Lucene search
+L

131179 matches found

CNVD
CNVD
•added 2025/09/25 12:0 a.m.•6 views

Hostel Management System ID Parameter SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in parameter ID in file /justines/admin/modreservation/index.php?view=view. An attacker can...

9.8CVSS8.3AI score0.00387EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/25 12:0 a.m.•5 views

Simple Food Ordering System order.php File Cross-Site Scripting Vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter ID in the file /ordersimple/order.php, which can be...

5.4CVSS6.3AI score0.00219EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/25 12:0 a.m.•3 views

WordPress Plugin Ads by WPQuads Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Ads by WPQuads has a cross-site scripting vulnerability that stems from the...

5.9AI score
Exploits0References1
CNVD
CNVD
•added 2025/09/25 12:0 a.m.•9 views

Park Ticketing Management System foreigner-bwdates-reports-details.php file SQL injection vulnerability

Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the fromdate parameter in the file foreigner-bwdates-reports-details.php against an externally entered SQL...

9.8CVSS8.6AI score0.00445EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/25 12:0 a.m.•6 views

Tenda AC21 Buffer Overflow Vulnerability (CNVD-2025-30948)

The Tenda AC21 is a wireless router from the Chinese company Tenda. The Tenda AC21 suffers from a buffer overflow vulnerability, which originates from the parameter wpapskcrypto of the function sub45BB10 in the file /goform/WifiExtraSet that fails to correctly validate the length of the input dat...

9CVSS8.3AI score0.00952EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/24 12:0 a.m.•3 views

Online Bidding System weweee.php File SQL Injection Vulnerability

Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from insufficient validation of the parameter ID in the file /administrator/weweee.php. An attacker can use this vulnerability to obtain sensitive information from t...

9.8CVSS7.6AI score0.0055EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/24 12:0 a.m.•6 views

Post-release reuse vulnerability in Google Chrome Dawn

Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from a post-release reuse vulnerability that originates from memory reuse after release in Dawn. An...

8.8CVSS7.3AI score0.00256EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/24 12:0 a.m.•8 views

Google Chrome V8 Type Obfuscation Vulnerability

Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from a type obfuscation vulnerability that stems from type obfuscation in V8, which can be exploited b...

9.8CVSS6.9AI score0.05426EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/24 12:0 a.m.•5 views

Google Chrome Heap Buffer Overflow Vulnerability

Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from a heap buffer overflow vulnerability that originates from a heap buffer overflow in ANGLE, which...

8.8CVSS7.8AI score0.00261EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/24 12:0 a.m.•4 views

Google Chrome WebRTC Post-Release Reuse Vulnerability

Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from a post-release reuse vulnerability that originates from post-release reuse in WebRTC, which can b...

8.8CVSS7.3AI score0.0027EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/23 12:0 a.m.•2 views

D-Link DIR-852 cgibin file command injection vulnerability

D-Link DIR-852 is a dual-band Gigabit wireless router from Youxun Technology, focusing on home networking solutions and supporting Xunlei remote download function. The D-Link DIR-852 suffers from a command injection vulnerability that originates from the parameter ST of the component Simple Servi...

8.8CVSS7.8AI score0.05363EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/23 12:0 a.m.•3 views

IBM Copy Services Manager Cross-Site Scripting Vulnerability

IBM Copy Services Manager is IBM's data replication management software for simplifying and automating data replication operations in enterprise storage environments. A cross-site scripting vulnerability exists in IBM Copy Services Manager 6.3.13, which stems from insufficient filtering and...

6.1CVSS6.1AI score0.00197EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/23 12:0 a.m.•3 views

D-Link DIR-825 Buffer Overflow Vulnerability

D-Link DIR-825 is a dual-band wireless router for SMB and SOHO environments from AUO D-Link, supporting 2.4GHz and 5GHz bands at the same time to meet the demand for multi-device HD video transmission. The D-Link DIR-825 suffers from a buffer overflow vulnerability, which originates from the...

9.8CVSS8.2AI score0.03039EPSS
Exploits3References1
CNVD
CNVD
•added 2025/09/23 12:0 a.m.•5 views

Small CRM /create-ticket.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in the parameter subject in the file /create-ticket.php. An attacker can exploit this vulnerability to...

9.8CVSS7.9AI score0.00387EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/23 12:0 a.m.•7 views

D-Link DIR-852 hedwig.cgi File Command Injection Vulnerability

D-Link DIR-852 is a dual-band Gigabit wireless router from Youxun Technology, focusing on home networking solutions and supporting Xunlei remote download function. The D-Link DIR-852 suffers from a command injection vulnerability that stems from the Web Management Interface component...

8.8CVSS7.8AI score0.08849EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/23 12:0 a.m.•4 views

Online Course Registration my-profile.php File SQL Injection Vulnerability

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cgpa in the file /my-profile.php. An attacker can exploit thi...

9.8CVSS7.9AI score0.00398EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/23 12:0 a.m.•6 views

IBM Watsonx.data OS Command Injection Vulnerability

IBM Watsonx.data is an open data lake warehouse platform from International Business Machines IBM. An operating system command injection vulnerability exists in IBM Watsonx.data version 2.2 that stems from not properly validating user input and can be exploited by an attacker to cause a privilege...

7.2CVSS7.9AI score0.00315EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/23 12:0 a.m.•4 views

IBM Watsonx.data Cross-Site Scripting Vulnerability

IBM Watsonx.data is an open data lake warehouse platform from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Watsonx.data version 2.2, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited b...

5.5CVSS6.2AI score0.00173EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/23 12:0 a.m.•3 views

D-Link DIR-645 service parameter command injection vulnerability

D-Link DIR-645 is a Gigabit wireless router launched by D-Link in 2012, designed for home and SMB users. The D-Link DIR-645 suffers from a command injection vulnerability that stems from the parameter service in the file /soap.cgi failing to properly filter constructed command special characters,...

9.8CVSS7.7AI score0.04558EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/23 12:0 a.m.•5 views

D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23470)

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability that originates from a misuse of the parameters terminaladdr/serverip/serverport in the file /usr/sbin/goahead, which can be exploited by an attacker to cause...

8.8CVSS7.9AI score0.07359EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•3 views

Ashlar-Vellum Cobalt Memory Corruption Vulnerability

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A memory corruption vulnerability exists in Ashlar-Vellum Coba...

7.8CVSS7.5AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•6 views

Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-22915)

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...

7.8CVSS7.4AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•5 views

Ashlar-Vellum Cobalt Out-of-Bounds Write Vulnerability (CNVD-2025-22918)

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. An out-of-bounds write vulnerability exists in Ashlar-Vellum...

7.8CVSS7.6AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•2 views

Ashlar-Vellum Cobalt Type Obfuscation Vulnerability (CNVD-2025-23022)

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A type confusion vulnerability exists in Ashlar-Vellum Cobalt,...

7.8CVSS8AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•2 views

Ashlar-Vellum Cobalt Type Obfuscation Vulnerability (NVD-C-2025-543225)

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from a type confusion vulnerabili...

7.8CVSS7.7AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•5 views

JetBrains Junie Command Injection Vulnerability

JetBrains Junie is a coding agent of the Czech company JetBrains. JetBrains Junie suffers from a command injection vulnerability that stems from improper command validation, which can be exploited by an attacker to cause code execution...

8.3CVSS8.2AI score0.0045EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•5 views

WordPress Social Media Shortcodes plugin cross-site scripting vulnerability

WordPress Social Media Shortcodes plugin is a shortcode Shortcodes to quickly embed social media features into the WordPress website plugin, mainly used to simplify the implementation of social media sharing, login, comments and other features. A cross-site scripting vulnerability exists in the...

6.4CVSS6.1AI score0.00223EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•4 views

NVIDIA Triton Inference Server Input Validation Error Vulnerability

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an input validation error vulnerability that originates from loading a misconfigured model, whi...

7.5CVSS6.7AI score0.00322EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•4 views

Online Discussion Forum search_result.php File SQL Injection Vulnerability

Online Discussion Forum is an online forum. Online Discussion Forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /admin/adminforum/searchresult.php. An attacker can exploit this...

9.8CVSS7.9AI score0.00384EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•1 views

WordPress Productive Style plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Productive Style plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-suppli...

6.4CVSS6.1AI score0.00223EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•5 views

NVIDIA Triton Inference Server Out-of-Bounds Write Vulnerability

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an out-of-bounds write vulnerability that can be exploited by attackers to cause a denial of...

7.5CVSS6.7AI score0.00355EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•4 views

Ashlar-Vellum Cobalt Out-of-Bounds Write Vulnerability

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds write...

7.8CVSS7.6AI score0.00193EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•5 views

Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...

7.8CVSS7.4AI score0.00193EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•6 views

Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-22914)

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...

7.8CVSS7.4AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•3 views

JetBrains TeamCity Path Traversal Vulnerability

JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from a path traversal vulnerability that stems...

5.5CVSS6.9AI score0.12206EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•7 views

WordPress Quiz Maker plugin SQL Injection Vulnerability

WordPress Quiz Maker plugin is a WordPress plugin for creating online quizzes, exams and questionnaires with multiple question types and customization support. WordPress Quiz Maker plugin suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally...

5.9CVSS8.3AI score0.0088EPSS
Exploits3References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•4 views

Ashlar-Vellum Cobalt Type Obfuscation Vulnerability

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A type confusion vulnerability exists in Ashlar-Vellum Cobalt,...

7.8CVSS7.4AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•2 views

WordPress Media Player Addons for Elementor plugin cross-site scripting vulnerability

WordPress Media Player Addons for Elementor plugin is a plugin designed for Elementor page builder, mainly used to extend the media playback functionality. A cross-site scripting vulnerability exists in the WordPress Media Player Addons for Elementor plugin, which stems from insufficient input...

6.4CVSS6.3AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•4 views

WordPress Catch Dark Mode plugin file inclusion vulnerability

WordPress Catch Dark Mode plugin is an official plugin for enabling dark mode in WordPress websites, offering a wide range of customization options and pre-built theme solutions. The WordPress Catch Dark Mode plugin suffers from a file inclusion vulnerability that stems from a local file inclusio...

7.5CVSS7.2AI score0.00578EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•1 views

WordPress Blocksy Companion Plugin Cross-Site Scripting Vulnerability

WordPress Blocksy Companion Plugin is a plugin designed to enhance the functionality of WordPress themes. WordPress Blocksy Companion Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which ca...

6.4CVSS6.1AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•6 views

WordPress Developer Loggers for Simple History plugin file inclusion vulnerability

WordPress Developer Loggers for Simple History plugin is a logging plugin designed for developers, mainly used to record operational changes in the process of website development or maintenance, to help track issues and optimize site functionality. A file inclusion vulnerability exists in the...

6.6CVSS7.5AI score0.00757EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•2 views

Ashlar-Vellum Cobalt Code Execution Vulnerability

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A code execution vulnerability exists in Ashlar-Vellum Cobalt,...

7.8CVSS7.7AI score0.002EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•5 views

NVIDIA Triton Inference Server Access Control Error Vulnerability

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. An access control error vulnerability exists in NVIDIA Triton Inference Server, which can be exploited by attackers to cause memory...

7.5CVSS6.7AI score0.00328EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•3 views

NVIDIA Triton Inference Server Operating System Command Injection Vulnerability

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an operating system command injection vulnerability that stems from the Python backend not...

9.8CVSS8.2AI score0.00663EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•3 views

Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-22913)

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...

7.8CVSS7.4AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•2 views

Ashlar-Vellum Cobalt integer overflow vulnerability (CNVD-2025-22942)

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. An integer overflow vulnerability exists in Ashlar-Vellum...

7.8CVSS7.3AI score0.00203EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•4 views

Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-23023)

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...

7.8CVSS7.3AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•5 views

Ashlar-Vellum Cobalt Type Obfuscation Vulnerability (CNVD-2025-22944)

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A type-obfuscation vulnerability exists in Ashlar-Vellum Cobal...

7.8CVSS7.7AI score0.00193EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•3 views

WordPress Appointmind plugin cross-site scripting vulnerability

WordPress Appointmind plugin is an online appointment management plugin for WordPress, mainly used to embed the online appointment scheduling feature into posts or sidebars. WordPress Appointmind plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of...

6.4CVSS6.1AI score0.0018EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/19 12:0 a.m.•6 views

Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-22939)

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...

7.8CVSS7.4AI score0.00203EPSS
Exploits0References1
Total number of security vulnerabilities131179