Lucene search
+L

131179 matches found

cnvd
cnvd
•added 2025/11/14 12:0 a.m.•14 views

Intel CIP Information Disclosure Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from a protection mechanism failure, which can be exploited by an attacker to cause information...

6.5CVSS6.3AI score0.00206EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•5 views

Tenda AX3 saveParentControlInfo function stack buffer overflow vulnerability

Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a stack buffer overflow vulnerability, which stems from the deviceId parameter of t...

7.5CVSS7.5AI score0.00362EPSS
Exploits1References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•5 views

Adobe Illustrator Heap Buffer Overflow Vulnerability (CNVD-2025-28651)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause arbitrary code execution in the current user environment...

7.8CVSS8AI score0.00303EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•6 views

Microsoft Nuance PowerScribe 360 Information Disclosure Vulnerability

Microsoft Nuance PowerScribe 360 is a medical image reporting system for speech recognition, report generation and workflow management in radiology. An information disclosure vulnerability exists in Microsoft Nuance PowerScribe 360, which is due to improper authorization validation. An attacker...

8.1CVSS6AI score0.00763EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•3 views

Adobe Format Plugins Heap Buffer Overflow Vulnerability

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

7.8CVSS7.7AI score0.0023EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•3 views

Ivanti Endpoint Manager Privilege Issues Vulnerability

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. Ivanti Endpoint Manager suffers from a privilege issue...

7.1CVSS7AI score0.00233EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•5 views

Tenda AC18 ssid parameter cross-site scripting vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied data by th...

5.4CVSS6.5AI score0.00219EPSS
Exploits1References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

Tenda AX-1803 SetSysTimeCfg function stack buffer overflow vulnerability

Tenda AX-1803 is a dual-band Gigabit WiFi6 wireless router from Tenda that supports dual bands of 2.4GHz and 5GHz with a maximum transmission rate of 1774Mbps for home or small office scenarios. The Tenda AX-1803 suffers from a stack buffer overflow vulnerability that originates from the time...

7.5CVSS7.4AI score0.00362EPSS
Exploits1References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•3 views

TOTOLINK A7000R Stack Buffer Overflow Vulnerability

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability that originates from the urldecode function's addEffect parameter...

7.5CVSS7.1AI score0.00362EPSS
Exploits1References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•3 views

TOTOLINK A7000R urldecode function stack buffer overflow vulnerability

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability, which stems from the ssid parameter of the urldecode function failing...

7.5CVSS7.1AI score0.00362EPSS
Exploits1References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•3 views

Tenda AX-1803 sub_4F55C function stack buffer overflow vulnerability

Tenda AX-1803 is a dual-band Gigabit WiFi6 wireless router from Tenda that supports dual bands of 2.4GHz and 5GHz with a maximum transmission rate of 1774Mbps for home or small office scenarios. The Tenda AX-1803 suffers from a stack buffer overflow vulnerability that originates from the wanMTU...

7.5CVSS7.4AI score0.00362EPSS
Exploits1References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

Adobe Format Plugins Out-of-Bounds Read Vulnerability (CNVD-2025-28641)

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to disclose sensitive information stored in memory...

5.5CVSS6.2AI score0.00194EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

WordPress Asgaros Forum plugin cross-site request forgery vulnerability

WordPress Asgaros Forum plugin is a lightweight forum plugin designed for WordPress that supports the rapid creation and management of forum pages, providing basic posting, replying, user management and other functions. The WordPress Asgaros Forum plugin suffers from a cross-site request forgery...

4.3CVSS6.8AI score0.00152EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•6 views

SAP Business Connector Path Traversal Vulnerability

SAP Business Connector is a middleware from SAP, Germany. SAP Business Connector suffers from a path traversal vulnerability that can be exploited by an attacker to traverse directories on the system to read, write, overwrite, and delete arbitrary files on the host system...

6.8CVSS6.9AI score0.00271EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

Adobe InCopy Heap Buffer Overflow Vulnerability

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution in the current user environment...

7.8CVSS8.1AI score0.00258EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

Adobe Illustrator on iPad Integer Dive Vulnerability (CNVD-2025-28650)

Adobe Illustrator on iPad is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator on iPad suffers from an integer sneak vulnerability that can be exploited by an attacker to cause arbitrary code execution in the current user environment...

7.8CVSS7.8AI score0.00231EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•3 views

Intel CIP Input Validation Error Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an input validation error vulnerability that stems from improper input validation, which can be exploited by an attacker to cause information...

5.7CVSS6.7AI score0.0031EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•5 views

Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2025-28652)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

7.8CVSS7.5AI score0.00222EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•7 views

Intel CIP Input Validation Error Vulnerability (CNVD-2025-28678)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an input validation error vulnerability that stems from improper input validation, which can be exploited by an attacker to cause elevation of...

8.8CVSS6.9AI score0.00316EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•6 views

Mozilla Firefox Code Execution Vulnerability (CNVD-2025-28720)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability that originates from a compilation error in the JIT component of the JavaScript Engine, which can be exploited by an attacker to execute...

9.8CVSS8AI score0.00347EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

Adobe Format Plugins Heap Buffer Overflow Vulnerability (CNVD-2025-28639)

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

7.8CVSS7.7AI score0.00286EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•7 views

Adobe InDesign Memory Misreference Vulnerability (CNVD-2025-29698)

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from a memory misreference vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the context of the current user...

7.8CVSS7.3AI score0.00265EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•6 views

Intel CIP Information Disclosure Vulnerability (CNVD-2025-28673)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from mismanagement of privileges, which can be exploited by an attacker to cause information...

6.5CVSS6.4AI score0.00293EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•5 views

WordPress age-restriction plugin missing authorization vulnerability

The WordPress age-restriction plugin is a plugin used to add age verification functionality to a WordPress website, the main purpose of which is to restrict access to certain content or features to users who have not reached a specific age. The WordPress age-restriction plugin suffers from a lack...

7.5CVSS6.9AI score0.00215EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•5 views

Adobe Format Plugins Out-of-Bounds Read Vulnerability (CNVD-2025-28645)

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a memory information disclosure...

5.5CVSS6.6AI score0.0019EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•2 views

Unauthorized Access Vulnerability in Ruiyou Tianyi Application Virtualization System of Xi'an Ruiyou Information Technology Information Co.

Ruiyou Tianyi Application Virtualization System is a domestic application virtualization platform with independent intellectual property rights, which is based on Server-based Computing. Xi'an Ruiyou Information Technology Co., Ltd. Ruiyou Tianyi Application Virtualization System has an...

5.9AI score
Exploits0
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•7 views

WordPress Coon Maps plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Coon Maps plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...

6.4CVSS6.1AI score0.00211EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•7 views

Intel CIP Improper Access Control Vulnerability (CNVD-2025-28482)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an Improper Access Control vulnerability that can be exploited by an attacker to cause information disclosure...

4.4CVSS6.7AI score0.00245EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•5 views

Logic flaw vulnerability in the multimedia integrated business display system of Beijing Shenzhou Vision Han Technology Co., Ltd. (CNVD-C-2025-852060)

Ltd. is a deep-rooted enterprise in the field of visualization. A logic flaw vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to delete server files...

5.9AI score
Exploits0
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

Adobe Illustrator on iPads Heap Buffer Overflow Vulnerability

Adobe Illustrator on iPad is a set of vector-based image creation software from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Illustrator on iPads, which can be exploited by an attacker to cause arbitrary code to be executed in the context of the current...

7.8CVSS7.6AI score0.00275EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

Unspecified Vulnerability in Rockwell Automation DataMosaix Private Cloud

Rockwell Automation DataMosaix Private Cloud is an industrial DataOps solution from Rockwell Automation, Inc. It is used to simplify and control access to relevant, reliable and contextualized data. A security vulnerability exists in Rockwell Automation DataMosaix Private Cloud that can be...

7.6CVSS5.9AI score0.00145EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•5 views

Intel CIP elevation of privilege vulnerability (CNVD-2025-28675)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from an uncontrolled search path, which can be exploited by an attacker to cause elevation of...

6.7CVSS7.8AI score0.00138EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•5 views

Microsoft Excel Information Leakage Vulnerability (CNVD-2026-00026)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information leakage vulnerability exists in Microsoft Excel, which is caused due to improper authorization validation. An attacker could exploit the vulnerability to obtain sensitive information...

5.5CVSS6.4AI score0.00579EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

DELL PowerScale OneFS Encryption Issue Vulnerability

DELL PowerScale OneFS is Dell's horizontally scalable clustered file system designed to manage unstructured data and support enterprise-class storage capabilities. DELL PowerScale OneFS suffers from an encryption issue vulnerability that stems from the use of an insecure encryption algorithm, whi...

7.5CVSS6.7AI score0.0018EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•7 views

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2025-28657)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

7.8CVSS7.7AI score0.00303EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

Adobe InCopy Memory Misreference Vulnerability (CNVD-2025-28655)

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe InCopy, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

7.8CVSS7.3AI score0.00226EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

Adobe Illustrator on iPad Integer Dive Vulnerability

Adobe Illustrator on iPad is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator on iPad suffers from an integer sneak vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

7.8CVSS7.3AI score0.00231EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/14 12:0 a.m.•4 views

Adobe Photoshop Heap Buffer Overflow Vulnerability (CNVD-2025-29701)

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. Adobe Photoshop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the context of the current user...

7.8CVSS7.7AI score0.00325EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/13 12:0 a.m.•2 views

Microsoft Visual Studio Remote Code Execution Vulnerability (CNVD-2025-29343)

Microsoft Visual Studio is a family of development toolkits from Microsoft Corporation in the United States and is a fundamentally complete set of development tools. A remote code execution vulnerability exists in Microsoft Visual Studio, which can be exploited by an attacker to execute code on t...

6.7CVSS8.2AI score0.01014EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/13 12:0 a.m.•2 views

SQL Injection Vulnerability in Remote Medical Comprehensive Service Platform of Beijing Divine Vision Han Technology Co. Ltd (CNVD-C-2025-848882)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the remote medical integrated service platform of Beijing Shenzhou Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

5.9AI score
Exploits0
cnvd
cnvd
•added 2025/11/12 12:0 a.m.•3 views

WordPress Asgaros Forum plugin SQL Injection Vulnerability

WordPress Asgaros Forum plugin is a lightweight forum plugin designed specifically for WordPress to support the rapid creation and management of forum pages, providing basic posting, replying, user management and other functions. WordPress Asgaros Forum plugin suffers from a SQL injection...

7.5CVSS8.2AI score0.00375EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/12 12:0 a.m.•3 views

WordPress Mang Board plugin cross-site scripting vulnerability

WordPress Mang Board plugin is a WordPress plugin that is mainly used to create and manage forum boards or discussion boards. WordPress Mang Board plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

6.1CVSS6.1AI score0.00201EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/12 12:0 a.m.•4 views

IBM Db2 Denial of Service Vulnerability (CNVD-2025-29177)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

5.5CVSS6.5AI score0.00104EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/12 12:0 a.m.•3 views

Google Chrome Input Validation Error Vulnerability

Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from an input validation error vulnerability that stems from insufficient validation of untrustworthy input in Devtools, which can be exploited by an attacker to execute arbitrary code...

8.8CVSS7.4AI score0.00276EPSS
Exploits3References1
cnvd
cnvd
•added 2025/11/12 12:0 a.m.•4 views

Google Chrome Passkeys Improperly Implemented Vulnerability

Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from a Passkeys mal-implementation vulnerability, which can be exploited by an attacker to obtain sensitive information via debug logs...

6.2CVSS6.5AI score0.00102EPSS
Exploits1References1
cnvd
cnvd
•added 2025/11/12 12:0 a.m.•6 views

WordPress LC Wizard plugin elevation of privilege vulnerability

WordPress LC Wizard plugin is a plugin with security vulnerabilities. WordPress LC Wizard plugin has an elevation of privilege vulnerability that stems from a missing capability check in the ghl-wizard/inc/wpuser.php file, which can be exploited by an attacker to cause an elevation of privilege...

8.1CVSS7.1AI score0.00307EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/12 12:0 a.m.•2 views

QNAP File Station 5 Unlimited or Unthrottled Resource Allocation Vulnerability (CNVD-2025-30284)

QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from an Unlimited Resource Allocation or Throttling vulnerability, which can be exploited by an attacker to prevent other systems,...

5.1CVSS6.9AI score0.00474EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/12 12:0 a.m.•4 views

QNAP File Station 5 Unlimited or Unthrottled Resource Allocation Vulnerability

QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from an Unlimited Resource Allocation or Throttling vulnerability that can be exploited by an attacker to cause resource access to b...

7.1CVSS6.9AI score0.00452EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/12 12:0 a.m.•5 views

Google Chrome Permissions Improperly Implemented Vulnerability

Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from a Permission Misimplementation Vulnerability, no details of the vulnerability are provided at this time...

5.4CVSS6.5AI score0.0016EPSS
Exploits0References1
cnvd
cnvd
•added 2025/11/12 12:0 a.m.•6 views

QNAP File Station 5 Unlimited or Unthrottled Resource Allocation Vulnerability (CNVD-2025-30286)

QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from an Unlimited or Unthrottled Resource Allocation vulnerability, which can be exploited by an attacker to prevent other systems,...

7.1CVSS6.9AI score0.00452EPSS
Exploits0References1
Total number of security vulnerabilities131179