Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/03/12 12:0 a.m.•10 views

OpenClaw Command Injection Vulnerability (CNVD-2026-13801)

OpenClaw is a tool for executing restricted commands that supports controlling command execution through a whitelisting mechanism. A command injection vulnerability exists in OpenClaw. An attacker could use this vulnerability to execute unauthorized commands bypassing command restrictions...

9.8CVSS6.1AI score0.00499EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/12 12:0 a.m.•14 views

Huawei HarmonyOS Print Module Competitive Conditions Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Printing Module, which can be exploited by an attacker to cause availability to be...

5.9CVSS5.8AI score0.00078EPSS
Exploits0
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•3 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13442)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...

9.8CVSS5.8AI score0.0043EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•3 views

Mozilla Firefox and Mozilla Thunderbird Code Execution Vulnerability

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A code execution vulnerability exists in Mozilla Firefox and Mozilla Thunderbird,...

5.4CVSS6.6AI score0.00288EPSS
Exploits0
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•6 views

SPIP SQL Injection Vulnerability

SPIP is SPIP open source a free software for creating Internet sites. A SQL injection vulnerability exists in versions of SPIP prior to 4.4.10. The vulnerability stems from the application's lack of validation of externally entered SQL statements, which can be exploited by an attacker to achieve...

8.8CVSS6.4AI score0.00561EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•8 views

Tenda AC15 goform/formSetIptv File Command Injection Vulnerability

The Tenda AC15 is a wireless router from the Chinese company Tenda. A command injection vulnerability exists in the Tenda AC15V1.0 V15.03.05.18multi version. The vulnerability stems from the unvalidated s11 parameter in goform/formSetIptv, which can be exploited by an attacker to cause a command...

9.8CVSS5.8AI score0.01671EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•4 views

Microsoft Excel Information Disclosure Vulnerability (CNVD-2026-16157)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information leakage vulnerability exists in Microsoft Excel, which can be exploited by attackers to obtain sensitive information...

7.5CVSS6AI score0.01215EPSS
Exploits0
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•2 views

Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-15384)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...

9.8CVSS6.3AI score0.0036EPSS
Exploits0
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•2 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-15387)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in multiple Mozilla products, whi...

9.8CVSS6.3AI score0.00313EPSS
Exploits0
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•1 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13441)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in multiple Mozilla products that...

9.8CVSS5.8AI score0.00552EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•5 views

Information Disclosure Vulnerability in Multiple Mozilla Products (CNVD-2026-13443)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An information disclosure vulnerability exists in several Mozilla produc...

7.5CVSS5.8AI score0.00285EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•3 views

Code execution vulnerability in multiple Mozilla products (CNVD-2026-15388)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products, which...

9.8CVSS6.6AI score0.00469EPSS
Exploits0
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•3 views

Elevation of Privilege Vulnerability in Multiple Mozilla Products (CNVD-2026-13447)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An elevation of privilege vulnerability exists in several Mozilla produc...

9.8CVSS5.8AI score0.00366EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•2 views

Code execution vulnerability in multiple Mozilla products (CNVD-2026-13444)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products that...

9.8CVSS6.4AI score0.00469EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•5 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13450)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...

9.8CVSS5.8AI score0.00402EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•3 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13446)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...

9.8CVSS5.8AI score0.00366EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•6 views

SonicWALL SonicOS Buffer Overflow Vulnerability

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A buffer overflow vulnerability exists in SonicWALL SonicOS. The vulnerability stems from improper API endpoint boundary checking and can be exploited by an attacker to execute arbitrar...

4.9CVSS6.4AI score0.00322EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•3 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-15383)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...

9.8CVSS5.9AI score0.00229EPSS
Exploits0
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•2 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-15385)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...

10CVSS5.9AI score0.00366EPSS
Exploits0
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•4 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13440)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products that...

9.8CVSS5.8AI score0.00483EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•5 views

Code execution vulnerability in multiple Mozilla products (CNVD-2026-13445)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due t...

9.8CVSS6.4AI score0.00314EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•2 views

Elevation of Privilege Vulnerability in Multiple Mozilla Products (CNVD-2026-13448)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An elevation of privilege vulnerability exists in several Mozilla...

9.8CVSS5.8AI score0.00339EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•3 views

Elevation of Privilege Vulnerability in Multiple Mozilla Products (CNVD-2026-13449)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An elevation of privilege vulnerability exists in several Mozilla...

9.8CVSS5.8AI score0.00282EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•5 views

Code execution vulnerability in multiple Mozilla products (CNVD-2026-15386)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products, which...

9.8CVSS6.6AI score0.00313EPSS
Exploits0
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•3 views

SPIP interface_traduction_objets SQL Injection Vulnerability

SPIP interfacetraductionobjets is an extension plugin from SPIP. A SQL injection vulnerability exists in versions of SPIP interfacetraductionobjets prior to 2.2.2. The vulnerability stems from interfacetraductionobjetspipelines.php directly concatenating the idparent parameter to the SQL WHERE...

8.8CVSS6AI score0.00378EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•6 views

WordPress Plugin wpForo Forum Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin wpForo Forum, which stem...

6.9CVSS5.7AI score0.00337EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•3 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-15389)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...

10CVSS5.9AI score0.00395EPSS
Exploits0
CNVD
CNVD
•added 2026/03/11 12:0 a.m.•7 views

Apache Tomcat Client Certificate Validation Flaw Vulnerability

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server for the implementation of Servlet and JavaServer Page JSP support. Apache Tomcat client certificate has a validation flaw vulnerability, the vulnerability is due to allow revoked certificate/test...

5.8AI score0.00715EPSS
Exploits2References1
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•3 views

D-Link DIR-513 stack buffer overflow vulnerability (CNVD-2026-26092)

The D-Link DIR-513 is a wireless router product developed by D-Link Corporation. The DIR-513 has a stack buffer overflow vulnerability. This vulnerability arises from the formTcpipSetup function not properly verifying the length of the input data. Attackers can exploit this vulnerability to execu...

9.8CVSS6.6AI score0.00605EPSS
Exploits1
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•2 views

Siemens SIMATIC S7-1500 Device Stored Cross-Site Scripting Vulnerability

SIMATIC S7-1500 is an industrial controller from Siemens. A stored cross-site scripting vulnerability exists in the Siemens SIMATIC S7-1500, which can be exploited by an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in a web interface...

9.6CVSS5.7AI score0.00458EPSS
Exploits0
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•2 views

Siemens SIDIS Prime has multiple vulnerabilities

SIDIS is a commissioning and testing system for vehicle production that meets the needs of digital assembly and testing of vehicle ECUs. Multiple vulnerabilities exist in Siemens SIDIS Prime versions prior to V4.0.800, which can be exploited by attackers to compromise the confidentiality, integri...

5.8AI score
Exploits0
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•5 views

NocoDB Access Control Error Vulnerability

NocoDB is nocodb open source an Airtable alternative . Convert any MySql, PostgreSql, Sql Server, Sqlite and MariaDb to a smart spreadsheet . An access control error vulnerability exists in versions prior to NocoDB 0.301.3. The vulnerability stems from the password reset process not undoing an...

7.1CVSS5.8AI score0.00181EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•5 views

Multiple Vulnerabilities in Siemens RUGGEDCOM APE1808 Device Fortigate NGFW V7.4.7 Prior Versions

The RUGGEDCOM APE1808 is a powerful industrial-grade application hosting platform that allows you to deploy a wide range of commercial edge computing and cybersecurity applications in harsh industrial environments. Siemens RUGGEDCOM APE1808 appliance Fortigate NGFW V7.4.7 prior version has multip...

5.8AI score
Exploits0
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•5 views

Multiple Vulnerabilities in Siemens RUGGEDCOM APE1808 Device Fortigate NGFW

The RUGGEDCOM APE1808 is a powerful utility-grade application hosting platform that allows you to deploy a wide range of commercial applications for edge computing and cybersecurity in demanding industrial environments. Siemens RUGGEDCOM APE1808 appliance Fortigate NGFW has multiple vulnerabiliti...

5.8AI score
Exploits0References1
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•5 views

Siemens Heliox EV Chargers Access Control Vulnerability

The Heliox Flex 180 kW EV Charging Station is a modular DC fast charging device in the Heliox series from Siemens.Heliox Mobile DC 40 kW EV Charging Station is a portable, plug-and-play fast charging device for electric vehicles from the Heliox brand of Siemens. The Heliox Mobile DC 40 kW EV...

2.6CVSS5.8AI score0.00141EPSS
Exploits0
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•2 views

Siemens SICAM SIAPP SDK has multiple vulnerabilities

The SICAM SIAPP SDK is a specialized toolkit designed to help developers build and simulate application containers that run on Siemens-specific hardware platforms. The Siemens SICAM SIAPP SDK contains multiple vulnerabilities that can be exploited by an attacker to compromise a customer-developed...

5.8AI score
Exploits0References1
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•2 views

Siemens Mendix Application Authorization Misconfiguration Vulnerability

Siemens Mendix is a low-code application development platform from Siemens. An authorization misconfiguration vulnerability exists in the Siemens Mendix application, which can be exploited by an attacker to obtain sensitive information...

5.8AI score
Exploits0
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•4 views

Siemens SINEC Security Monitor Information Disclosure Vulnerability

SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production at customer premises. Siemens SINEC Security Monitor suffers from an information disclosure vulnerability that can be exploited by attackers to obtain...

5.3CVSS5.8AI score0.00259EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•3 views

Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP add-on GNU/Linux subsystem.

The SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP is the central processing unit CPU of the Siemens S7-1500 series for high-performance, communication-demanding and complex automation tasks. Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP add-on GNU/Linux subsystem,...

5.8AI score
Exploits0References1
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•4 views

D-Link DIR-513 stack buffer overflow vulnerability (CNVD-2026-26094)

The D-Link DIR-513 is a wireless router product from D-Link Corporation. The DIR-513 has a stack buffer overflow vulnerability. This vulnerability arises from the goform/formDeviceReboot file failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to...

9.8CVSS6.6AI score0.00485EPSS
Exploits1
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•6 views

Siemens COMOS has multiple vulnerabilities

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, retention and distribution of information throughout the plant lifecycle. Siemens COMOS has multiple vulnerabilities that can be exploited by attackers to execute...

6.1AI score
Exploits0References1
CNVD
CNVD
•added 2026/03/10 12:0 a.m.•3 views

D-Link DIR-513 goform/formAdvFirewall File Buffer Overflow Vulnerability

D-Link DIR-513 is a wireless router product from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-513 v1.10 version. The vulnerability stems from the goform/formAdvFirewall component failing to properly validate the length and size of input data, which can be exploited...

9.8CVSS6.4AI score0.00633EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•3 views

Google Chrome Skia integer overflow vulnerability (CNVD-2026-13797)

Google Chrome is a free web browser developed by Google Inc. Google Chrome Skia suffers from an integer overflow vulnerability that stems from improper handling of integer values and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.2AI score0.00497EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•8 views

Huawei HarmonyOS Print Module Competitive Conditions Vulnerability (CNVD-2026-18800)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Printing Module, which can be exploited by an attacker to cause availability to be...

6.2CVSS5.8AI score0.00083EPSS
Exploits0
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•5 views

D-Link DIR-513 goform/formSetDomainFilter File Buffer Overflow Vulnerability

D-Link DIR-513 is a wireless router product from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-513 goform/formSetDomainFilter file, which originates from the parameter curTime in the goform/formSetDomainFilter file that fails to correctly validate the length of the...

9.8CVSS6.5AI score0.00587EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•7 views

Delta Electronics CNCSoft-G2 Code Execution Vulnerability

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a code execution vulnerability that originates from insufficient user-supplied file validation, which can be exploited by an attacker to execute code...

7.8CVSS7.6AI score0.00351EPSS
Exploits0
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•3 views

D-Link DIR-513 Stack Buffer Overflow Vulnerability

D-Link DIR-513 is a wireless router product from China's AUO D-Link. The D-Link DIR-513 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause a denial of service...

9.8CVSS6.4AI score0.00714EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•2 views

Google Android suffers from unspecified vulnerability (CNVD-2026-14646)

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which originates from a logic error in the jumptopayload function of payload.rs, which can be exploited by an attacker to cause a local information disclosure...

5.5CVSS5.9AI score0.00094EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•2 views

Google Android elevation of privilege vulnerability (CNVD-2026-13144)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by a lock screen bypass due to competing conditions in multiple functions of KeyguardViewMediator.java. An attacker can exploit the...

7.4CVSS5.9AI score0.00076EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•1 views

Google Android suffers from unspecified vulnerability (CNVD-2026-13143)

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from a lack of permission checking in validateAddingWindowLw of DisplayPolicy.java, and can be exploited by an attacker to cause an application to intercept...

8.4CVSS5.8AI score0.00097EPSS
Exploits0References1
Total number of security vulnerabilities131179