Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

OpenClaw OS Command Injection Vulnerability (CNVD-2026-13372)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability. The vulnerability stems from a keychain credential refresh shell command constructed on macOS failing to properly filter constructed command special...

8CVSS6.1AI score0.012EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14367)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the xtaccess.cgi endpoint EXT, DESTPORT or COMMENT parameter on the user-supplied data lack of effective filtering...

6.1CVSS6AI score0.00244EPSS
Exploits1References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14277)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by an attacker t...

4.6CVSS5.8AI score0.00242EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•8 views

Microsoft Hyper-V Access Control Error Vulnerability

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. An access control error vulnerability exists in Microsoft Hyper-V. The vulnerability stems from a flaw in the access control mechanism and can be...

8.8CVSS5.8AI score0.00356EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14486)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products, which is caused due to an issue in the...

7.5CVSS5.9AI score0.0047EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

Zyxel EX3510-B0 UPnP command injection vulnerability

The Zyxel EX3510-B0 is a Gigabit Ethernet switch produced by Zyxel Technology. The Zyxel EX3510-B0 UPnP device has a command injection vulnerability related to UPnP SOAP requests. This vulnerability stems from incorrect filtering of input parameters, allowing remote attackers to execute arbitrary...

9.8CVSS8.7AI score0.0106EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Adobe Substance 3D Stager suffers from an out-of-bounds write vulnerability

Substance 3D Stager is the United States of America Ordoby Adobe company launched a dedicated to the 3D scene set, lighting settings and high-quality rendering of professional software. An out-of-bounds write vulnerability exists in Adobe Substance 3D Stager 3.1.6 and earlier versions, which can ...

7.8CVSS6AI score0.00176EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•7 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13380)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a security vulnerability that stems from a Docker tool sandbox configuration injection issue that can be exploited by an attacker to cause container escape or host data access...

9.8CVSS5.8AI score0.00479EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Multiple Apple products have service denial vulnerabilities (CNVD-2026-26097)

Apple iOS is an operating system developed for mobile devices. Apple macOS is a dedicated operating system designed specifically for Mac computers. Apple iPadOS is an operating system used for iPad tablets. Several Apple products have service denial vulnerabilities, and attackers can exploit thes...

8.8CVSS7.1AI score0.0054EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Apple macOS Sonoma information leakage vulnerability

Apple macOS Sequoia is an operating system developed by the American company Apple. Apple macOS Sonoma has a vulnerability where attackers can exploit it to access sensitive user data...

5.5CVSS5.9AI score0.00231EPSS
Exploits0
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•6 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13383)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that stems from the fact that under iMessage groupPolicy=allowlist, the identity of the sender from the DM pairing store can satisfy the group authorization, which can be exploited by an...

6.5CVSS5.8AI score0.00283EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14489)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products, which is caused due to an issue in the...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•5 views

Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-14477)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in several Apple products. An attacker could exploit this vulnerability to...

5.5CVSS5.9AI score0.00132EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/02 12:0 a.m.•3 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14481)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products due to an error in the WebKit component...

4.3CVSS5.9AI score0.00295EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/28 12:0 a.m.•2 views

IBM Concert Cross-Site Scripting Vulnerability (CNVD-2026-13785)

IBM Concert is IBM for the Z platform integrated Web services framework. A cross-site scripting vulnerability exists in IBM Concert. An attacker can exploit this vulnerability to inject arbitrary JavaScript code to tamper with the functionality of the web interface, resulting in the disclosure of...

6.1CVSS7.1AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/28 12:0 a.m.•5 views

IBM Concert Information Disclosure Vulnerability (CNVD-2026-13786)

IBM Concert is IBM's software platform for orchestrating and managing enterprise-class applications. An information disclosure vulnerability exists in IBM Concert. An attacker could exploit this vulnerability to steal sensitive information via a man-in-the-middle attack...

5.9CVSS5.8AI score0.00202EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/27 12:0 a.m.•4 views

Apache Superset Input Validation Vulnerability

Apache Superset is a modern big data exploration and visualization platform from the Apache Foundation that allows users to easily and quickly build dashboards using a simple no-code visualization builder and a state-of-the-art SQL editor. Apache Superset has an input validation vulnerability in...

7.1CVSS5.8AI score0.00348EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/25 12:0 a.m.•7 views

Advantech WISE-6610 OS Command Injection Vulnerability

Advantech WISE-6610 is a core gateway device from Advantech, Taiwan, China. The Advantech WISE-6610 suffers from an operating system command injection vulnerability that originates from a misuse of the parameter deletefile in the file /cgi-bin/luci/admin/openvpnapply, which can be exploited by an...

8.6CVSS7.3AI score0.17217EPSS
Exploits2
CNVD
CNVD
•added 2026/02/25 12:0 a.m.•34 views

Adobe After Effects Input Validation Error Vulnerability (CNVD-2026-12866)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An input validation error vulnerability exists in Adobe After Effects, whic...

7.8CVSS6.2AI score0.00211EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/25 12:0 a.m.•2 views

Adobe After Effects Type Obfuscation Vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A type confusion vulnerability exists in Adobe After Effects, which can be...

7.8CVSS6.2AI score0.00211EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/25 12:0 a.m.•3 views

Adobe After Effects Resource Management Error Vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...

7.8CVSS6.2AI score0.0022EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/25 12:0 a.m.•2 views

Adobe DNG SDK Buffer Overflow Vulnerability

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. A buffer overflow vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to execute arbitrary code on a system or cause an...

7.8CVSS6.4AI score0.00157EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/25 12:0 a.m.•3 views

Adobe After Effects Resource Management Error Vulnerability (CNVD-2026-12869)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...

7.8CVSS6.2AI score0.0022EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/25 12:0 a.m.•3 views

Microsoft Defender for Linux Code Execution Vulnerability

Microsoft Defender for Linux is Microsoft's own antivirus security software. A security vulnerability exists in Microsoft Defender for Linux that originates from improper input validation and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6AI score0.00532EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/25 12:0 a.m.•3 views

Adobe After Effects Resource Management Error Vulnerability (CNVD-2026-12868)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...

7.8CVSS6.2AI score0.0022EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/25 12:0 a.m.•1 views

Adobe After Effects Buffer Overflow Vulnerability (CNVD-2026-12870)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A buffer overflow vulnerability exists in Adobe After Effects, which can be...

7.8CVSS6.4AI score0.00184EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•7 views

Adobe Audition Denial of Service Vulnerability

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. Adobe Audition suffers from a denial of service vulnerabili...

5.5CVSS5.4AI score0.0014EPSS
Exploits0
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•4 views

Adobe Audition out-of-bounds write vulnerability (CNVD-2026-14508)

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. Adobe Audition suffers from an out-of-bounds write...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•3 views

Adobe Substance3D Designer Buffer Overflow Vulnerability (CNVD-2026-12872)

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A buffer error vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause memory exposure and sensitive information disclosure...

5.5CVSS5.9AI score0.00153EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•4 views

Adobe Audition Out-of-Bounds Read Vulnerability (CNVD-2026-14506)

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. Adobe Audition suffers from an out-of-bounds read...

5.5CVSS5.9AI score0.00153EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•4 views

Adobe Substance3D Designer Out-of-Bounds Write Vulnerability

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. Adobe Substance3D Designer suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's context...

7.8CVSS6.2AI score0.00184EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•4 views

Adobe Substance3D Designer Out-of-Bounds Read Vulnerability (CNVD-2026-17719)

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause memory exposure and sensitive information disclosure...

5.5CVSS5.3AI score0.00153EPSS
Exploits0
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•3 views

Adobe Audition Buffer Overflow Vulnerability (CNVD-2026-14505)

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product is mainly used to include multi-track, waveforms and spectral display of the perfect toolset for audio content mixing, editing and creation. A buffer overflow vulnerability exists in Adobe...

5.5CVSS6.1AI score0.00153EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•3 views

Adobe Substance3D Designer Code Issue Vulnerability

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A code issue vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause a denial of service in the application...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•3 views

Adobe Substance3D Designer Buffer Overflow Vulnerability (CNVD-2026-14504)

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance3D Designer, which can be exploited by an attacker to execute arbitrary code in the current user environment...

7.8CVSS6.4AI score0.00184EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•3 views

Adobe Substance3D Designer Buffer Overflow Vulnerability (CNVD-2026-12875)

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause memory exposure and sensitive information disclosure...

5.5CVSS6AI score0.00153EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/24 12:0 a.m.•3 views

Adobe Audition Buffer Overflow Vulnerability

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. A buffer overflow vulnerability exists in Adobe Audition,...

5.5CVSS6AI score0.00153EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/13 12:0 a.m.•2 views

Apache Druid Authentication Bypass Vulnerability

Apache Druid is the United States Apache Apache Foundation of a use of the Java language , written in column-oriented open source distributed database . Apache Druid has a security vulnerability that originates from improper validation of LDAP authentication responses, which could lead to...

9.8CVSS5.8AI score0.01034EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/12 12:0 a.m.•5 views

Adobe Substance3D Stager Out-of-Bounds Read Vulnerability (CNVD-2026-18674)

Adobe Substance3D Stager is a set and rendering software for 3D scenes from the American company Audobee Adobe. Adobe Substance3D Stager suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context of the current user...

7.8CVSS6AI score0.00157EPSS
Exploits0
CNVD
CNVD
•added 2026/02/12 12:0 a.m.•8 views

Adobe Substance3D Modeler Out-of-Bounds Read Vulnerability (CNVD-2026-18673)

Adobe Substance3D Modeler is a 3D modeling software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance3D Modeler, which can be exploited by attackers to disclose sensitive information stored in memory...

5.5CVSS5.8AI score0.00151EPSS
Exploits0
CNVD
CNVD
•added 2026/02/12 12:0 a.m.•4 views

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-17790)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

7.8CVSS6.5AI score0.00226EPSS
Exploits0
CNVD
CNVD
•added 2026/02/12 12:0 a.m.•4 views

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-17791)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause the application to crash...

5.5CVSS5.7AI score0.00154EPSS
Exploits0
CNVD
CNVD
•added 2026/02/12 12:0 a.m.•12 views

Adobe Lightroom Desktop Out-of-Bounds Write Vulnerability

Adobe Lightroom Desktop is a professional photo management and editing software from the American company Audobee Adobe, designed to provide photographers and image editors with powerful workflow and editing tools. Adobe Lightroom Desktop suffers from an out-of-bounds write vulnerability that can...

7.8CVSS6AI score0.00139EPSS
Exploits0
CNVD
CNVD
•added 2026/02/11 12:0 a.m.•3 views

XML external entity injection vulnerability in IBM Business Automation Workflow containers and IBM Business Automation Workflow traditional

IBM Business Automation Workflow is a suite of workflow automation solutions from International Business Machines IBM. The product is primarily used for workflow management, compliance management, and features workflow visibility and scalability. IBM Business Automation Workflow containers V25.0....

7.1CVSS5.7AI score0.00458EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/11 12:0 a.m.•4 views

Unspecified Vulnerability in HCL AION (CNVD-2026-16402)

HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a security vulnerability that stems from a missing or insecure HTTP Strict Transport Security header, which can be exploited by an attacker to cause a man-in-the-middle attack...

8.1CVSS5.8AI score0.00199EPSS
Exploits0
CNVD
CNVD
•added 2026/02/11 12:0 a.m.•10 views

IBM Db2 Denial of Service Vulnerability (CNVD-2026-14674)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...

6.5CVSS6.9AI score0.00275EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/11 12:0 a.m.•9 views

Huawei EMUI and Huawei HarmonyOS DFX Module Out-of-Bounds Write Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei EMUI and Huawei HarmonyOS DFX module, which can be...

6CVSS5.9AI score0.00105EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/11 12:0 a.m.•6 views

OpenClaw OS Command Injection Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. An operating system command injection vulnerability exists in versions prior to OpenClaw 2026.1.29, which stems from the sshNodeCommand function failing to properly filter construct command special characters, commands, etc. An...

7.7CVSS6.1AI score0.00935EPSS
Exploits1References1
CNVD
CNVD
•added 2026/02/11 12:0 a.m.•5 views

WeKan has an unspecified vulnerability

WeKan is a Kanban application from WeKan open source. WeKan suffers from a security vulnerability that can be exploited by an attacker to spoof the author of a recorded comment by providing another user's identifier...

5.3CVSS5.9AI score0.00246EPSS
Exploits0References1
CNVD
CNVD
•added 2026/02/11 12:0 a.m.•4 views

Unspecified vulnerability in WeKan (CNVD-2026-11748)

WeKan is a Kanban application from WeKan open source. WeKan has a security vulnerability that can be exploited by an attacker to cause a user with a read-only role to perform card updates that require write access...

7.1CVSS5.9AI score0.00277EPSS
Exploits0References1
Total number of security vulnerabilities131179