Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/03/09 12:0 a.m.•2 views

IBM InfoSphere Information Server Log Information Disclosure Vulnerability

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server that...

5.3CVSS5.7AI score0.0019EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•14 views

Google Android Access Control Error Vulnerability (CNVD-2026-14643)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an Access Control Error vulnerability that originates from a logic error in multiple functions of ContentProvider.java, which can be exploited by an attacker to cause an application with read-onl...

8.4CVSS5.9AI score0.001EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•5 views

Google Android suffers from unspecified vulnerability (CNVD-2026-14645)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...

7CVSS5.9AI score0.00069EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/09 12:0 a.m.•6 views

Chamilo add_users_to_session.php file cross-site scripting vulnerability

Chamilo is a learning management system open source by Chamilo. A cross-site scripting vulnerability exists in the Chamilo adduserstosession.php file, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload...

6.1CVSS5.9AI score0.00155EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•6 views

Google Android Privilege Bypass Vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a privilege bypass vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

8.4CVSS5.8AI score0.00098EPSS
Exploits0
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•7 views

ChurchCRM Cross-Site Scripting Vulnerability (CNVD-2026-16683)

ChurchCRM is ChurchCRM open source an open source CRM system for churches. ChurchCRM suffers from a cross-site scripting vulnerability that originates from an authenticated user being able to store a JavaScript payload, no details of the vulnerability are provided at this time...

5.4CVSS5.6AI score0.00189EPSS
Exploits1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•3 views

Microsoft Azure Front Door Access Control Error Vulnerability

Microsoft Azure Front Door is a cloud-based content delivery network from Microsoft Corporation in the United States. An access control error vulnerability exists in Microsoft Azure Front Door, which can be exploited by an attacker to elevate privileges...

9.8CVSS5.8AI score0.01251EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•7 views

Microsoft Azure Arc Access Control Error Vulnerability

Microsoft Azure Arc is a storage system from Microsoft USA. that extends the Azure platform into your environment. Microsoft Azure Arc has an Access Control Error vulnerability that can be exploited by an attacker to elevate privileges...

9.8CVSS5.8AI score0.01526EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•9 views

FunAdmin Access Control Error Vulnerability

FunAdmin is a lightweight and highly colorful backend development system based on ThinkPHP6+Layui. An access control error vulnerability exists in funadmin. The vulnerability stems from the lack of validation of user privileges in the function getMember in the file...

9.1CVSS5.8AI score0.004EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•4 views

IBM Cloud Pak System Access Control Error Vulnerability

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An access control error vulnerability exists in IB...

4.3CVSS5.8AI score0.00207EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•12 views

Google Android elevation of privilege vulnerability (CNVD-2026-18786)

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android, which can be exploited by an attacker to cause an application to gain read and write access to non-existent files and local elevation of privilege...

8.4CVSS5.8AI score0.00103EPSS
Exploits0
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•4 views

FreeRDP Buffer Overflow Vulnerability (CNVD-2026-12777)

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a buffer overflow vulnerability that stems from unvalidated target rectangle boundaries in the GDI surface pipeline, which can be exploited by an attacker to cause a heap buffer...

8.8CVSS6.2AI score0.00537EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•5 views

Textream Resource Management Error Vulnerability

Textream is a teleprompter application. A resource management error vulnerability exists in Textream that stems from the DirectorServer WebSocket server not limiting concurrent connections, which can be exploited by an attacker to cause CPU and memory exhaustion, freezing and crashing the...

7.5CVSS5.8AI score0.00255EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•8 views

Microsoft Semantic Kernel Code Injection Vulnerability

Microsoft Semantic Kernel is a large model orchestration framework from Microsoft Corporation, USA. A code injection vulnerability exists in Microsoft Semantic Kernel versions prior to 1.39.4. The vulnerability stems from the InMemoryVectorStore filtering feature failing to properly filter specia...

9.9CVSS6.2AI score0.02914EPSS
Exploits2References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•7 views

Google Android Permission Mismanagement Vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a mismanagement of privileges vulnerability that can be exploited by attackers to cause memory corruption and local elevation of privileges...

8.4CVSS5.8AI score0.00107EPSS
Exploits0
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•4 views

IBM Cloud Pak System Information Disclosure Vulnerability (CNVD-2026-13784)

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An information disclosure vulnerability exists in...

5.3CVSS5.8AI score0.00206EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•9 views

Google Android Out-of-Bounds Write Vulnerability (CNVD-2026-18788)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an out-of-bounds write vulnerability that can be exploited by attackers to cause memory corruption and local elevation of privilege...

8.4CVSS6AI score0.00153EPSS
Exploits0
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•7 views

Google Android elevation of privilege vulnerability (CNVD-2026-19056)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by an out-of-bounds write due to an integer overflow in multiple functions of memprotect.c. The vulnerability is caused by an integer overflow in th...

8.4CVSS6.1AI score0.00152EPSS
Exploits0
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•6 views

Microsoft Azure Functions Information Disclosure Vulnerability

Microsoft Azure Functions is a hosted Platform-as-a-Service PaaS provider from Microsoft Corporation USA that delivers event-driven and scheduled compute resources for Azure cloud services. An information disclosure vulnerability exists in Microsoft Azure Functions, which can be exploited by an...

8.2CVSS5.8AI score0.00842EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•28 views

OpenClaw Information Disclosure Vulnerability (CNVD-2026-13370)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an information disclosure vulnerability. The vulnerability stems from the fact that skills.status may return raw parsed configuration values for the skills.config path via configChecks, which can be...

5.3CVSS5.8AI score0.00303EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•7 views

Google Android Information Disclosure Vulnerability (CNVD-2026-18787)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that stems from a lack of privilege checking, which can be exploited by attackers to obtain sensitive information...

6.2CVSS5.7AI score0.00103EPSS
Exploits0
CNVD
CNVD
•added 2026/03/06 12:0 a.m.•8 views

Google Android suffers from unspecified vulnerability (CNVD-2026-18789)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...

8.4CVSS5.8AI score0.00112EPSS
Exploits0
CNVD
CNVD
•added 2026/03/04 12:0 a.m.•2 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13371)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability, which stems from tools.exec.safeBins authentication can be bypassed and can be exploited by an attacker to cause unapproved code execution...

9.9CVSS5.9AI score0.00495EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/04 12:0 a.m.•5 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-18794)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to bypass security restrictions...

6.5CVSS5.8AI score0.00225EPSS
Exploits0
CNVD
CNVD
•added 2026/03/04 12:0 a.m.•6 views

Google Chrome Code Execution Vulnerability (CNVD-2026-18791)

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome, which can be exploited by an attacker to execute arbitrary code on a system...

7.5CVSS6.5AI score0.00204EPSS
Exploits0
CNVD
CNVD
•added 2026/03/04 12:0 a.m.•3 views

Microsoft Teams Access Control Error Vulnerability

Microsoft Teams is an American Microsoft Microsoft software for online meetings, chat, and cloud storage capabilities. Microsoft Teams suffers from an Access Control Error vulnerability that stems from improper access control and can be exploited by an attacker to cause an unauthorized attacker t...

9.8CVSS5.8AI score0.01198EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/04 12:0 a.m.•4 views

Fiber Security Feature Issue Vulnerability

Fiber is Fiber open source an open source Web framework written in Go language . Fiber suffers from a security signature issue vulnerability. The vulnerability stems from an error not returned by the UUID function and can be exploited by an attacker to use predictable or low entropy identifiers i...

9.4CVSS6AI score0.00471EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/04 12:0 a.m.•5 views

NVIDIA Delegated Licensing Service Authorization Issues Vulnerability

NVIDIA Delegated Licensing Service is a licensing service of NVIDIA Corporation. NVIDIA Delegated Licensing suffers from an authorization issue vulnerability that stems from improper authentication, which can be exploited by an attacker to cause information disclosure...

7.5CVSS5.7AI score0.00559EPSS
Exploits0
CNVD
CNVD
•added 2026/03/04 12:0 a.m.•4 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-18792)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to bypass security restrictions...

4.3CVSS5.8AI score0.00223EPSS
Exploits0
CNVD
CNVD
•added 2026/03/04 12:0 a.m.•7 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-18793)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to bypass security restrictions...

5.4CVSS5.8AI score0.00229EPSS
Exploits0
CNVD
CNVD
•added 2026/03/04 12:0 a.m.•4 views

Microsoft Windows Admin Center Authorization Issues Vulnerability

Microsoft Windows Admin Center is a locally deployed browser-based application from Microsoft USA. The program is mainly used for managing servers, clusters, etc. An authorization issue vulnerability exists in Microsoft Windows Admin Center that stems from improper authentication and can be...

8.8CVSS5.8AI score0.00803EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14482)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products due to an error in the WebKit component...

6.5CVSS5.9AI score0.0038EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Microsoft Outlook Information Disclosure Vulnerability (CNVD-2026-12557)

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Outlook. The vulnerability stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to conduc...

7.5CVSS5.8AI score0.01425EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

Microsoft Hyper-V Code Execution Vulnerability (CNVD-2026-17151)

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A code execution vulnerability exists in Microsoft Hyper-V, which can be exploited by an attacker to execute arbitrary code on a system...

7.3CVSS6.5AI score0.01243EPSS
Exploits1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

GFI MailEssentials AI Anti-Spoofing Configuration Page Cross-Site Scripting Vulnerability

GFI MailEssentials AI is a U.S. GFI open source anti-spam and data leakage protection software. A cross-site scripting vulnerability exists in the GFI MailEssentials AI Anti-Spoofing configuration page, which can be exploited by an attacker to execute scripts in the context of a logged-in user...

5.4CVSS5.7AI score0.00173EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Apple macOS Information Leakage Vulnerability (CNVD-2026-26096)

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Apple macOS has a vulnerability that allows attackers to access sensitive user data...

5.5CVSS6AI score0.00172EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

OpenClaw code issue vulnerability (CNVD-2026-13388)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a code issue vulnerability that stems from a Cron webhook delivery using fetch direct call, which can be exploited by an attacker to cause the webhook target to access private or internal endpoints...

7.3CVSS5.8AI score0.00327EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14288)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the urlfilter.cgi endpoint in the REDIRECTPAGE or CHILDREN parameter on the user-supplied data lack of effective filterin...

7.2CVSS6AI score0.0025EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14338)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . A cross-site scripting vulnerability exists in Smoothwall Express. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the SRCIP, DESTIP, or COMMENT parameters...

6.1CVSS5.9AI score0.00225EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14491)

Apple iOS is an operating system developed for mobile devices. apple watchOS is an operating system for smartwatches. apple macOS is a specialized operating system developed for Mac computers. A security bypass vulnerability exists in multiple Apple products and is due to a logic issue in the...

8.8CVSS5.9AI score0.00132EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14349)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the portfw.cgi script multiple parameters of the user-supplied data lack of effective filtering and escaping , an attacke...

6.1CVSS5.9AI score0.00225EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14487)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products and is caused due to an error in the...

7.5CVSS5.9AI score0.00608EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•6 views

Multiple Mozilla products have memory error-related vulnerabilities (CNVD-2026-23778)

Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that was separated from the Mozilla Application Suite. Several Mozilla products have memory error exploitation...

9.8CVSS8.9AI score0.00477EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13389)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from process cleanup using system-wide process enumeration and pattern matching without verifying ownership, which can be exploited by an attacker to terminate...

5.3CVSS5.8AI score0.00292EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Smoothwall Express proxy.cgi Endpoint Cross-Site Scripting Vulnerability

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express proxy.cgi endpoint cross-site scripting vulnerability , the vulnerability stems from the proxy.cgi endpoint in a number of parameters of the user-supplied data lack of effective filtering...

6.1CVSS5.9AI score0.00225EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13382)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that originates in the Discord audit operation processing using the sender's identity in the request parameters, which can be exploited by an attacker to request an audit operation by...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14493)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security bypass vulnerability exists in multiple Apple products and is caused due to a logic issue in the...

5.3CVSS5.9AI score0.00309EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Adobe After Effects suffers from an out-of-bounds read vulnerability (CNVD-2026-12688)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects 25.6 and...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Microsoft Windows Resource Management Error Vulnerability (CNVD-2026-12560)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A resource management error vulnerability exists in Microsoft Windows. The vulnerability stems from uncontrolled resource consumption by an application and can be exploited by an...

7.8CVSS5.8AI score0.00417EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

WordPress Plugin Web Accessibility by accessiBe Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Web Accessibility by...

5.3CVSS5.6AI score0.00282EPSS
Exploits0References1
Total number of security vulnerabilities131179