Lucene search
K

130931 matches found

CNVD
CNVD
•added 2024/12/28 12:0 a.m.•4 views

Unauthorized Access Vulnerability in KingH5Stream of Beijing Asian Control Technology Development Co.

Beijing Asian Control Technology Development Co., Ltd. is a high-tech enterprise of industrial automation and informatization software platform, focusing on independent research and development, marketing and service of domestic industrial software. An unauthorized access vulnerability exists in...

6.8AI score
Exploits0
CNVD
CNVD
•added 2024/12/28 12:0 a.m.•2 views

Unauthorized Access Vulnerability in Kingh5stream of Beijing Asian Control Technology Development Co.

Beijing Asian Control Technology Development Co., Ltd. is a high-tech enterprise of industrial automation and informatization software platform, focusing on independent research and development, marketing and service of domestic industrial software. An unauthorized access vulnerability exists in...

6.8AI score
Exploits0
CNVD
CNVD
•added 2024/12/27 12:0 a.m.•10 views

Dell NativeEdge Elevation of Privilege Vulnerability

Dell NativeEdge is a software provided by Dell for managing and configuring network devices. A security vulnerability exists in Dell NativeEdge. An attacker could exploit the vulnerability to locally access the system with low privileges, resulting in elevated privileges...

7.8CVSS7.1AI score0.0017EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/27 12:0 a.m.•8 views

IBM Engineering Lifecycle Optimization-Engineering Insights Information Disclosure Vulnerability

IBM Engineering Lifecycle Optimization - Engineering Insights ENI is a collaborative, Web-based application from IBM. An information disclosure vulnerability exists in IBM Engineering Lifecycle Optimization - Engineering Insights. The vulnerability is due to the fact that the affected version cou...

5.3CVSS5.9AI score0.00366EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/27 12:0 a.m.•3 views

DELL NativeEdge Information Disclosure Vulnerability (CNVD-2025-1751479)

DELL NativeEdge is an edge operations software platform from Dell Technologies designed to simplify the deployment, management and secure scaling of edge computing environments. An information disclosure vulnerability exists in DELL NativeEdge. An attacker could exploit this vulnerability to caus...

7.5CVSS6.3AI score0.00299EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/27 12:0 a.m.•2 views

Hospital Management System index.php File SQL Injection Vulnerability

Hospital Management System a hospital management system. Hospital Management System has a SQL injection vulnerability that originates from the manipulation of username/password parameters in the login component of the /admin/index.php file. No details of the vulnerability are available at this ti...

9.8CVSS8AI score0.00607EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/27 12:0 a.m.•10 views

Dell ECS Buffer Overflow Vulnerability

Dell ECS Elastic Cloud Storage is an enterprise-class cloud-scale object storage platform from Dell Technologies. A buffer overflow vulnerability exists in Dell ECS. The vulnerability is due to an arithmetic overflow in the ECS's retention period processing. An attacker could exploit the...

8.1CVSS9.4AI score0.00388EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/27 12:0 a.m.•7 views

TOTOLINK A3002R Remote Code Injection Vulnerability

The TOTOLINK A3002R is a wireless dual-band Gigabit router. A remote code injection vulnerability exists in the TOTOLINK A3002R. The vulnerability is due to the ability to execute remote code in /bin/boa via formWsc in the affected version. An attacker can exploit this vulnerability to remotely...

8.8CVSS7.7AI score0.01138EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/27 12:0 a.m.•4 views

Google Chrome Type Obfuscation Vulnerability (CNVD-2025-1712275)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a type obfuscation vulnerability that stems from the presence of type obfuscation in V8. No detailed vulnerability details are provided at this time...

8.8CVSS8.5AI score0.00833EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/26 12:0 a.m.•6 views

Google Vertex AI Information Disclosure Vulnerability

Google Vertex AI is a Google Cloud console tool from Google USA for rapid prototyping and testing of generative AI models. Google Vertex AI suffers from an information disclosure vulnerability that stems from the application's inadequate protection of sensitive information, which can be exploited...

6.8CVSS6.8AI score0.0008EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•5 views

Apple macOS Information Disclosure Vulnerability (CNVD-2025-10915)

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS suffers from an information disclosure vulnerability that can be exploited by an attacker to view protected content from a login window...

4.6CVSS6.1AI score0.00275EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•10 views

Fortinet FortiWLM Path Traversal Vulnerability (CNVD-2024-4963848)

Fortinet FortiWLM is a wireless manager from Fortinet, Inc. Fortinet FortiWLM suffers from a path traversal vulnerability that stems from the program failing to properly filter for specific elements in the path to a resource or file. An attacker could use this vulnerability to execute unauthorize...

9.8CVSS7.4AI score0.24901EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•5 views

Fortinet FortiManager Operating System Command Injection Vulnerability

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains ADOM to further simplify the deployment and management of multi-device...

7.2CVSS7.8AI score0.01652EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•10 views

Adobe ColdFusion path traversal vulnerability (CNVD-2025-0256230)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion suffers from a path traversal vulnerability, which arises when the program fails to...

8.1CVSS9.2AI score0.13403EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•7 views

Google Android elevation of privilege vulnerability (CNVD-2025-02971)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

10CVSS6.8AI score0.00213EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•12 views

Google Chrome Code Execution Vulnerability (CNVD-2025-00208)

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome, which can be exploited by an attacker to execute arbitrary code on a system...

8.8CVSS8.7AI score0.00303EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•9 views

IBM Cognos Analytics Cross-Site Scripting Vulnerability (CNVD-2025-00306)

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. IBM Cognos Analytics...

6.1CVSS6.6AI score0.00268EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•7 views

IBM Cognos Analytics Input Validation Error Vulnerability (CNVD-2025-00307)

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. An input validation...

6.8CVSS6.9AI score0.0023EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•12 views

IBM Security Directory Integrator Operating System Command Injection Vulnerability

IBM Security Directory Integrator is an integrated development environment and runtime service from International Business Machines IBM. IBM Security Directory Integrator suffers from an operating system command injection vulnerability that stems from the application's failure to properly filter...

8.8CVSS7.7AI score0.0064EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•6 views

IBM Storage Defender Plaintext Transfer Vulnerability

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A plaintext transfer vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the presence of keys stored in plaintext and can be exploited by a...

4.9CVSS6.3AI score0.00345EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•10 views

IBM Robotic Process Automation Information Disclosure Vulnerability (CNVD-2025-00312)

IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM. can help you automate more business and IT processes at scale with the ease and speed of traditional RPA. An information disclosure vulnerability exists in IBM Robotic Process Automati...

4.6CVSS6.2AI score0.00237EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•9 views

Discourse cross-site scripting vulnerability (CNVD-2024-4963986)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

6.8CVSS6.3AI score0.00274EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•8 views

IBM MQ Denial of Service Vulnerability (CNVD-2025-00308)

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A denial of service vulnerability exists in IBM MQ versions 8.1.0 through 8.1.0.25, which stems from...

6.5CVSS6.7AI score0.00655EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•4 views

JetBrains TeamCity Image Name Cross-Site Scripting Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

5.4CVSS5.8AI score0.00765EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•4 views

JetBrains TeamCity Information Disclosure Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. An information disclosure vulnerability exists in...

6.5CVSS5.9AI score0.00304EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•2 views

Unspecified Vulnerability in JetBrains TeamCity

JetBrains TeamCity is a powerful continuous integration and continuous delivery CI/CD tool developed by JetBrains. A security vulnerability exists in JetBrains TeamCity that stems from an access token not being revoked after removing a user role. No details of the vulnerability are provided at th...

8.8CVSS6.2AI score0.00293EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•11 views

IBM Cognos Analytics File Upload Vulnerability (CNVD-2025-00968)

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. IBM Cognos Analytics...

8CVSS7AI score0.00416EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•2 views

JetBrains TeamCity Content-Type Header Cross-Site Scripting Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from a cross-site...

5.4CVSS6.1AI score0.00765EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•3 views

JetBrains TeamCity Unauthorized Access Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from an unauthorized...

4.3CVSS7.1AI score0.00275EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•3 views

Unspecified Vulnerability in JetBrains TeamCity

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A security vulnerability exists in JetBrains...

5.5CVSS7.1AI score0.00294EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•5 views

JetBrains TeamCity Code Issue Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A code issue vulnerability exists in JetBrains...

7.1CVSS6.2AI score0.00232EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•4 views

JetBrains TeamCity Improper Access Control Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from an improper access...

5.3CVSS7.1AI score0.00273EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•2 views

Dell Inventory Collector Incorrect Link Resolution Before File Access Vulnerability

Dell Inventory Collector is a tool provided by Dell for collecting device information, mainly used to collect system information such as hardware configuration, operating system version, service packs, and so on from client systems. Dell Inventory Collector suffers from an incorrect link resoluti...

7.8CVSS6.9AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•7 views

IBM Security Guardium Server-Side Request Forgery Vulnerability

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium version 11.5 suffers from a server-si...

6.5CVSS6.7AI score0.00213EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•6 views

Discourse authorization issue vulnerability (CNVD-2024-4964085)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse has an authorization issue vulnerability that stems from improper privilege management of the Filter Email List feature in the...

2.7CVSS6.6AI score0.00246EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•8 views

IBM MQ Appliance Buffer Overflow Vulnerability (CNVD-2025-00311)

The IBM MQ Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from International Business Machines IBM. A buffer overflow vulnerability exists in IBM MQ Appliance versions 9.3 LTS, 9.3 CD, and 9.4 LTS, which originates when a message is written to...

5.3CVSS7.2AI score0.00324EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•17 views

Google Chrome Code Execution Vulnerability (CNVD-2025-00210)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by out-of-bounds memory access in V8. An attacker can exploit the vulnerability to execute arbitrary code on the system...

8.8CVSS8AI score0.00402EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•29 views

Google Chrome Code Execution Vulnerability (CNVD-2025-00209)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by an out-of-bounds write in V8. An attacker can exploit the vulnerability to execute arbitrary code on the system...

8.8CVSS8.1AI score0.00383EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•4 views

IBM Storage Defender Trust Management Issues Vulnerability

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A trust management issue vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the resiliency service not properly validating certificates, a...

7.5CVSS6.6AI score0.0026EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•11 views

Google Chrome Code Execution Vulnerability (CNVD-2025-00207)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by type confusion in V8. An attacker can exploit the vulnerability to execute arbitrary code on the system...

8.8CVSS7.5AI score0.06087EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•13 views

Apache Traffic Control SQL Injection Vulnerability

Apache Traffic Control is the United States Apache Apache Foundation's set of distributed , scalable content delivery solutions. The product is mainly used to build large-scale content delivery network. Apache Traffic Control suffers from a SQL injection vulnerability that stems from a lack of...

9.9CVSS9.8AI score0.41841EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•14 views

Craft CMS Unauthenticated Remote Code Execution Vulnerability

Craft CMS is a user-friendly, web-based content management system for creating and managing website content. Craft CMS has a security vulnerability due to the opening of registerargcargv in the PHP configuration, which can be exploited by an attacker to execute arbitrary code and take control of...

9.8CVSS8.1AI score0.97446EPSS
Exploits9References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•3 views

JetBrains TeamCity Improper Access Control Vulnerability

JetBrains TeamCity is a powerful continuous integration and continuous delivery CI/CD tool developed by JetBrains. JetBrains TeamCity suffers from an improper access control vulnerability that stems from allowing to view details of unauthorized agents. No detailed vulnerability details are provid...

4.3CVSS6.2AI score0.00278EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•23 views

PbootCMS Code Injection Vulnerability (CNVD-2025-0171060)

PbootCMS is PbootCMS open source an open source enterprise building content management system CMS developed using the PHP language. PbootCMS version 3.2.3 and earlier versions of the code injection vulnerability exists , the vulnerability stems from apps/home/controller/IndexController.php page t...

9.8CVSS7.7AI score0.00518EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•10 views

Dell PowerStore Parameter Injection Vulnerability

Dell PowerStore is a scalable all-flash array storage from Dell USA. The Dell PowerStore suffers from a parameter injection vulnerability that originates from improper parameter delimiter neutralization, which can be exploited by an attacker to modify arbitrary system files...

7.1CVSS7.1AI score0.0026EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•3 views

Foxit Reader 3D Page Object Memory Misreference Vulnerability

Foxit Reader is a Chinese Foxit Foxit company's a PDF document reader. A memory misreference vulnerability exists in Foxit Reader version 2024.3.0.26795, which arises from a messed up instruction in a 3D page object responsible for freeing memory. An attacker could use this vulnerability to cause...

8.8CVSS7.3AI score0.0127EPSS
Exploits1References1
CNVD
CNVD
•added 2024/12/25 12:0 a.m.•8 views

Rockwell Automation Power Monitor 1000 Device Takeover Vulnerability

Rockwell Automation Power Monitor 1000 is a power monitor from Rockwell Automation. A security vulnerability exists in Rockwell Automation Power Monitor 1000 versions prior to 4.020, which can be exploited by an attacker to configure a new policyholder user without any authentication through the...

9.3CVSS6.9AI score0.00539EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/24 12:0 a.m.•6 views

Unspecified vulnerability in Linux kernel (CNVD-2024-4921122)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel has a security vulnerability that can be exploited by attackers to cause resource exhaustion...

5.5CVSS6.5AI score0.00224EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/24 12:0 a.m.•12 views

Unspecified vulnerability in Linux kernel (CNVD-2024-4920726)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that can be exploited by attackers to cause a system crash...

5.5CVSS6.5AI score0.00193EPSS
Exploits0References1
CNVD
CNVD
•added 2024/12/24 12:0 a.m.•16 views

Unauthorized Access Vulnerability in StarRocks Database System of Beijing Mirror Boat Technology Co.

StarRocks database system is a new generation of open source extremely fast full-scene MPP Massively Parallel Processing database . There is an unauthorized access vulnerability in the StarRocks database system of Beijing Mirror Boat Technology Co. Ltd, which can be exploited by attackers to obta...

6.8AI score
Exploits0
Total number of security vulnerabilities130931