Lucene search
K

131179 matches found

CNVD
CNVD
•added 6 days ago•2 views

Google Chrome buffer overflow vulnerability (CNVD-2026-27209)

Chrome is a web browser developed by Google, used for accessing and managing web pages. Google Chrome has a buffer error vulnerability. The vulnerability arises due to a memory access flaw in the ANGLE component, which leads to out-of-bounds memory reads and writes during processing graphic...

9.6CVSS6.1AI score0.0023EPSS
Exploits0
CNVD
CNVD
•added 6 days ago•2 views

Google Chrome Permission Elevation Vulnerability (CNVD-2026-27212)

Chrome is a web browser developed by Google, used for accessing and managing web pages. Google Chrome has a permission escalation vulnerability. This vulnerability arises due to a defect in the handling of permission boundaries by the Bluetooth component when processing Bluetooth interactions wit...

8.8CVSS6AI score0.00253EPSS
Exploits0
CNVD
CNVD
•added 6 days ago•3 views

Google Chrome Cross-Site Script Vulnerability (CNVD-2026-27210)

Chrome is a web browser developed by Google, used for accessing and managing web pages. Google Chrome has a cross-site scripting vulnerability. This vulnerability arises due to improper implementation of CSS components when processing page style content. Attackers can exploit this vulnerability b...

6.1CVSS6.1AI score0.00145EPSS
Exploits0
CNVD
CNVD
•added 6 days ago•3 views

Google Chrome buffer overflow vulnerability (CNVD-2026-27213)

Chrome is a web browser developed by Google, used for accessing and managing web pages. Google Chrome has a buffer overflow vulnerability. This vulnerability arises due to memory processing defects in the V8 component, which handles JavaScript execution processes in HTML pages. Attackers can...

8.8CVSS6.5AI score0.00453EPSS
Exploits0
CNVD
CNVD
•added 6 days ago•3 views

Google Chrome Resource Management Error Vulnerability (CNVD-2026-27211)

Chrome is a web browser developed by Google, used for accessing and managing web pages. Google Chrome has a resource management vulnerability. The vulnerability arises from the DevTools component incorrectly using released memory when handling the lifecycle of debugging objects. Attackers can...

8.8CVSS6.3AI score0.0028EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•2 views

Adobe ColdFusion input validation error vulnerability (CNVD-2026-26851)

Adobe ColdFusion is a rapid web application development platform provided by the American company Adobe. Adobe ColdFusion has a vulnerability related to input validation, and attackers can exploit this vulnerability to execute arbitrary code within the context of the current user...

10CVSS7.4AI score0.00855EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•2 views

Adobe ColdFusion path traversal vulnerability (CNVD-2026-26849)

Adobe ColdFusion is a rapid web application development platform provided by the American company Adobe. Adobe ColdFusion has a path traversal vulnerability; this vulnerability stems from path traversal issues, and attackers can exploit it to execute arbitrary code within the context of the curre...

10CVSS7.4AI score0.28583EPSS
Exploits3
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•2 views

Google Chrome Resource Management Error Vulnerability (CNVD-2026-27214)

Google Chrome is a web browser used for accessing web pages and running web applications. There is a resource management vulnerability in Google Chrome. The vulnerability stems from a flaw in the V8 engine, where objects continue to be used after being released. Attackers can exploit this...

8.8CVSS6.3AI score0.00247EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•2 views

Adobe ColdFusion arbitrary file upload vulnerability

Adobe ColdFusion is a rapid web application development platform provided by the American company Adobe. Adobe ColdFusion has a vulnerability related to arbitrary file uploads. This vulnerability stems from the upload of dangerous types of files without restrictions, allowing attackers to execute...

10CVSS7.4AI score0.0063EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•2 views

Google Chrome Resource Management Error Vulnerability (CNVD-2026-27217)

Google Chrome is a web browser used for accessing web pages and running web applications. There is a resource management vulnerability in Google Chrome. The vulnerability stems from a flaw in the ANGLE component, where objects continue to be used after being released. Attackers can exploit this...

9.6CVSS6AI score0.00218EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•2 views

Adobe ColdFusion path traversal vulnerability (CNVD-2026-26845)

Adobe ColdFusion is a rapid web application development platform provided by the American company Adobe. Adobe ColdFusion has a path traversal vulnerability, which stems from improper path name filtering. Attackers can exploit this vulnerability to access files and directories that are not intend...

9.3CVSS7.1AI score0.01577EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•2 views

Google Chrome Resource Management Error Vulnerability (CNVD-2026-27216)

Google Chrome is a web browser used for accessing web pages and running web applications. There is a resource management vulnerability in Google Chrome. The vulnerability stems from a flaw in the V8 engine that allows objects to be reclaimed and then reused after their release. Attackers can...

7.5CVSS6.3AI score0.00216EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•2 views

Google Chrome heap buffer overflow vulnerability (CNVD-2026-27215)

Google Chrome is a web browser used for accessing web pages and running web applications. Google Chrome has a heap buffer overflow vulnerability. This vulnerability arises due to a flaw in the Skia component that leads to heap buffer overflows. Attackers can exploit this vulnerability to escape t...

8.3CVSS6.1AI score0.00245EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•2 views

Adobe ColdFusion arbitrary file upload vulnerability (CNVD-2026-26852)

Adobe ColdFusion is a rapid web application development platform provided by Adobe, Inc. ColdFusion has a vulnerability related to arbitrary file uploads. This vulnerability stems from improper file upload restrictions, and attackers can exploit this vulnerability to execute arbitrary code within...

10CVSS7.4AI score0.00917EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•2 views

Google Chrome Resource Management Error Vulnerability (CNVD-2026-27218)

Google Chrome is a web browser used for accessing web pages and running web applications. There is a resource management vulnerability in Google Chrome. The vulnerability stems from a flaw in the Dawn component on the Mac platform, where objects continue to be used after being released. Attackers...

9.6CVSS6AI score0.00215EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•3 views

Google Chrome Input Validation Vulnerability (CNVD-2026-26945)

Google Chrome is a web browser used for accessing web pages and running web applications. There is a vulnerability in Google Chrome’s input validation mechanism. The vulnerability stems from memory processing defects in the V8 engine. Attackers can exploit this vulnerability by constructing HTML...

8.8CVSS6.3AI score0.00291EPSS
Exploits0
CNVD
CNVD
•added 2026/07/06 12:0 a.m.•3 views

Adobe ColdFusion input validation error vulnerability (CNVD-2026-26850)

Adobe ColdFusion is a rapid web application development platform provided by the American company Adobe. Adobe ColdFusion has a vulnerability related to input validation, and attackers can exploit this vulnerability to execute arbitrary code within the context of the current user...

10CVSS7.4AI score0.01396EPSS
Exploits0
CNVD
CNVD
•added 2026/07/01 12:0 a.m.•5 views

Siemens Mendix Studio Pro arbitrary code execution vulnerability

Mendix Studio Pro is a low-code IDE designed for professional developers. It is a visual model-driven development environment used to build applications on the Mendix platform. Siemens Mendix Studio Pro has a vulnerability where arbitrary code can be executed. Attackers can exploit this...

6.8CVSS6.3AI score0.00193EPSS
Exploits0
CNVD
CNVD
•added 2026/07/01 12:0 a.m.•5 views

Tenda JD12L buffer overflow vulnerability

JD12L is a Tenda wireless router device, used for home and small network access. The Tenda JD12L has a buffer overflow vulnerability. This vulnerability arises due to the lack of length validation for the security5g parameter in the formWifiBasicSet function of the /goform/WifiBasicSet interface...

9CVSS7.8AI score0.00466EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•5 views

Dell PowerFlex Manager Access Control Vulnerability (CNVD-2026-26083)

Dell PowerFlex Manager is an open-source software-defined storage management platform developed by the American company Dell. Dell PowerFlex Manager has a vulnerability related to access control. This vulnerability stems from improper access control mechanisms, allowing attackers to exploit it to...

8CVSS6AI score0.0015EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•5 views

OpenBSD input validation error vulnerability

OpenBSD is an open-source, cross-platform BSD-based UNIX-like operating system developed by the OpenBSD Foundation in Canada. Versions of OpenBSD prior to 076e2b1 contained a vulnerability related to input validation errors. This vulnerability stemmed from the fact that the length value in the...

5.8CVSS6AI score0.00211EPSS
Exploits1
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Apache Shiro input validation vulnerability (CNVD-2026-26205)

Apache Shiro is a security and permission framework that is open-source under the Apache Foundation in the United States. There is an input validation vulnerability in Apache Shiro. This vulnerability stems from the lack of escaping of special characters according to RFC 2253 in the...

9.1CVSS7.2AI score0.00494EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Apple Safari path traversal vulnerability (CNVD-2026-26335)

Apple Safari is a web browser developed by Apple Inc., integrated into iOS, iPadOS, and macOS systems. It supports web browsing and rendering functions. Apple Safari has a path traversal vulnerability, which stems from an inability to correctly verify file paths. Attackers can exploit this...

6.5CVSS5.8AI score0.00255EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Apple Safari buffer overflow vulnerability (CNVD-2026-26364)

Safari is a web browser developed by Apple Inc., whose main function is to browse web content. Apple Safari has security vulnerabilities; these vulnerabilities arise due to improper handling of maliciously constructed web content. Attackers can exploit these vulnerabilities to cause memory...

8.8CVSS5.9AI score0.00275EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Apple Safari buffer overflow vulnerability (CNVD-2026-26339)

Apple Safari is a web browser developed by Apple Inc. It primarily runs on iOS, iPadOS, and macOS operating systems, used to display web page content. Apple Safari has a security vulnerability. This vulnerability stems from improper handling of maliciously crafted web content, resulting in memory...

6.5CVSS6AI score0.00202EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Apple Safari WebKit memory corruption vulnerability (CNVD-2026-26340)

Apple Safari is a web browser developed by Apple Inc., utilizing the WebKit rendering engine. It primarily serves the function of browsing web pages. Apple Safari has a memory corruption vulnerability. This vulnerability stems from the failure to properly manage memory when processing maliciously...

6.5CVSS6.2AI score0.00307EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Google Android Configuration Error Vulnerability

Google Android is an open-source operating system based on Linux, developed by Google Inc. Google Android has a configuration vulnerability that stems from unsafe default values in the NfcDispatcher.java file. Attackers can exploit this vulnerability to gain local privileges...

10CVSS6AI score0.00165EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•5 views

Google Android Authorization Vulnerability (CNVD-2026-26201)

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. Attackers can exploit these vulnerabilities to cause local information leaks...

3.3CVSS5.9AI score0.00068EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Google Android Authorization Vulnerability (CNVD-2026-26392)

Google Android is an operating system based on Linux, open-sourced by the American company Google. Google Android has authorization-related vulnerabilities; these vulnerabilities stem from the lack of permission checks. Attackers can exploit these vulnerabilities to gain higher levels of access...

10CVSS5.9AI score0.00218EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Dell PowerFlex Manager encryption vulnerability (CNVD-2026-26082)

Dell PowerFlex Manager is a software-defined storage management platform developed by the American company Dell. Versions of Dell PowerFlex Manager prior to 4.5.1.1 contained security vulnerabilities. Attackers could exploit these vulnerabilities to carry out man-in-the-middle attacks using DNS...

6.5CVSS5.9AI score0.00124EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Dell PowerStore cross-site scripting vulnerability (CNVD-2026-26084)

Dell PowerStore is an enterprise-level network storage system developed by the American company Dell. Dell PowerStore has a cross-site scripting vulnerability. This vulnerability stems from the lack of effective filtering and escaping of data provided by users in the PowerStore Manager. Attackers...

5.4CVSS5.9AI score0.00199EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•3 views

Dell EMC VxRail Appliance permission licensing and access control issue vulnerabilities

The Dell EMC VxRail Appliance is an integrated hypervisor-enabled hyper-converged infrastructure device developed by the American company Dell. Versions of the Dell EMC VxRail Appliance prior to 7.0.520 contain security vulnerabilities. Attackers can exploit these vulnerabilities to escape from...

7CVSS6AI score0.00081EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Google Android has an unknown vulnerability (CNVD-2026-26390)

Google Android is an operating system based on Linux, open-sourced by Google Inc. There are security vulnerabilities in Google Android, which stem from a lack of boundary checks in the mfccorenalqgetdecmetadataseinal function in mfccorenal.q. Attackers can exploit these vulnerabilities to execute...

8.8CVSS6AI score0.00277EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•3 views

Rockwell Automation CompactLogix 5370 suffers a denial-of-service vulnerability

Rockwell Automation CompactLogix 5370 is a programmable automation controller developed by Rockwell Automation in the United States. The CompactLogix 5370 has a denial-of-service vulnerability, which stems from the lack of verification of sequence numbers and source IP addresses in the CIP...

8.7CVSS6AI score0.0017EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•3 views

Apple Safari WebKit stack overflow vulnerability

Apple Safari is a cross-platform web browser product developed by Apple. It primarily provides functions for rendering and browsing web content. Apple Safari has a stack overflow vulnerability, which stems from an inability to properly validate input data. Attackers can exploit this vulnerability...

6.5CVSS6AI score0.00284EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•3 views

Google Android competition conditions issue vulnerability (CNVD-2026-26393)

Google Android is an open-source operating system based on Linux, developed by Google Inc. Google Android has a vulnerability known as a race condition. This vulnerability stems from a persistent synchronization issue within the createSessionInternal function in PackageInstallerService.java...

10CVSS5.9AI score0.00123EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Dell PowerFlex Manager permission and access control vulnerabilities

Dell PowerFlex Manager is a software-defined storage management platform developed by the American company Dell. Dell PowerFlex has vulnerabilities related to permission licensing and access control. These vulnerabilities stem from improper access control mechanisms, and attackers can exploit the...

6.5CVSS5.9AI score0.0021EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•3 views

Cisco Identity Services Engine Software Authorization Vulnerability

Cisco Identity Services Engine Software is a identity management platform developed by the American company Cisco. There are authorization-related vulnerabilities in Cisco Identity Services Engine Software. These vulnerabilities stem from improper authorization checks during resource access...

7.5CVSS5.9AI score0.00407EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•5 views

Cisco Webex App input validation vulnerability (CNVD-2026-26204)

The Cisco Webex App is a video conferencing and collaboration software developed by Cisco, Inc. in the United States. The Cisco Webex App has a vulnerability related to input validation. This vulnerability stems from improper input validation of URL parameters in HTTP requests. Attackers can...

4.3CVSS6AI score0.00202EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Apple Safari permissions vulnerability (CNVD-2026-26338)

Apple Safari is a web browser developed by Apple Inc., integrated into iOS, iPadOS, and macOS systems. It is primarily used for accessing and browsing web content. Apple Safari has a permissions vulnerability. This vulnerability stems from improper handling of permissions restrictions during...

6.5CVSS5.9AI score0.00312EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Rockwell Automation FactoryTalk Analytics PavilionX Authorization Issues Vulnerability

Rockwell Automation FactoryTalk Analytics PavilionX is an industrial automation analysis platform developed by the Rockwell Automation Foundation in the United States. There is a vulnerability related to authorization in Rockwell Automation FactoryTalk Analytics PavilionX. This vulnerability stem...

8.3CVSS6.1AI score0.00235EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Apple Safari buffer overflow vulnerability (CNVD-2026-26434)

Apple Safari is a web browser developed by Apple Inc., primarily used on iOS, iPadOS, and macOS systems. It provides web browsing functionality. Apple Safari has a buffer overflow vulnerability. This vulnerability stems from insufficient validation of boundary checks. Attackers can exploit this...

6.5CVSS6.2AI score0.00257EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•5 views

TP-Link TL-WR841N Web interface stack buffer overflow vulnerability

The TP-Link TL-WR841N v14 is a wireless router produced by the Chinese company TP-Link. The TP-Link TL-WR841N v14 has a stack buffer overflow vulnerability in its web interface. This vulnerability arises from improper handling of specially crafted HTTP requests, leading to a buffer overflow...

6.8CVSS6.4AI score0.00554EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Google Android Permission Licensing and Access Control Vulnerabilities (CNVD-2026-26369)

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. Attackers can exploit these vulnerabilities to gain local privileges...

10CVSS5.9AI score0.00155EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•5 views

Apple Safari resource management error vulnerability (CNVD-2026-26365)

Apple Safari is a web browser developed by Apple Inc. It serves as the default browser for iOS, iPadOS, and macOS systems. It supports web browsing, extended features, and synchronization across multiple platforms. There is a resource management vulnerability in Apple Safari. This vulnerability...

5.3CVSS5.9AI score0.00218EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Dell Peripheral Manager permissions and access control vulnerabilities (CNVD-2026-26537)

Dell Peripheral Manager is a peripheral device management software developed by the American company Dell. Versions of Dell Peripheral Manager prior to 1.7.3 contained security vulnerabilities. Attackers could exploit these vulnerabilities to execute arbitrary code by preloading malicious DLLs...

7.8CVSS6.2AI score0.00098EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Google Chrome Input Validation Vulnerability (CNVD-2026-26522)

Google Chrome is a cross-platform web browser developed by Google Inc. of the United States. There is a security vulnerability in Google Chrome. This vulnerability stems from improper implementations in extensions. Attackers can exploit this vulnerability to bypass the origin policy using a...

4.2CVSS5.9AI score0.00137EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•4 views

Dell Peripheral Manager permissions and access control vulnerabilities

Dell Peripheral Manager is a peripheral device management software developed by the American company Dell. There are security vulnerabilities in Dell Peripheral Manager. Attackers can exploit these vulnerabilities to execute arbitrary code by preloading malicious executable files...

6.7CVSS6.2AI score0.00099EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•5 views

Google Chrome Authorization Vulnerability (CNVD-2026-26521)

Google Chrome is a cross-platform web browser developed by Google Inc. of the United States. There is a security vulnerability in Google Chrome. This vulnerability stems from improper handling of passwords in the Password module. Attackers can exploit this vulnerability to leak cross-source data...

4.3CVSS5.9AI score0.00194EPSS
Exploits0
CNVD
CNVD
•added 2026/06/30 12:0 a.m.•2 views

Multiple Mozilla products have buffer overflow vulnerabilities (CNVD-2026-26885)

Mozilla Firefox is an open-source web browser developed by the Mozilla Foundation in the United States. Mozilla Firefox ESR is an extended support version of Firefox the web browser developed by the Mozilla Foundation. Mozilla Thunderbird is an email client software independently developed from t...

5.3CVSS6.2AI score0.00261EPSS
Exploits0
Total number of security vulnerabilities131179