Lucene search
+L

131179 matches found

CNVD
CNVD
•added 2025/10/17 12:0 a.m.•9 views

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2025-24163)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

8.1CVSS6AI score0.00564EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-24198)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures and gain unauthorized read...

7.5CVSS6.7AI score0.00461EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

UTT HiPER 2620G Buffer Overflow Vulnerability

The UTT HiPER 2620G is an enterprise-class router from Atech Technology UTT designed for small and medium-sized businesses, schools, or Internet cafes in scenarios that require multi-line access and network control. The UTT HiPER 2620G suffers from a buffer overflow vulnerability that originates...

9CVSS8.2AI score0.00693EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•3 views

Ivanti Endpoint Manager Path Traversal Vulnerability

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. A path traversal vulnerability exists in Ivanti Endpoint...

8.8CVSS7.2AI score0.14805EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•10 views

Adobe Connect Cross-Site Scripting Vulnerability (CNVD-2025-24203)

Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit the vulnerability to steal the victim's...

8.1CVSS6.4AI score0.00365EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•4 views

F5 BIG-IP TMM Module Denial of Service Vulnerability

5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A denial-of-service vulnerability exists in the TMM module of the BIG-IP system, which arises because undisclosed traffic could...

8.7CVSS6.8AI score0.00324EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

Centreon has an unspecified vulnerability (CNVD-2025-24647)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...

6.8CVSS7.1AI score0.0023EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•10 views

Microsoft Excel Information Disclosure Vulnerability (CNVD-2025-24401)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information disclosure vulnerability exists in Microsoft Excel, which can be exploited by attackers to obtain sensitive information...

7.1CVSS6.1AI score0.00454EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-24199)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures and maintain unauthorized...

8.1CVSS6.7AI score0.00502EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•22 views

F5 BIG-IP Next TMM Memory Resource Management Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A memory resource management vulnerability exists in the TMM module of BIG-IP Next. The vulnerability arises because after...

6.5CVSS6.8AI score0.00285EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2025-24201)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that can be exploited by an attacker to steal a victim's cookie-based authentication...

4.8CVSS6.5AI score0.00252EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-24200)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures and gain unauthorized...

6.5CVSS6.8AI score0.0036EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

Microsoft Exchange Server Elevation of Privilege Vulnerability (CNVD-2025-26717)

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. An elevation of privilege vulnerability exists in Microsoft Exchange Server, which can be exploit...

8.8CVSS7.1AI score0.00764EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

UTT Progressive 518G Buffer Overflow Vulnerability

The UTT Progress 518G is an enterprise-class router designed for small and medium-sized business office environments, focusing on multi-WAN port access and stable performance. UTT Enterprise 518G suffers from a buffer overflow vulnerability, which originates from the parameter Profile in the file...

9CVSS8.2AI score0.00772EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

Centreon has an unspecified vulnerability (CNVD-2025-24172)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...

6.8CVSS7.1AI score0.00241EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

Unspecified Vulnerability in Microsoft Azure (CNVD-2025-24645)

Microsoft Azure is a set of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. Microsoft Azure has a security vulnerability that can be exploited by an attacker who can elevate privileges...

7.8CVSS6.9AI score0.00329EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•8 views

Microsoft Office Code Execution Vulnerability (CNVD-2025-24399)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

7.8CVSS8.1AI score0.00558EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•4 views

Ivanti Endpoint Manager Deserialization Vulnerability

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. Ivanti Endpoint Manager suffers from a deserialization...

7.8CVSS6.7AI score0.00754EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•3 views

ASUS Armoury Crate Improper Link Following Vulnerability

ASUS Armoury Crate is a utility software developed by ASUS to centrally control and manage ROG Gamerland and some ASUS gaming products. ASUS Armoury Crate suffers from a link following improper vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

8.5CVSS6.6AI score0.00183EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•4 views

F5 BIG-IP Elevation of Privilege Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. An elevation of privilege vulnerability exists in the BIG-IP's iControl REST and TMOS Shell tmsh modules. The vulnerability...

9.1CVSS7.6AI score0.00367EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

F5 BIG-IP ePVA Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A denial-of-service vulnerability exists in the ePVA module of BIG-IP. The vulnerability arises due to undisclosed traffic tha...

8.7CVSS6.8AI score0.00327EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•7 views

Microsoft Office Visio Code Execution Vulnerability (CNVD-2026-00030)

Microsoft Office Visio is a U.S. Microsoft Microsoft Office software series responsible for drawing flowcharts and schematic diagrams in the software. A code execution vulnerability exists in Microsoft Office Visio, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8.1AI score0.00355EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2025-24451)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...

8.8CVSS8.4AI score0.01272EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•7 views

Microsoft Windows File Explorer Spoofing Vulnerability (CNVD-2026-10676)

Microsoft Windows File Explorer is a file manager application from Microsoft USA. A spoofing vulnerability exists in Microsoft Windows File Explorer that is caused by the exposure of sensitive information to unauthorized participants in File Explorer. An attacker could exploit the vulnerability t...

6.5CVSS5.7AI score0.01791EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-24449)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute code...

7.8CVSS7.7AI score0.00355EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2025-24393)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

7.8CVSS7.5AI score0.00198EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•14 views

Adobe Substance3D Modeler Buffer Overflow Vulnerability

Adobe Substance3D Modeler is a 3D modeling software from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance3D Modeler 1.22.3 and prior versions, which can be exploited by an attacker to cause code execution in the current user environment...

7.8CVSS7.4AI score0.00206EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

Unspecified Vulnerability in Microsoft Azure (CNVD-2025-24170)

Microsoft Azure is a set of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. Microsoft Azure has a security vulnerability that can be exploited by an attacker who can elevate privileges...

8.2CVSS6.9AI score0.00411EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•3 views

Microsoft Azure Elevation of Privilege Vulnerability (CNVD-2025-29349)

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. A security vulnerability exists in Microsoft Azure Compute Gallery, which can be exploited by an attacker to elevate privileges...

8.2CVSS9AI score0.00411EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

Unspecified Vulnerability in Rockwell Automation Comms-1783-NATR

Rockwell Automation Comms-1783-NATR is an industrial Ethernet address translation device from Rockwell Automation. A security vulnerability exists in the Rockwell Automation Comms-1783-NATR that stems from a lack of authentication checks for critical functions and can be exploited by an attacker ...

9.9CVSS7.2AI score0.0052EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

Rockwell Automation FactoryTalk Linx Elevation of Privilege Vulnerability

Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Rockwell Automation. It is used to communicate between small applications and large automation systems. An elevation of privilege vulnerability exists in Rockwell Automation FactoryTalk Linx due to a...

8.5CVSS5.8AI score0.00176EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•4 views

Rockwell Automation FactoryTalk View Machine Edition Path Traversal Vulnerability

Rockwell Automation FactoryTalk View Machine Edition is a versatile HMI application from Rockwell Automation. A path traversal vulnerability exists in Rockwell Automation FactoryTalk View Machine Edition, which can be exploited by an attacker to delete any file in the panel's operating system...

9.1CVSS5.6AI score0.00567EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

Rockwell Automation FactoryTalk Linx Elevation of Privilege Vulnerability (CNVD-2026-10857)

Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Rockwell Automation. The product is primarily used for small applications to communicate with large automation systems and more. An elevation of privilege vulnerability exists in Rockwell Automation...

8.5CVSS5.7AI score0.0017EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•4 views

Rockwell Automation Compact GuardLogix 5370 Denial of Service Vulnerability

Rockwell Automation Compact GuardLogix 5370 is a safety programmable logic controller from Rockwell Automation. The Rockwell Automation Compact GuardLogix 5370 suffers from a denial of service vulnerability that originates from a failure when sending a specially crafted CIP unconnected explicit...

8.7CVSS5.9AI score0.00383EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•2 views

Rockwell Automation FactoryTalk ViewPoint Denial of Service Vulnerability

Rockwell Automation FactoryTalk ViewPoint is a web-based client application from Rockwell Automation. A denial of service vulnerability exists in Rockwell Automation FactoryTalk ViewPoint, which can be exploited by an attacker to cause a denial of service...

8.7CVSS5.9AI score0.00425EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•2 views

Rockwell Automation ArmorStart AOP Denial of Service Vulnerability

Rockwell Automation ArmorStart AOP is a distributed motor controller from Rockwell Automation. The Rockwell Automation ArmorStart AOP suffers from a denial of service vulnerability that originates from entering an invalid value into a COM method, which can be exploited by an attacker to cause a...

8.7CVSS6.8AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•2 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-24394)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

8.4CVSS8.1AI score0.00385EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

WordPress Pz-LinkCard plugin server-side request forgery vulnerability

WordPress Pz-LinkCard plugin is a WordPress plugin that is mainly used to display links in the form of cards, support custom display of external and internal links, and optimize social sharing and other features. WordPress Pz-LinkCard plugin suffers from a server-side request forgery vulnerabilit...

3.8CVSS6.9AI score0.00181EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•11 views

Centreon cross-site scripting vulnerability (CNVD-2025-24648)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...

6.8CVSS7.1AI score0.00195EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•5 views

Adobe Framemaker Code Execution Vulnerability

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker version 2020.9, 2022.7, and prior versions, which can be...

7.8CVSS7.8AI score0.00212EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•3 views

Adobe Framemaker Memory Misreference Vulnerability (CNVD-2025-24391)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A memory misreference vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause...

7.8CVSS7.4AI score0.00201EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•4 views

Centreon cross-site scripting vulnerability (CNVD-2025-24649)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon cross-site scripting vulnerability , the vulnerability stems from the lack of effective...

6.8CVSS6.5AI score0.00241EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•3 views

Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2025-24392)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

7.8CVSS7.5AI score0.00198EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•3 views

Microsoft PowerPoint Code Execution Vulnerability (CNVD-2025-26719)

Microsoft PowerPoint is a document presentation tool in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft PowerPoint, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8.1AI score0.00355EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•2 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-24400)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8.1AI score0.0049EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•3 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-24402)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8.1AI score0.0049EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•3 views

Microsoft Office Code Execution Vulnerability (CNVD-2025-24419)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

7.8CVSS7.7AI score0.00477EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

Adobe Dimension Input Validation Error Vulnerability (CNVD-2025-24213)

Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. An input validation error vulnerability exists in Adobe Dimension, which can be exploited by an attacker to cause arbitrary code execution in the current user environment...

7.8CVSS7.7AI score0.00206EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•6 views

Unspecified Vulnerability in Microsoft Defender (CNVD-2025-24169)

Microsoft Defender is a threat protection software from Microsoft USA. Microsoft Defender for Linux has a security vulnerability that can be exploited by attackers to cause a denial of service on the system...

7CVSS6.7AI score0.00192EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/17 12:0 a.m.•4 views

Adobe Dimension Out-of-Bounds Read Vulnerability (CNVD-2025-24204)

Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. Adobe Dimension suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context of the current user...

7.8CVSS7.3AI score0.00206EPSS
Exploits0References1
Total number of security vulnerabilities131179