Lucene search
+L

131179 matches found

CNVD
CNVD
•added 2025/09/29 12:0 a.m.•4 views

Online Bidding System bidlist.php File SQL Injection Vulnerability

Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /administrator/bidlist.php. An attacker can exploit this vulnerability...

9.8CVSS8.2AI score0.00441EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•5 views

E-Commerce Website admin_index_search.php file SQL injection vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /pages/adminindexsearch.php. An attacker can exploit this vulnerability t...

9.8CVSS8.3AI score0.00465EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•7 views

Employee Record Management System myprofile.php File Cross-Site Scripting Vulnerability

Employee Record Management System is an employee record management system. The Employee Record Management System suffers from a cross-site scripting vulnerability that arises from insufficient filtering of the First name parameter in the /myprofile.php file. An attacker can exploit this...

6.1CVSS4.6AI score0.00364EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•5 views

WordPress plugin Authorsy cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin Authorsy, which stems from...

6.5CVSS6AI score0.00202EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•4 views

WordPress Plugin Permalink Manager Lite Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Permalink Manager Lite.T...

7.5CVSS5.7AI score0.00359EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•5 views

IBM Storage TS4500 Library Cross-Site Request Forgery Vulnerability

IBM Storage TS4500 Library is a next-generation tape storage solution from IBM designed to help mid-sized and large enterprises meet the challenges of cloud storage, enabling high-density data storage and flexible scaling through LTO technology. The IBM Storage TS4500 Library suffers from a...

6.5CVSS6.8AI score0.00156EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•6 views

D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23367)

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability that can be exploited by an attacker to cause remote command execution...

8.8CVSS7AI score0.04125EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•1 views

WordPress Plugin AllInOne - Banner Rotator SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin AllInOne - Banner Rotator suffers from a SQL injection vulnerability, no detai...

8.5CVSS7.8AI score0.00243EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•3 views

D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23467)

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability, which is a result of incorrect manipulation of the parameter port of the function sub412E7C in the file /goform/setswitchsettings, which can be exploited by an...

8.8CVSS7.5AI score0.04125EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•4 views

Project Monitoring System login.php File SQL Injection Vulnerability

Project Monitoring System is a project monitoring system. Project Monitoring System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameters username/password in the file /login.php. An attacker can exploit this...

9.8CVSS8.3AI score0.00441EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•6 views

E-Commerce Website admin_account_update.php file SQL injection vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter userid in the file /pages/adminaccountupdate.php. An attacker can exploit this vulnerabili...

9.8CVSS8.3AI score0.00465EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•4 views

Simple Scheduling System addroom.php File SQL Injection Vulnerability

Simple Scheduling System is a simple scheduling system. Simple Scheduling System suffers from a SQL injection vulnerability that stems from the failure of the /schedulingsystem/addroom.php file to effectively filter the room parameter. No details of the vulnerability are available at this time...

9.8CVSS8AI score0.00384EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•4 views

WordPress Plugin Acclectic Media Organizer Authorization Missing Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An authorization missing vulnerability exists in the WordPress plugin Acclectic Media Organizer...

6.5CVSS6.5AI score0.00252EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•5 views

E-Commerce Website pages/admin_product_details.php file SQL Injection Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the pages/adminproductdetails.php file that does not perform security filtering on the prodid parameter. An attacker can exploit this vulnerability by manipulating the...

9.8CVSS8.3AI score0.00374EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•5 views

D-Link DIR-823X Command Execution Vulnerability

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command execution vulnerability that can be exploited by an attacker to cause code execution due to the setcassword settings interface not filtering special characters in the httpcasswd parameter...

8.8CVSS7.7AI score0.0038EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•5 views

D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23370)

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability that stems from a misuse of the parameter mac in the file /goform/setdevicename, which can be exploited by an attacker to cause remote command injection...

8.8CVSS7AI score0.04125EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•5 views

D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23369)

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability that originates from the misuse of the parameter macList in the file /goform/setwifiblacklists, which can be exploited by an attacker to cause remote command...

8.8CVSS7AI score0.04125EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•5 views

Small CRM SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter email in the file /forgot-password.php. An attacker can exploit this vulnerability to...

9.8CVSS7.9AI score0.00387EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•9 views

IBM Watsonx.data Log Information Disclosure Vulnerability

IBM Watsonx.data is an open data lake warehouse platform from International Business Machines IBM. IBM Watsonx.data suffers from a log information disclosure vulnerability that stems from storing potentially sensitive information in log files, which can be exploited by an attacker to cause it to ...

5.5CVSS5.9AI score0.00116EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•7 views

Hostel Management System mod_users/index.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /justines/admin/modusers/index.php. An attacker can exploit this...

9.8CVSS8.3AI score0.00387EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/29 12:0 a.m.•5 views

Simple Scheduling System addtime.php File SQL Injection Vulnerability

Simple Scheduling System is a simple scheduling system. Simple Scheduling System has a SQL injection vulnerability that originates from the starttime/endtime parameters in the /addtime.php file not being securely filtered. An attacker can exploit this vulnerability to execute malicious SQL comman...

9.8CVSS8.3AI score0.00441EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•3 views

PyTorch has an unspecified vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from a name error when compiling a model containing torch.cummin using Inductor, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6.4AI score0.00381EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•1 views

NVIDIA CUDA Toolkit Heap Buffer Overflow Vulnerability (CNVD-2025-23251)

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. NVIDIA CUDA Toolkit suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution...

7.8CVSS7.8AI score0.00306EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•4 views

NVIDIA Megatron-LM ensemble_classifer script code injection vulnerability

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. A code injection vulnerability exists in the NVIDIA Megatron-LM ensembleclassifer script, which can be exploited by attackers to cause code execution,...

7.8CVSS7.2AI score0.0022EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•1 views

NVIDIA CUDA toolkit buffer overflow vulnerability

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. NVIDIA CUDA Toolkit suffers from a buffer overflow vulnerability that can be exploited by an attacker to cause a partial denial of service...

3.3CVSS6.6AI score0.00167EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•1 views

NVIDIA CUDA toolkit buffer overflow vulnerability (CNVD-2025-23248)

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. NVIDIA CUDA Toolkit suffers from a buffer overflow vulnerability that can be exploited by an attacker to cause a partial denial of service...

3.3CVSS6.6AI score0.00167EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•3 views

NVIDIA Megatron-LM Code Injection Vulnerability

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that stems from the possibility that the pretraingpt script may process malicious data,...

7.8CVSS7.2AI score0.0022EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•4 views

Delta Electronics CNCSoft-G2 Stack Buffer Overflow Vulnerability

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a stack buffer overflow vulnerability that originates from improperly restricted memory buffer operations and can be exploited by an attacker to...

7.8CVSS7.8AI score0.00284EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•1 views

NVIDIA CUDA toolkit and NVIDIA nvJPEG buffer overflow vulnerability

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. nVIDIA nvJPEG is an image codec library. A buffer overflow vulnerability exists in NVIDIA CUDA toolkit and NVIDIA nvJPEG, which can be exploited by an attacker to caus...

4.5CVSS6.9AI score0.00122EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•1 views

NVIDIA CUDA toolkit input validation error vulnerability

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. The NVIDIA CUDA Toolkit suffers from an input validation error vulnerability that could be exploited by an attacker to cause a denial of service...

5.5CVSS6.4AI score0.00171EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•1 views

NVIDIA CUDA Toolkit Heap Buffer Overflow Vulnerability (CNVD-2025-23250)

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. NVIDIA CUDA Toolkit suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution...

7.8CVSS7.8AI score0.00207EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•2 views

DELL Cloud Disaster Recovery OS Command Injection Vulnerability

DELL Cloud Disaster Recovery is a cloud disaster recovery solution provided by Dell Technologies. DELL Cloud Disaster Recovery suffers from an OS command injection vulnerability that stems from improper neutralization of special elements in OS commands, which can be exploited by an attacker to...

6.7CVSS8.1AI score0.00476EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•3 views

Cisco IOS XE Software Cross-Site Scripting Vulnerability

Cisco IOS XE Software is a network operating system from the American company Cisco Cisco. A cross-site scripting vulnerability exists in Cisco IOS XE Software that originates from improper user input cleanup and can be exploited by an attacker to cause a reflective cross-site scripting attack...

6.1CVSS5.7AI score0.00272EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•3 views

DELL BSAFE Micro Edition Suite Out-of-Bounds Write Vulnerability

DELL BSAFE Micro Edition Suite is an encryption development kit developed by Dell. DELL BSAFE Micro Edition Suite has an out-of-bounds write vulnerability that can be exploited by an attacker to cause a denial of service...

7.5CVSS7AI score0.00341EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•6 views

PyTorch Information Disclosure Vulnerability (CNVD-2025-23285)

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from an information disclosure vulnerability that stems from nn.PairwiseDistancep=2 producing incorrect results in eager mode, no details of the vulnerability are provided at this time...

5.3CVSS6.1AI score0.00374EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•4 views

NVIDIA Megatron-LM msdp preprocessing script code injection vulnerability

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. A code injection vulnerability exists in the NVIDIA Megatron-LM msdp preprocessing script, which can be exploited by attackers to cause code execution,...

7.8CVSS7.2AI score0.0022EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•1 views

NVIDIA CUDA Toolkit Code Issue Vulnerability

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. A code issue vulnerability exists in NVIDIA CUDA Toolkit that stems from a null pointer dereference in cuobjdump, which can be exploited by an attacker to cause a...

3.3CVSS6.6AI score0.00146EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•5 views

JeecgBoot Authorization Issues Vulnerability (CNVD-2025-23073)

JeecgBoot is an open source low-code development platform based on the code generator of Beijing National Torch Information Technology Co. A security vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization of the ids parameter in the...

5.3CVSS7AI score0.00358EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•3 views

Unspecified Vulnerability in PyTorch (CNVD-2025-23283)

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from unexpected behavior when the torch.rot90 and torch.randnlike components are used together, no details of the vulnerability are provided at this time...

7.5CVSS6.6AI score0.0039EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•12 views

PyTorch Buffer Overflow Vulnerability (CNVD-2025-23287)

PyTorch is a Python package open-sourced by PyTorch. PyTorch= suffers from a buffer overflow vulnerability that stems from a boundary error in the PyTorch model compilation when handling untrusted input, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6.8AI score0.0042EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•7 views

Unspecified vulnerability in PyTorch torch.linalg.lu component

PyTorch is a Python package open-sourced by PyTorch. An unspecified vulnerability exists in the PyTorch torch.linalg.lu component, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6.4AI score0.00391EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•7 views

Delta Electronics CNCSoft-G2 Stack Buffer Overflow Vulnerability (CNVD-2025-22945)

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a stack buffer overflow vulnerability that originates from improperly restricted memory buffer operations and can be exploited by an attacker to...

7.8CVSS7.8AI score0.0015EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•2 views

DELL PowerScale OneFS Information Disclosure Vulnerability

DELL PowerScale OneFS is a horizontally scalable NAS Network Attached Storage operating system from Dell Technologies that is primarily used to manage massive amounts of unstructured data. An information disclosure vulnerability exists in DELL PowerScale OneFS that originates from unauthorized...

7.5CVSS6.3AI score0.00378EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•3 views

Unspecified Vulnerability in PyTorch (CNVD-2025-23284)

PyTorch is a Python package open-sourced by PyTorch. PyTorch has a security vulnerability that stems from an assertion error in nn.Fold when using inductor, no details of the vulnerability are provided at this time...

5.3CVSS6.6AI score0.00338EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•3 views

PyTorch torch.nan_to_num-.long component integer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. An integer overflow vulnerability exists in the PyTorch torch.nantonum-.long component, no details of the vulnerability are available at this time...

5.3CVSS6.8AI score0.00294EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•4 views

Unspecified Vulnerability in PyTorch (CNVD-2025-23279)

PyTorch is a Python package open-sourced by PyTorch. PyTorch has a security vulnerability that stems from a syntax error in the component proxytensor.py, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6.5AI score0.00381EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•4 views

Unspecified Vulnerability in PyTorch (CNVD-2025-23278)

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from mishandling when compiling models containing torch.Tensor.tosparse and torch.Tensor.todense, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6.5AI score0.00381EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•6 views

DELL BSAFE Crypto-J Information Disclosure Vulnerability

DELL BSAFE Crypto-J is a cryptographic toolkit developed by Dell to help developers add privacy and authentication features to applications. An information disclosure vulnerability exists in DELL BSAFE Crypto-J, which stems from an error message that contains sensitive environmental information a...

5.9CVSS6.5AI score0.00306EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•2 views

NVIDIA CUDA toolkit and NVIDIA nvJPEG buffer overflow vulnerability (CNVD-2025-23253)

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. nVIDIA nvJPEG is an image codec library. A buffer overflow vulnerability exists in NVIDIA CUDA toolkit and NVIDIA nvJPEG, which could be exploited by an attacker to...

5.7CVSS6.5AI score0.00141EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/28 12:0 a.m.•4 views

NVIDIA CUDA toolkit and NVIDIA nvJPEG numeric error vulnerability

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. nVIDIA nvJPEG is an image codec library. A numeric error vulnerability exists in NVIDIA CUDA toolkit and NVIDIA nvJPEG, which arises from a divide-by-zero error in the...

4.7CVSS6.5AI score0.0012EPSS
Exploits0References1
Total number of security vulnerabilities131179