Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

OpenClaw Data Forgery Issue Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from an unverified Telegram key token header and can be exploited by an attacker to process forged updates and perform unexpected actions...

7.5CVSS5.8AI score0.002EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14274)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...

5.7CVSS5.8AI score0.00258EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

OpenClaw Command Injection Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a command injection vulnerability that stems from improper cleanup of workspace paths when embedded in system prompts, which can be exploited by an attacker to cause command injection...

8.6CVSS5.8AI score0.00205EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Denial of Service Vulnerability in IBM Db2

IBM Db2 is a set of relational database management system developed by the United States International Business Machines IBM Corporation, and its main operating environments are UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, as well as Windows server versions. A denial...

6.5CVSS6.5AI score0.0024EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13378)

OpenClaw is openclaw open source an intelligent artificial assistant. A security vulnerability exists in OpenClaw that stems from the normalizeForHash function mishandling array sorting, which can be exploited by an attacker to cause a compromise in the integrity of a sandboxed configuration...

4.8CVSS5.8AI score0.00157EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

WordPress Plugin Simple Ajax Chat Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Simple Ajax Chat. The...

5.3CVSS5.6AI score0.00304EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13379)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from local helper scripts following symbolic links when packaging skills, which can be exploited by an attacker to cause unintentional disclosure of local files...

4.6CVSS5.8AI score0.00221EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

OpenClaw path traversal vulnerability (CNVD-2026-13427)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability. The vulnerability stems from the Feishu extension that allows sendMediaFeishu to treat an attacker-controlled mediaUrl value as a local file system path and read it...

7.5CVSS5.8AI score0.00482EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•1 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14290)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the iptools.cgi endpoint IP parameters of the user-supplied data lack of effective filtering and escaping , an...

6.1CVSS5.9AI score0.00244EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14479)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security bypass vulnerability exists in multiple Apple products, which is caused by a permissions issue i...

7.1CVSS5.9AI score0.00116EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

OpenClaw Cross-Site Scripting Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. A cross-site scripting vulnerability exists in OpenClaw. The vulnerability stems from improper escaping of assistant identity information when rendered by Control UI and can be exploited by an attacker to compromise...

5.8CVSS5.6AI score0.00228EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Microsoft Excel Buffer Overflow Vulnerability (CNVD-2026-12553)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A buffer overflow vulnerability exists in Microsoft Excel. The vulnerability stems from the program's failure to properly validate the length and size of input data, which can be exploited by an attacker ...

5.5CVSS6AI score0.00596EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Adobe After Effects has a Memory Free After Use Vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects 25.6 and earlier versions suffer from a Memory Free Aft...

7.8CVSS6.1AI score0.0022EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

OpenClaw OS Command Injection Vulnerability (CNVD-2026-13373)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability that stems from the failure of maintainer/developer scripts/update-clawtributors.ts to properly filter construct command special characters, commands...

8.8CVSS6.1AI score0.01709EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

OpenClaw Path Traversal Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to read arbitrary files from a gateway host by supplying an absolute path or path traversal sequence to the upload operation of a browser...

7.1CVSS5.9AI score0.00408EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14286)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the apcupsd.cgi script multiple POST parameters on the user-supplied data lack of effective filtering and escaping ...

6.1CVSS6AI score0.00225EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-14494)

Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. apple macOS is a specialized operating system developed for Mac computers. A security vulnerability exists in several Apple products that could be exploited by an attacker to disclose...

7.8CVSS7AI score0.00249EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

D-Link DWR-M960 formDdns File Buffer Overflow Vulnerability

The D-Link DWR-M960 is a router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DWR-M960 formDdns file. The vulnerability stems from a misbehavior of the function sub4648F0 in the file /boafrm/formDdns in the DDNS Settings Handler component with respect to the...

9CVSS7.8AI score0.0062EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•19 views

Google Chrome Buffer Overflow Vulnerability (CNVD-2026-12763)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a buffer overflow vulnerability that originates from a media out-of-bounds read, which can be exploited by a remote attacker to perform an out-of-bounds memory read via a crafted HTML page...

9.1CVSS7.8AI score0.00305EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Adobe After Effects has an out-of-bounds write vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds write vulnerability exists in Adobe After Effects 25.6 and...

7.8CVSS6AI score0.00184EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Microsoft Windows Notepad Command Injection Vulnerability

Microsoft Windows Notepad is a text editor program from Microsoft USA. A command injection vulnerability exists in Microsoft Windows Notepad. The vulnerability stems from the application failing to properly filter constructed command special characters, commands, etc. An attacker could exploit th...

7.8CVSS6.1AI score0.1165EPSS
Exploits9References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Adobe InDesign Desktop suffers from an out-of-bounds read vulnerability

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. A security vulnerability exists in Adobe InDesign Desktop version 21.1, version 20.5.1, and prior versions, which can be exploited by attackers to obtain sensitive information...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Memory Free After Use Vulnerability in Adobe After Effects 25.6 and Prior Versions

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects 25.6 and earlier versions suffer from a Memory Free Aft...

7.8CVSS6.1AI score0.0022EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

HTML Injection Vulnerability in IBM webMethods Integration Server

IBM webMethods Integration Server is an application connector from International Business Machines IBM. An HTML injection vulnerability exists in IBM webMethods Integration Server version 12.0. An attacker could exploit this vulnerability to execute arbitrary Web script or HTML...

5.4CVSS6AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•1 views

OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13430)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from unauthenticated TXT records in discovery beacons, where certain clients treat the TXT values as authoritative routing/fixed inputs. An attacker...

7.1CVSS5.8AI score0.001EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Adobe After Effects has an out-of-bounds read vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects 25.6 and...

7.8CVSS6AI score0.00211EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14488)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products. The vulnerability is caused due ...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Adobe After Effects suffers from an out-of-bounds read vulnerability (CNVD-2026-12689)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects 25.6 and...

7.8CVSS5.9AI score0.00211EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14280)

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A denial of service vulnerability exists in multiple Apple products, which can be exploited by attackers to cause a denial of service or...

4.4CVSS5.8AI score0.0012EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14495)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products and is caused due to an issue in...

5.3CVSS5.9AI score0.00222EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14490)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products and is caused due to a logic issu...

3.3CVSS5.9AI score0.00115EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•6 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14285)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the NTPSERVER parameter of the time.cgi...

6.1CVSS5.9AI score0.00254EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14485)

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. An information disclosure vulnerability exists in multiple Apple products and is caused due to a logging issue in the Game Center component wh...

7.5CVSS5.9AI score0.00228EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

OpenClaw Server-Side Request Forgery Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a server-side request forgery vulnerability. The vulnerability stems from the fact that SSRF protection can be bypassed using a full form IPv4 mapping IPv6 literal, which can be exploited by an attacke...

7.5CVSS5.8AI score0.00391EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

Code execution vulnerability in multiple Apple products (CNVD-2026-14497)

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A code execution vulnerability exists in several Apple products, which can be exploited by an attacker to execute arbitrary code...

7.8CVSS6.7AI score0.01319EPSS
Exploits4References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-14483)

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A security vulnerability exists in several Apple products that can be exploited by an attacker to cause an app to recognize other apps install...

7.1CVSS5.9AI score0.00137EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14275)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...

5.7CVSS5.8AI score0.00258EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14496)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products, which can be exploited by an...

6.5CVSS5.9AI score0.00123EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Apple macOS Tahoe Information Disclosure Vulnerability (CNVD-2026-14995)

Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe suffers from an information disclosure vulnerability that can be exploited by attackers to access sensitive user data...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•1 views

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14478)

Apple watchOS is a smartwatch operating system. apple macOS is a dedicated operating system developed for Mac computers. apple visionOS is an operating system for AR glasses. An information disclosure vulnerability exists in multiple Apple products and is caused due to an issue with the handling ...

5.5CVSS5.9AI score0.00142EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14345)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express suffers from a cross-site scripting vulnerability that originates from the interfaces.cgi script to GREENADDRESS, GREENNETMASK, REDDHCPHOSTNAME, REDADDRESS, DNS1OVERRIDE, DNS2 OVERRIDE,...

6.1CVSS5.9AI score0.00199EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Elevation of Privilege Vulnerability in Multiple Apple Products (CNVD-2026-14476)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An elevation of privilege vulnerability exists in several Apple products, which can be exploited by an...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•6 views

Unspecified Vulnerability in Mozilla Firefox for iOS (CNVD-2026-19942)

Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. A security vulnerability exists in Mozilla Firefox for iOS, which can be exploited by an attacker to cause the address bar and page content to be out of sync, allowing the attacker to forge...

4.3CVSS5.9AI score0.0015EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14481)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products due to an error in the WebKit component...

4.3CVSS5.9AI score0.00295EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•28 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14279)

Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is a set of operating systems developed for mobile devices.Apple macOS is a set of specialized operating systems developed specifically for Mac computers.Apple Safari is a we...

5.5CVSS5.8AI score0.00229EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Information Disclosure Vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway

IBM Sterling B2B Integrator is a flexible integration platform that simplifies complex B2B and Electronic Data Interchange EDI processes across the partner ecosystem, supports local and hybrid cloud deployments, ensures data security, and provides high availability guarantees.IBM Sterling File...

4.9CVSS5.8AI score0.00298EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-13408)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an access control error vulnerability. The vulnerability stems from a mismatch between rawCommand and command in the node host system.run handler, which can be exploited by an attacker to cause the...

7.2CVSS5.9AI score0.0049EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•8 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14289)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the smoothinfo.cgi endpoint WRAP or SECTIONTITLE parameter on the user-supplied data lack of effective filtering an...

6.1CVSS6AI score0.00233EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14354)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the outgoing.cgi endpoint in the MACHINE and MACHINECOMMENT parameters of the user-supplied data lack of effective...

6.1CVSS5.9AI score0.00225EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

Microsoft GitHub Copilot for JetBrains Command Injection Vulnerability

Microsoft GitHub Copilot for JetBrains is an AI programming assistant plugin from Microsoft USA that can be installed in various IDEs produced by JetBrains. A command injection vulnerability exists in Microsoft GitHub Copilot for JetBrains. The vulnerability stems from the application failing to...

8.8CVSS5.8AI score0.0081EPSS
Exploits0References1
Total number of security vulnerabilities131179