers from a command execution vulnerability that can be exploited by attackers to cause command injection and full system cracking...

8.6CVSS6AI score0.00391EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•4 views

WordPress Plugin My Tickets Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin My Tickets, which can be...

7.5CVSS5.7AI score0.00384EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

Huawei EMUI and Huawei HarmonyOS System Service Framework Privilege Bypass Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A privilege bypass vulnerability exists in the Huawei EMUI and Huawei HarmonyOS system service framework, which c...

7.3CVSS5.8AI score0.00078EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•10 views

Adobe Commerce License Issues Vulnerability (CNVD-2026-15168)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that could be exploited by an attacker to bypass security measures and have a limited impact on...

4.7CVSS5.9AI score0.00211EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•6 views

Adobe Illustrator Stack Buffer Overflow Vulnerability (CNVD-2026-14501)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator suffers from a stack buffer overflow vulnerability vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to...

7.8CVSS6.5AI score0.00178EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

IBM WebSphere Application Server Security Feature Issue Vulnerability (CNVD-2026-19182)

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server WAS suffers from a...

4.9CVSS5.8AI score0.0031EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

Siemens SICAM SIAPP SDK Path Traversal Vulnerability

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. A path traversal vulnerability exists in the Siemens SICAM SIAPP SDK that originates from performing file deletion without properly validating the file path or destination, which can be exploited by an attacker to cause ...

7.1CVSS5.6AI score0.00123EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•7 views

Siemens SICAM SIAPP SDK Stack Buffer Overflow Vulnerability

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. The Siemens SICAM SIAPP SDK suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to cause a stack overflow, which can be exploited for code execution and denial of service...

7.8CVSS6.6AI score0.00142EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•9 views

Google Chrome WebMIDI Memory Misreference Vulnerability

Google Chrome is a free web browser developed by Google Inc. Google Chrome WebMIDI suffers from a use-after-free vulnerability that originates from re-referencing or using freed memory, which can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.1AI score0.00271EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•3 views

Microsoft Office Code Execution Vulnerability (CNVD-2026-16160)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

8.4CVSS6.3AI score0.0049EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•9 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2026-16579)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

4.3CVSS5.7AI score0.00255EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•6 views

OpenClaw Directory Traversal Vulnerability (CNVD-2026-14392)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a directory traversal vulnerability that can be exploited by an attacker to write files outside of the expected temporary directory via path traversal...

9.1CVSS5.8AI score0.00425EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•9 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2026-16581)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has a security vulnerability that can be exploited by an attacker to cause a security feature bypass...

5.5CVSS5.7AI score0.00232EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•2 views

Huawei HarmonyOS Resource Scheduling Module Privilege Control Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS resource scheduling module, which can be exploited by an attacker to compromise integrity...

5.5CVSS5.8AI score0.00109EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

Huawei EMUI and Huawei HarmonyOS email app improper checksum vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A checksum misuse vulnerability exists in the Huawei EMUI and Huawei HarmonyOS email applications, which can be...

7.1CVSS5.8AI score0.0007EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•2 views

Adobe Illustrator Heap Buffer Overflow Vulnerability (CNVD-2026-14502)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

7.8CVSS6.5AI score0.00178EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•6 views

Unspecified Vulnerability in StudioCMS (CNVD-2026-18150)

StudioCMS is StudioCMS open source a content management system . A security vulnerability exists in StudioCMS that can be exploited by an attacker to cause an authenticated user to perform arbitrary file operations on S3 storage buckets...

7.6CVSS5.5AI score0.00183EPSS
Exploits1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•3 views

OpenAkita Operating System Command Injection Vulnerability

OpenAkita is a multi-platform, multi-intelligence collaborative AI assistant. An operating system command injection vulnerability exists in OpenAkita 1.24.3 and earlier versions. The vulnerability stems from the component Chat API Endpoint in the file src/openakita/tools/shell.py function run...

5.3CVSS6AI score0.00779EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

Unspecified Vulnerability in StudioCMS (CNVD-2026-18153)

StudioCMS is StudioCMS open source a content management system . StudioCMS has an authorization issue vulnerability that originates from improper authorization of the /studiocmsapi/dashboard/api-tokens endpoint, which can be exploited by an attacker to cause elevation of privilege...

8.8CVSS5.3AI score0.00564EPSS
Exploits3
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•4 views

Adobe Commerce Server-Side Request Forgery Vulnerability

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a server-side request forgery vulnerability that can be exploited by an attacker to read arbitrary file systems...

5.5CVSS5.8AI score0.00232EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•3 views

WordPress Plugin Eagle Booking SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the WordPress plugin Eagle Booking. The vulnerability...

8.5CVSS5.8AI score0.0026EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•4 views

WordPress Plugin Chaty Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Chaty suffers from an information disclosure vulnerability that can be exploit...

7.5CVSS5.7AI score0.00303EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•3 views

WordPress Plugin Easy Post Submission Has Unspecified Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Easy Post Submission, which stems from ...

7.5CVSS5.6AI score0.00323EPSS
Exploits0
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•6 views

Microsoft Excel Code Execution Vulnerability (CNVD-2026-14408)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute code...

7.8CVSS6.4AI score0.00435EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/17 12:0 a.m.•5 views

Adobe Commerce License Issue Vulnerability (CNVD-2026-15170)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that can be exploited by an attacker to bypass security measures and gain limited...

4.3CVSS5.9AI score0.0035EPSS
Exploits0References1
Total number of security vulnerabilities131179