Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/03/09 12:0 a.m.•5 views

D-Link DIR-513 Stack Buffer Overflow Vulnerability (CNVD-2026-19424)

D-Link DIR-513 is a wireless router product from China's AUO D-Link. The D-Link DIR-513 suffers from a stack buffer overflow vulnerability that originates from the parameter curTime in the file goform/formSetWANTypeWizard5 that fails to correctly validate the length size of the input data, which...

9.8CVSS6.4AI score0.00587EPSS
Exploits1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•3 views

Google Chrome WebAssembly Memory Out-of-Bounds Access Vulnerability

Google Chrome is a free web browser developed by Google Inc. A memory out-of-bounds access vulnerability exists in Google Chrome WebAssembly, which stems from improper memory buffer access control and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.2AI score0.00306EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•3 views

Microsoft Payment Orchestrator Service Access Control Error Vulnerability

Microsoft Payment Orchestrator Service is a Microsoft feature that provides cloud-native payment process automation and orchestration for the financial services industry. An Access Control Error vulnerability exists in Microsoft Payment Orchestrator Service, which stems from improper authenticati...

9.8CVSS5.9AI score0.01171EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•4 views

Chamilo CSV File Name Cross-Site Scripting Vulnerability

Chamilo is a learning management system open source by Chamilo. A cross-site scripting vulnerability exists in Chamilo CSV filenames, which stems from insufficient cleanup of CSV filenames, and no detailed vulnerability details are provided at this time...

4.8CVSS5.8AI score0.00295EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•5 views

Google Android Denial of Service Vulnerability (CNVD-2026-13147)

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which stems from improper input validation in multiple functions of ProfilingService.java, and can be exploited by an attacker to cause a denial of service...

6.2CVSS5.8AI score0.00094EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•5 views

Google Android elevation of privilege vulnerability (CNVD-2026-13146)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by proxy obfuscation in multiple functions of MediaProvider.java that could potentially bypass the external storage write permission. An...

8.4CVSS5.8AI score0.00101EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•6 views

Discourse Access Control Error Vulnerability (CNVD-2026-17485)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an Access Control Error vulnerability that stems from an open Access Control Failure in the Data Explorer plugin,...

5.4CVSS5.9AI score0.00151EPSS
Exploits0
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•4 views

Chamilo index.php file SQL injection vulnerability

Chamilo is a learning management system open source by Chamilo. Chamilo index.php file contains a SQL injection vulnerability , an attacker can use the vulnerability to execute illegal SQL commands to steal sensitive database data...

9.8CVSS6AI score0.00587EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•2 views

Google Chrome CSS Memory Out-of-Bounds Read Vulnerability

Google Chrome is a free web browser developed by Google Inc. Google Chrome CSS suffers from a memory out-of-bounds read vulnerability that originates from out-of-bounds reads of memory buffer data, which can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.2AI score0.00258EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•6 views

Gradio Trust Management Issue Vulnerability

Gradio is an open source Python library from Gradio Open Source, a way to demonstrate machine learning models through a friendly web interface. A trust management issue vulnerability exists in Gradio versions prior to 4.16.0 through 6.6.0. The vulnerability stems from the automatic enablement of...

5.9CVSS5.7AI score0.00453EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•5 views

Google Android elevation of privilege vulnerability (CNVD-2026-14649)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that could be initiated anywhere due to proxy obfuscation in executeRequest of ActivityStarter.java. An attacker can exploit the vulnerability to gain...

7.8CVSS5.9AI score0.00094EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•7 views

Google Android Information Disclosure Vulnerability (CNVD-2026-13142)

Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

6.5CVSS5.8AI score0.00067EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•4 views

FreeRDP freerdp_image_copy_from_icon_data function buffer overflow vulnerability

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A buffer overflow vulnerability exists in versions prior to FreeRDP 3.23.0. The vulnerability stems from a buffer over-read in the freerdpimagecopyfromicondata function, which can be exploited by an...

6.9CVSS6.1AI score0.00242EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•13 views

Google Android suffers from unspecified vulnerability (CNVD-2026-13151)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...

7.8CVSS5.8AI score0.00088EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•16 views

Huawei HarmonyOS Device Security Management Module Competitive Conditions Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS device security management module, which can be exploited by an attacker to cause...

4.7CVSS5.8AI score0.00061EPSS
Exploits0
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•6 views

Google Android elevation of privilege vulnerability (CNVD-2026-13149)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in multiple functions of KeyguardViewMediator.java, which can be exploited by an attacker to gain elevated privileges on...

8.4CVSS5.8AI score0.0011EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•8 views

Google Android Information Disclosure Vulnerability (CNVD-2026-16154)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability. The vulnerability is caused by a possible way to access the GPU cache due to side channel information leakage in drawLayersInternal of SkiaRenderEngine.cp...

7.4CVSS5.7AI score0.00091EPSS
Exploits0
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•6 views

Google Android elevation of privilege vulnerability (CNVD-2026-16155)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from a lack of privilege checking in the relayoutWindow function of WindowManagerService.java, which can be exploited by an attacker to gain...

8.4CVSS5.7AI score0.00094EPSS
Exploits0
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•2 views

Google Android suffers from unspecified vulnerability (CNVD-2026-14648)

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from improper input validation of the loadDescription function in DeviceAdminInfo.java, and can be exploited by an attacker to cause a local elevation of...

9.8CVSS5.9AI score0.00192EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•1 views

Google Android elevation of privilege vulnerability (CNVD-2026-13790)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability. An attacker can exploit the vulnerability to cause a local elevation of privilege...

8.4CVSS5.8AI score0.00108EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•6 views

D-Link DIR-513 Stack Buffer Overflow Vulnerability (CNVD-2026-16146)

D-Link DIR-513 is a wireless router product from China's AUO D-Link. The D-Link DIR-513 suffers from a stack buffer overflow vulnerability that originates from the failure of the parameter curTime in the file goform/formSetQoS to properly validate the length size of the input data, which can be...

9.8CVSS6.4AI score0.00699EPSS
Exploits1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•3 views

Google Android elevation of privilege vulnerability (CNVD-2026-14650)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to gain higher privileges on the system...

8.4CVSS5.9AI score0.00114EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•4 views

Chamilo import.php file OS command injection vulnerability

Chamilo is a learning management system open source by Chamilo. Chamilo import.php file exists operating system command injection vulnerability , the vulnerability stems from /plugin/vchamilo/views/import.php POST tomaindatabase parameter fails to correctly filter constructive commands special...

7.2CVSS6AI score0.02603EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•4 views

Chamilo copy_course_session_selected.php file SQL injection vulnerability

Chamilo is a learning management system open source by Chamilo. Chamilo copycoursesessionselected.php file contains a SQL injection vulnerability that can be exploited by an attacker to execute illegal SQL commands to steal sensitive database data...

8.8CVSS5.9AI score0.00733EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•5 views

Chamilo check_parse_lang.php file OS command injection vulnerability

Chamilo is a learning management system open source by Chamilo. Chamilo checkparselang.php file has an operating system command injection vulnerability that can be exploited by an attacker to cause arbitrary command execution...

7.2CVSS5.8AI score0.02603EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•3 views

Unspecified vulnerability in Discourse (CNVD-2026-17486)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a security vulnerability that stems from a lack of validatebeforecreate authorization in Data Explorer's...

5.3CVSS5.7AI score0.00153EPSS
Exploits0
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•8 views

Huawei HarmonyOS Window Module Double Release Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A double-release vulnerability exists in the Huawei HarmonyOS window module, which can be exploited by an attacker to cause availability to be compromised...

5.5CVSS5.8AI score0.0007EPSS
Exploits0
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•7 views

Google Android elevation of privilege vulnerability (CNVD-2026-13148)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in exitKeyguardAndFinishSurfaceBehindRemoteAnimation of KeyguardViewMediator.java, which can be exploited by an attacker...

8.4CVSS5.8AI score0.0011EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•1 views

Google Chrome WebAudio Memory Out-of-Bounds Access Vulnerability

Google Chrome is a free web browser developed by Google Inc. Google Chrome WebAudio suffers from a memory out-of-bounds access vulnerability that stems from an improper implementation and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.1AI score0.003EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•6 views

Apache Airflow Log Message Disclosure Vulnerability

Apache Airflow is the United States Apache Apache Foundation's set of open source platform with the creation, management and monitoring of workflow functions. The platform is scalable and dynamic monitoring and other features. Apache Airflow has a log information disclosure vulnerability. An...

6.5CVSS5.8AI score0.00363EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•4 views

Google Chrome DevTools Heap Corruption Vulnerability

Google Chrome is a free web browser developed by Google Inc. A heap corruption vulnerability exists in Google Chrome DevTools, which stems from improper object destructuring and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.1AI score0.00271EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•8 views

Google Chrome WebCodecs Heap Overflow Vulnerability

Google Chrome is a free web browser developed by Google Inc. Google Chrome WebCodecs suffers from a heap overflow vulnerability that originates from a partial overwrite of heap memory and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.2AI score0.00313EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•6 views

Google Android Denial of Service Vulnerability (CNVD-2026-14647)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability that stems from improper input validation in multiple locations, which can be exploited by an attacker to cause a denial of service...

5.5CVSS5.9AI score0.00087EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•11 views

Discourse Access Control Error Vulnerability (CNVD-2026-17484)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an Access Control Error vulnerability that stems from a Chat::AddUsersToChannel add member that bypasses private...

5.3CVSS5.7AI score0.00158EPSS
Exploits0
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•20 views

Unspecified Vulnerability in Google Android (CNVD-2026-14652)

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which originates from a logic error in the onStart function of CompanionDeviceManagerService.java, which can be exploited by an attacker to cause a local elevation of...

7.8CVSS5.9AI score0.00098EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•5 views

Chamilo editinstance.php file OS command injection vulnerability

Chamilo is a learning management system open source by Chamilo. Chamilo editinstance.php file has an operating system command injection vulnerability , the vulnerability stems from the file /plugin/vchamilo/views/editinstance.php on the POST parameter maindatabase improperly handled , an attacker...

7.2CVSS6.1AI score0.02746EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•10 views

Google Chrome V8 Memory Out-of-Bounds Access Vulnerability (CNVD-2026-13792)

Google Chrome is a free web browser developed by Google Inc. Google Chrome V8 suffers from a memory out-of-bounds access vulnerability that stems from improper memory buffer access control and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.2AI score0.00289EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•2 views

Chamilo hotpotatoes.php File SQL Injection Vulnerability

Chamilo is a learning management system open source by Chamilo. Chamilo hotpotatoes.php file contains a SQL injection vulnerability that can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

7.2CVSS5.9AI score0.00537EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•5 views

Chamilo add_users_to_session.php file cross-site scripting vulnerability

Chamilo is a learning management system open source by Chamilo. A cross-site scripting vulnerability exists in the Chamilo adduserstosession.php file, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload...

6.1CVSS5.9AI score0.00155EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•3 views

Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability

Microsoft ACI Confidential Containers is a Microsoft credentials container. A security vulnerability exists in Microsoft ACI Confidential Containers that stems from a poor design and can be exploited by a local attacker to elevate privileges...

6.7CVSS5.8AI score0.00462EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•4 views

Google Android Denial of Service Vulnerability (CNVD-2026-13150)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability that is caused due to a path traversal error in multiple functions of MmsProvider.java resulting in a possible way of arbitrarily deleting files affecting phone...

9.1CVSS5.8AI score0.00263EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•5 views

Microsoft Devices Pricing Program Code Issue Vulnerability

The Microsoft Devices Pricing Program is Microsoft's exclusive device purchasing and pricing mechanism for enterprise customers, partners, or select channels to enjoy customized pricing, terms of business, and support for volume purchases of Surface Series devices such as Surface Laptop, Surface...

9.8CVSS6.1AI score0.01596EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•4 views

Google Android suffers from unspecified vulnerability (CNVD-2026-14645)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...

7CVSS5.9AI score0.00069EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•3 views

Google Android suffers from unspecified vulnerability (CNVD-2026-14651)

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from a logic error in the loadDataAndPostValue function for multiple files, which may mask the use of permissions and can be exploited by an attacker to cause a...

8.4CVSS5.9AI score0.00098EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•4 views

Google Android elevation of privilege vulnerability (CNVD-2026-14644)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in multiple functions of TaskFragmentOrganizerController.java, which can be exploited by an attacker to elevate privileg...

7.7CVSS5.9AI score0.00102EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•4 views

Microsoft ACI Confidential Containers Information Disclosure Vulnerability

Microsoft ACI Confidential Containers is a Microsoft credentials container. A security vulnerability exists in Microsoft ACI Confidential Containers that stems from an improper design and can be exploited by an attacker to obtain sensitive information...

6.5CVSS5.8AI score0.01016EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•2 views

Apache Superset Security Bypass Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A security bypass vulnerability exists in Apache Superset, which can be exploited by an attacker to execute sensitive SQL functions...

6.5CVSS5.9AI score0.00607EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•9 views

Apache Superset Security Bypass Vulnerability (CNVD-2026-13252)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A security bypass vulnerability exists in Apache Superset, which can be exploited by an attacker to bypass data access controls...

7.1CVSS5.8AI score0.00436EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•7 views

Apache Superset SQL Injection Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from a SQL injection vulnerability that can be exploited by an attacker to view, add, modify, or delete arbitrary files on the database...

6.5CVSS5.9AI score0.00503EPSS
Exploits2References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•2 views

Apache Superset Information Disclosure Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset has an information disclosure vulnerability that can be exploited by an attacker to retrieve sensitive user information...

6.5CVSS5.8AI score0.004EPSS
Exploits0References1
Total number of security vulnerabilities131179