Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/03/16 12:0 a.m.•4 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13963)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.9AI score0.00167EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•13 views

Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2026-16162)

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code...

8.8CVSS6.8AI score0.02408EPSS
Exploits1
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•4 views

Adobe Substance3D Painter Out-of-Bounds Read Vulnerability (CNVD-2026-16598)

Adobe Substance3D Painter is a 3D scene building software from the American company Audobee Adobe. Adobe Substance3D Painter suffers from an out-of-bounds read vulnerability that can be exploited by attackers to obtain sensitive information...

5.5CVSS5.8AI score0.00142EPSS
Exploits0
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•9 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13973)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.8AI score0.00224EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•3 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13958)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.9AI score0.00167EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•3 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13949)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.9AI score0.00167EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•3 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13974)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.7AI score0.00167EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•3 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13955)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.9AI score0.00167EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•4 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13969)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.9AI score0.00205EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•10 views

Adobe Substance3D Painter Out-of-Bounds Read Vulnerability (CNVD-2026-16599)

Adobe Substance3D Painter is a 3D scene building software from the American company Audobee Adobe. Adobe Substance3D Painter suffers from an out-of-bounds read vulnerability that can be exploited by attackers to obtain sensitive information...

5.5CVSS5.8AI score0.00142EPSS
Exploits0
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•5 views

OliveTin Path Traversal Vulnerability

OliveTin is OliveTin open source a Web application . OliveTin has a path traversal vulnerability, which is caused by an unsafe resolution of UniqueTrackingId, and can be exploited by an attacker to traverse directories on the system...

8.5CVSS7.3AI score0.00712EPSS
Exploits1
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•7 views

iccDEV Buffer Overflow Vulnerability

iccDEV is a color configuration code base. A buffer overflow vulnerability exists in iccDEV that can be exploited by an attacker to cause a memory leak or crash...

6.1CVSS6.1AI score0.0015EPSS
Exploits0
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•6 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13960)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.9AI score0.00167EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•13 views

Mozilla Firefox Security Bypass Vulnerability (CNVD-2026-16601)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a security bypass vulnerability caused by an error in the CSS parsing and calculation component. An attacker can exploit the vulnerability to bypass security restrictions...

6.5CVSS5.8AI score0.00112EPSS
Exploits0
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•5 views

Adobe DNG SDK Out-of-Bounds Write Vulnerability

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An out-of-bounds write vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause arbitrary code to be executed in the...

7.8CVSS6AI score0.00176EPSS
Exploits0
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•6 views

Delta Electronics COMMGR2 Denial of Service Vulnerability

Delta Electronics COMMGR2 is an automation equipment communication management software from Delta Electronics China. A denial of service vulnerability exists in Delta Electronics COMMGR2, which can be exploited by an attacker to cause a denial of service...

7.5CVSS5.9AI score0.00898EPSS
Exploits0
CNVD
CNVD
•added 2026/03/16 12:0 a.m.•11 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13962)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.9AI score0.00167EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•8 views

Huawei HarmonyOS cellular_data module privilege control vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS cellulardata module, which can be exploited by an attacker to compromise availability...

5.5CVSS5.9AI score0.00087EPSS
Exploits0
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•5 views

Huawei HarmonyOS Scanning Module Access to Uninitialized Pointers Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An access to uninitialized pointers vulnerability exists in the Huawei HarmonyOS scanning module, which can be exploited by an attacker to cause availability...

6.8CVSS5.9AI score0.00074EPSS
Exploits0
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•7 views

OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13591)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from an unverified webhook key in Telegram webhook mode, which can be exploited by an attacker to forge Telegram updates to bypass the sender permission li...

9.8CVSS5.8AI score0.00255EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

OpenClaw Information Disclosure Vulnerability (CNVD-2026-13601)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an information disclosure vulnerability that originates when the MS Teams attachment downloader, when retrying to download after receiving a 401 or 403 response, sends an authorization bearer token to ...

7.5CVSS5.8AI score0.0026EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•8 views

OpenClaw Parameter Injection Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a parameter injection vulnerability that can be exploited by an attacker to execute arbitrary commands by injecting command substitution syntax...

9.8CVSS6.1AI score0.00476EPSS
Exploits0
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-13588)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from the fact that Browser Relay's /cdp WebSocket endpoint does not require an authentication token, which can be exploited by an attacker to connect in...

8.1CVSS5.8AI score0.00295EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13589)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from the use of non-constant time string comparisons for hook token validation, which can be exploited by an attacker to infer a token via a timed side channel...

8.2CVSS5.8AI score0.00386EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•2 views

OpenClaw code issue vulnerability (CNVD-2026-13590)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is a code problem vulnerability , the vulnerability stems from the attachment and media URL hydration exists server-side request forgery , an attacker can use the vulnerability to obtain arbitrary HTTPS URL...

8.6CVSS6AI score0.00397EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•2 views

OpenClaw Identity Forgery Vulnerability

OpenClaw is an open source framework for Telegram bot rights management. OpenClaw suffers from an identity forgery vulnerability. An attacker can exploit this vulnerability to illegally manipulate bots by recycling usernames to disguise their identities and bypass privilege restrictions...

6.9CVSS5.8AI score0.0021EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

OpenClaw Encryption Problem Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a cryptographic issue vulnerability that stems from the use of SHA-1 hashed Docker and browser sandbox configurations of the sandbox identifier cache key, which can be exploited by an attacker to enable...

9.1CVSS5.8AI score0.00179EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•3 views

OpenClaw Denial of Service Vulnerability (CNVD-2026-13543)

OpenClaw is a tool for working with archived files. A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability to exhaust CPU, memory, and disk resources via a highly inflated ZIP/TAR archive file, resulting in service degradation or system unavailability...

6.7CVSS5.8AI score0.00319EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

OpenClaw Arbitrary File Read Vulnerability (CNVD-2026-13555)

OpenClaw is a tool for configuration management that supports loading external configuration files via the include directive. An arbitrary file read vulnerability exists in OpenClaw. An attacker can use this vulnerability to read sensitive files, such as API keys and credentials, outside of the...

6.7CVSS5.9AI score0.00146EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•3 views

OpenClaw Path Traversal Vulnerability

OpenClaw is a tool for installing skills, plugins and hooks. OpenClaw suffers from a path traversal vulnerability. An attacker can exploit this vulnerability to achieve persistence or code execution by constructing a malicious archive file that writes to an arbitrary location file...

6.8CVSS6.3AI score0.00152EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•2 views

OpenClaw Denial of Service Vulnerability (CNVD-2026-13800)

OpenClaw is used to handle Webhook events open source framework . A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability to cause the service to become unavailable by sending an oversized JSON load or slow uploads that trigger memory pressure...

8.7CVSS5.8AI score0.00436EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•2 views

Huawei HarmonyOS Bluetooth Character Out-of-Bounds Reading Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A character out-of-bounds read vulnerability exists in Huawei HarmonyOS Bluetooth, which can be exploited by an attacker to compromise confidentiality...

4CVSS5.9AI score0.00081EPSS
Exploits0
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

OpenClaw Security Bypass Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a security bypass vulnerability that stems from the fact that Webhook signature verification in the Voice Call extension can be bypassed, which can be exploited by an attacker to cause unauthenticated...

6.5CVSS5.8AI score0.0029EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•3 views

OpenClaw File Inclusion Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a file inclusion vulnerability. An attacker can exploit this vulnerability to read arbitrary files in the local file system...

8.2CVSS5.9AI score0.00292EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•15 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13596)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from a Webhook routing issue in the Google Chat monitor component, which can be exploited by an attacker to cause cross-account policy context misrouting that bypass...

8.2CVSS5.8AI score0.003EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•19 views

OpenClaw Denial of Service Vulnerability (CNVD-2026-13832)

OpenClaw is an open source framework for data acquisition. A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability by triggering a memory exhaustion via an oversized response with no content-length, resulting in service unavailability...

8.7CVSS5.8AI score0.00426EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•5 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-13595)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from the gateway WebSocket connection handshake allowing device identity checks to be skipped when auth.token is present but not verified, which can be...

9.8CVSS5.7AI score0.00357EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

Huawei HarmonyOS Privilege Management Service Conditional Competition Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A conditional contention vulnerability exists in the Huawei HarmonyOS privilege management service, which can be exploited by an attacker to cause availabili...

6.6CVSS5.9AI score0.00062EPSS
Exploits0
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•16 views

Huawei HarmonyOS Dimension Test Module Conditional Competition Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A conditional contention vulnerability exists in the Huawei HarmonyOS dimensioning module, which can be exploited by an attacker to cause availability to be...

4.7CVSS5.9AI score0.00071EPSS
Exploits0
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•7 views

Huawei HarmonyOS Scanning Module Buffer Overflow Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer overflow vulnerability exists in the Huawei HarmonyOS scanning module, which can be exploited by an attacker to cause availability to be compromised...

5.9CVSS6AI score0.0008EPSS
Exploits0
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•6 views

Huawei HarmonyOS Print Module Competitive Conditions Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Printing Module, which can be exploited by an attacker to cause availability to be...

5.9CVSS5.8AI score0.00078EPSS
Exploits0
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-14395)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from an Access Control Error vulnerability that stems from the BlueBubbles Webhook handler authenticating based only on the loopback remoteAddress, which can be exploited by an attacker to cause bypass of the...

8.2CVSS5.8AI score0.00408EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•6 views

Huawei HarmonyOS Certificate Management Module Path Traversal Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A path traversal vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to cause availability to b...

5.9CVSS5.9AI score0.00066EPSS
Exploits0
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•3 views

Huawei HarmonyOS Certificate Management Module Data Handling Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A data handling vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to compromise confidentiali...

6.2CVSS5.9AI score0.00058EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

Huawei HarmonyOS Device Authentication Module Authentication Bypass Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An authentication bypass vulnerability exists in the Huawei HarmonyOS device authentication module, which can be exploited by an attacker to compromise...

9.6CVSS5.9AI score0.00183EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•8 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13593)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that stems from an OAuth stateful authentication bypass issue in the manual Chutes login process, which can be exploited by an attacker to bypass CSRF protections for credential replacement...

7.1CVSS5.8AI score0.00133EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•5 views

Huawei HarmonyOS Security Control Conditional Competition Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A conditional contention vulnerability exists in the Huawei HarmonyOS security control, which can be exploited by an attacker to cause availability to be...

4.7CVSS5.9AI score0.00079EPSS
Exploits0
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

OpenClaw path traversal vulnerability (CNVD-2026-13592)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that stems from not validating the path of an entry when extracting a TAR archive, which can be exploited by an attacker to write a file outside the expected directory vi...

9.8CVSS5.8AI score0.00409EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

OpenClaw path traversal vulnerability (CNVD-2026-13551)

OpenClaw is an agent tool for managing session logs. OpenClaw suffers from a path traversal vulnerability. An attacker can exploit this vulnerability by... /... /etc/passwd, etc. to read and write arbitrary files outside of the agent's session directory...

8.4CVSS5.9AI score0.00136EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•4 views

OpenClaw Denial of Service Vulnerability (CNVD-2026-13554)

OpenClaw is a gateway tool for network data acquisition. A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability to crash the gateway process by parsing oversized or deeply nested HTML responses to exhaust memory and trick users into visiting a malicious U...

6.9CVSS5.8AI score0.00388EPSS
Exploits0References1
Total number of security vulnerabilities131179