Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Adobe Substance 3D Stager suffers from an out-of-bounds read vulnerability (CNVD-2026-12699)

Substance 3D Stager is the United States of America Ordoby Adobe company launched a dedicated to the 3D scene set, lighting settings and high-quality rendering of professional software. An out-of-bounds read vulnerability exists in Adobe Substance 3D Stager, which can be exploited by an attacker ...

7.8CVSS5.9AI score0.00159EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•1 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14273)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...

5.7CVSS5.8AI score0.00258EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Multiple Apple Products Path Traversal Vulnerability

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A path traversal vulnerability exists in several Apple products. The vulnerability stems from a program's...

7.5CVSS6AI score0.00775EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

WordPress plugin Aardvark cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Aardvark has a cross-site scripting vulnerability, the vulnerability stems fro...

7.1CVSS5.9AI score0.0023EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Adobe Substance 3D Stager suffers from an out-of-bounds read vulnerability

Substance 3D Stager is the United States of America Ordoby Adobe company launched a dedicated 3D scene set, lighting setup and high-quality rendering of professional software. An out-of-bounds read vulnerability exists in Adobe Substance 3D Stager, which can be exploited by an attacker to execute...

7.8CVSS5.9AI score0.00159EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Adobe After Effects has a binary vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A binary vulnerability exists in Adobe After Effects 25.6 and earlier...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14374)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the preferences.cgi script on the HOSTNAME, KEYMAP and OPENNESS parameters of the user-supplied data lack of...

7.2CVSS5.8AI score0.00223EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Log injection vulnerability in IBM MQ Operator and IBM-supplied MQ Advanced container images

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable, proven messaging backbone for Service Oriented Architecture SOA. IBM-supplied MQ Advanced container images are standard container images officially provided by IBM,...

4CVSS5.8AI score0.00108EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Apple macOS Information Disclosure Vulnerability (CNVD-2026-14974)

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has an information disclosure vulnerability that can be exploited by attackers to access sensitive user data...

5.5CVSS5.9AI score0.00134EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Mozilla Firefox for Android information leakage vulnerability (CNVD-2026-23777)

Mozilla Firefox is an open-source web browser developed by the Mozilla Foundation in the United States. Mozilla Firefox for Android has a vulnerability where information can be leaked; attackers can exploit this vulnerability to obtain sensitive data...

7.5CVSS5.3AI score0.00253EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•49 views

IBM Concert has a weak cryptographic algorithm vulnerability

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform, announced by International Business Machines IBM Corporation at the IBM Think conference in Boston, USA. A weak cryptographic algorithm vulnerability exis...

7.5CVSS7.2AI score0.00137EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Apple macOS Tahoe Information Disclosure Vulnerability (CNVD-2026-14994)

Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe suffers from an information disclosure vulnerability that can be exploited by attackers to cause an application to access protected user data...

5.5CVSS5.9AI score0.00118EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Multiple Apple Product Code Execution Vulnerabilities (CNVD-2026-26099)

Apple iOS is an operating system developed for mobile devices. Apple macOS is a dedicated operating system developed specifically for Mac computers. Apple iPadOS is an operating system used for iPad tablets. Several Apple products have code execution vulnerabilities, and attackers can exploit the...

7.8CVSS7.5AI score0.00254EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•6 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13383)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that stems from the fact that under iMessage groupPolicy=allowlist, the identity of the sender from the DM pairing store can satisfy the group authorization, which can be exploited by an...

6.5CVSS5.8AI score0.00283EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

OpenClaw Resource Management Error Vulnerability (CNVD-2026-13374)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Resource Management Error vulnerability that stems from an ACP bridge accepting too large a block of prompt text, which can be exploited by an attacker to cause problems with the processing of abnorm...

4.8CVSS5.8AI score0.00165EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

OpenClaw Code Issues Vulnerabilities

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a code issue vulnerability that stems from the Gateway tool being under-restricted when accepting a gatewayUrl provided by the tool, which can be exploited by an attacker to cause an OpenClaw host to...

7.6CVSS5.8AI score0.00336EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Microsoft Hyper-V Buffer Overflow Vulnerability

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A buffer overflow vulnerability exists in Microsoft Hyper-V. The vulnerability stems from a failure to properly validate the length and size of...

7.3CVSS6.1AI score0.00548EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13376)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a security vulnerability that stems from logging not desensitizing Telegram bot tokens, which can be exploited by an attacker to cause token disclosure...

6.9CVSS5.8AI score0.00142EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•1 views

Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14492)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security bypass vulnerability exists in multiple Apple products and is caused by a logic issue in a kerne...

3.1CVSS5.9AI score0.00319EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

XML External Entity Injection Vulnerability in IBM Db2

IBM Db2 is the United States International Business Machines IBM company developed a set of relational database management system, it is the main operating environment for UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, and Windows server versions. An XML external entit...

8.2CVSS6.5AI score0.00296EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•27 views

Apache Shiro Authentication Bypass Vulnerability

Apache Shiro is the United States Apache Apache Foundation set of Java security framework for performing authentication, authorization, encryption and session management . An authentication bypass vulnerability exists in Apache Shiro versions prior to 2.0.7. The vulnerability stems from an...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Adobe After Effects suffers from an out-of-bounds write vulnerability (CNVD-2026-12691)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds write vulnerability exists in Adobe After Effects 25.6 and...

7.8CVSS6AI score0.00211EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

OpenClaw Cross-Site Request Forgery Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a cross-site request forgery vulnerability that stems from a browser-oriented local host change route accepting cross-domain browser requests without explicit Origin/Referer validation, which can be...

7.1CVSS5.7AI score0.0014EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14284)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the timedaccess.cgi endpoint MACHINES parameter on the user-supplied data lack of effective filtering and escaping , an...

6.1CVSS5.9AI score0.00244EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14272)

Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple macOS Sequoia is an operating system.... A denial-of-service vulnerability exists in multiple Apple products, which can be exploited by an attacker to cause a malicious HID...

5.7CVSS5.8AI score0.00259EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13377)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an unspecified vulnerability that stems from insufficient validation of the targetDir value during download skill installation, which can be exploited by an attacker to cause files to be written outsid...

6.8CVSS5.8AI score0.00166EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-13392)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that can be exploited by an attacker to cause session content disclosure in a multi-user environment...

6.9CVSS5.7AI score0.00105EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•6 views

WordPress plugin Aardvark cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. The WordPress plugin Aardvark cross-site scripting vulnerability can be exploited by an attacke...

7.5CVSS5.5AI score0.00238EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Zyxel EX3510-B0 TR-369 certificate download script command injection vulnerability

The Zyxel VMG3625-T50B is a VDSL2/ADSL2+ modem router produced by Zyxel Technologies. The Zyxel VMG3625-T50B has a command injection vulnerability as indicated by the TR-369 certification download script. This vulnerability stems from incorrect filtering of input parameters, allowing remote...

7.2CVSS8.7AI score0.00902EPSS
Exploits1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13381)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that originates from the BlueBubbles iMessage channel plugin accepting webhook requests as authenticated based only on the TCP peer address as the loopback address i.e., when a missing or...

7.5CVSS5.8AI score0.00319EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

GFI MailEssentials AI IP Blocklist Administration Page Cross-Site Scripting Vulnerability

GFI MailEssentials AI is a U.S. GFI open source anti-spam and data leakage protection software. A cross-site scripting vulnerability exists in the GFI MailEssentials AI IP Blocklist administration page, which can be exploited by an attacker to execute script in the context of a logged-in user...

5.4CVSS5.7AI score0.00173EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

WordPress Plugin Context Blog Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Context Blog. The...

5.3CVSS5.6AI score0.00336EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14480)

AApple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. apple macOS is a specialized operating system developed for Mac computers. An information disclosure vulnerability exists in multiple Apple products.The vulnerability is caused due to an error in the...

5.5CVSS5.9AI score0.00237EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

OpenClaw Access Control Error Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from an Access Control Error vulnerability that stems from the @openclaw/voice-call plugin Telnyx webhook handler accepting unsigned inbound webhook requests when telnyx.publicKey is not configured, which can b...

7.5CVSS5.8AI score0.00284EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

Microsoft Excel Elevation of Privilege Vulnerability (CNVD-2026-16158)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An elevation of privilege vulnerability exists in Microsoft Excel, which can be exploited by an attacker to elevate privileges...

7.8CVSS5.7AI score0.00524EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Security Bypass Vulnerability in Multiple Apple Products

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security bypass vulnerability exists in multiple Apple products, which can be exploited by an attacker to...

7.1CVSS5.8AI score0.00136EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Elevation of Privilege Vulnerability in Multiple Apple Products (CNVD-2026-14475)

Apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. apple macOS is a specialized operating system developed for Mac computers. An elevation of privilege vulnerability exists in multiple Apple products and is due to a race condition in the CoreServices...

7CVSS5.9AI score0.00102EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14283)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the hosts.cgi script in the IP, HOSTNAME or COMMENT parameter on the user-supplied data lack of effective filtering and...

6.1CVSS6AI score0.00225EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14276)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...

5.7CVSS5.8AI score0.00258EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Apple macOS out-of-bounds read vulnerability (CNVD-2026-14975)

Apple macOS is a specialized operating system developed by Apple for Mac computers. An out-of-bounds read vulnerability exists in Apple macOS, which can be exploited by an attacker to cause the system to unexpectedly terminate or read kernel memory...

7.7CVSS5.9AI score0.00199EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Apple macOS Tahoe Elevation of Privilege Vulnerability

Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe suffers from an elevation of privilege vulnerability that is caused due to an issue in the Installation Assistant component when using a specially crafted application. An attacker can exploit the...

7.8CVSS5.9AI score0.00198EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

OpenClaw Code Injection Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a code injection vulnerability. The vulnerability stems from the fact that channel metadata may be included in the model's system prompts when the Slack integration is enabled, increasing the attack...

3.7CVSS5.9AI score0.002EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•2 views

Smoothwall Express Cross-Site Scripting Vulnerability

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the modem.cgi script for INIT, HANGUP, SPEAKERON, SPEAKEROFF, TONEDIAL and PULSEDIAL parameters of the user-supplied data...

7.2CVSS5.9AI score0.00223EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13375)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from the fact that the confirmation dialog box for openclaw://agent deep links only displays the first 240 characters of the message but executes the full message,...

7.1CVSS5.9AI score0.00426EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Adobe Substance 3D Stager suffers from an out-of-bounds write vulnerability (CNVD-2026-12697)

Substance 3D Stager is the United States of America Ordoby Adobe company launched a dedicated to the 3D scene set, lighting settings and high-quality rendering of professional software. An out-of-bounds write vulnerability exists in Adobe Substance 3D Stager, which can be exploited by attackers t...

7.8CVSS6AI score0.00139EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•4 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14271)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...

5.7CVSS5.8AI score0.00258EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Multiple Apple Product Permissions Enhancement Vulnerabilities (CNVD-2026-26098)

Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system used for iPad tablets. Apple macOS Sonoma is also an operating system. Several Apple products have vulnerabilities related to privilege escalation, and attackers can exploit these vulnerabilities to...

7.8CVSS6AI score0.0016EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Microsoft Excel Buffer Overflow Vulnerability (CNVD-2026-12552)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A buffer overflow vulnerability exists in Microsoft Excel. The vulnerability stems from the program's failure to properly validate the length and size of input data, which can be exploited by an attacker ...

5.5CVSS6AI score0.00596EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•9 views

OpenClaw path traversal vulnerability (CNVD-2026-13428)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability. The vulnerability stems from the browser download assistant accepting uncleaned output paths, which can be exploited by an attacker to traverse a directory on a system t...

6.7CVSS5.8AI score0.00199EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

Microsoft Windows Kernel Competitive Conditions Vulnerability

The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. A competitive condition vulnerability exists in Microsoft Windows Kernel. The vulnerability stems from a competitive condition in the kernel's handling of certain operations and can be...

7.8CVSS5.8AI score0.02492EPSS
Exploits0References1
Total number of security vulnerabilities131179