Lucene search
+L

131179 matches found

CNVD
CNVD
•added 2025/09/09 12:0 a.m.•6 views

Huawei HarmonyOS Ark eTS Module Denial of Service Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A denial of service vulnerability exists in the Huawei HarmonyOS Ark eTS module, which can be exploited by attackers to cause availability to be compromised...

8.4CVSS6.6AI score0.00099EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•8 views

POS Point of Sale System 6776.php File Cross-Site Scripting Vulnerability

POS Point of Sale System is a pos point of sale system. POS Point of Sale System suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the scripts parameter of the...

6.1CVSS6.1AI score0.00264EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•4 views

Google Android Information Disclosure Vulnerability (CNVD-2025-21348)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by a lack of permission checking in the audio service. An attacker can exploit the vulnerability to obtain the MAC address of a nearby...

5.5CVSS6.1AI score0.0007EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•4 views

D-Link DIR-825 ping6_ipaddr parameter buffer overflow vulnerability

D-Link DIR-825 is a dual-band wireless router for SMB and SOHO environments from AUO D-Link, supporting 2.4GHz and 5GHz bands at the same time to meet the demand for multi-device HD video transmission. The D-Link DIR-825 suffers from a buffer overflow vulnerability that originates from the...

9.8CVSS8.2AI score0.00869EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•3 views

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability (CNVD-2025-23051)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A security feature bypass vulnerability exists in Microsoft Edge Chromium-based, which can be exploited by an attacker to cause a security feature bypass...

4.7CVSS6.5AI score0.00364EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•2 views

Cisco Integrated Management Controller Input Validation Error Vulnerability

Cisco Integrated Management Controller IMC is a set of software used by Cisco to manage UCS Unified Computing System, which supports HTTP, SSH access, etc., and allows operations such as powering up, shutting down and restarting the server. An input validation error vulnerability exists in Cisco...

7.1CVSS7.3AI score0.00462EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•6 views

POS Point of Sale System /deferred_table.php Cross-Site Scripting Vulnerability

POS Point of Sale System is a pos point of sale system. POS Point of Sale System suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the parameter scripts in the file...

6.1CVSS6.1AI score0.00364EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•6 views

POS Point of Sale System /complex_header_2.php file cross-site scripting vulnerability

POS Point of Sale System is a pos point of sale system. POS Point of Sale System suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the scripts parameter of the...

6.1CVSS6.1AI score0.00264EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•4 views

Google Android Classic Buffer Overflow Vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a classic buffer overflow vulnerability that can be exploited by an attacker to cause local information disclosure...

5.5CVSS6.5AI score0.00076EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•6 views

WordPress Admin Menu Editor plugin cross-site scripting vulnerability

WordPress Admin Menu Editor plugin is a plugin for customizing and managing backend menus, supporting reordering, hiding/showing menu items, modifying permissions and more. WordPress Admin Menu Editor plugin suffers from a cross-site scripting vulnerability that stems from insufficient input...

6.4CVSS6AI score0.00223EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•4 views

Online Course Registration semester parameter SQL injection vulnerability

Online Course Registration is an online course registration system. A SQL injection vulnerability exists in Online Course Registration due to a lack of validation of externally entered SQL statements by the parameter semester. An attacker can exploit this vulnerability to execute illegal SQL...

9.8CVSS7.9AI score0.00387EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•3 views

Google Android elevation of privilege vulnerability (CNVD-2025-21350)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to an obfuscated agent in the system's user interface. An attacker can exploit the vulnerability to gain elevated privileges on the system...

7.8CVSS7.2AI score0.00073EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•4 views

POS Point of Sale System /dom_data_th.php File Cross-Site Scripting Vulnerability

POS Point of Sale System is a pos point of sale system. POS Point of Sale System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter scripts in the file...

6.1CVSS6.1AI score0.00364EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•7 views

Huawei HarmonyOS home screen module privilege checksum vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege checksum vulnerability exists in the Huawei HarmonyOS home screen module, which can be exploited by an attacker to compromise usability...

6.8CVSS6.8AI score0.00084EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•4 views

Cisco NX-OS Software Operating System Command Injection Vulnerability

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. Cisco NX-OS Software suffers from an operating system command injection vulnerability that stems from insufficient user input validation, which can be exploited by an...

4.4CVSS5.8AI score0.03221EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•2 views

WordPress Aitasi Coming Soon plugin deserialization vulnerability

WordPress Aitasi Coming Soon plugin is a plugin for creating professional coming soon pages Coming Soon or maintenance mode pages that can be built quickly without coding or design skills. The WordPress Aitasi Coming Soon plugin suffers from a deserialization vulnerability that arises from unsafe...

7.2CVSS7.4AI score0.00436EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•5 views

Huawei HarmonyOS audio module competitive conditions loophole

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS audio module, which can be exploited by attackers to cause functional stability to be...

7.5CVSS6.7AI score0.00069EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•6 views

POS Point of Sale System /empty_table.php File Cross-Site Scripting Vulnerability

POS Point of Sale System is a pos point of sale system. POS Point of Sale System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter scripts in the file...

6.1CVSS6.1AI score0.00364EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•2 views

WordPress plugin Add to Feedly cross-site request forgery vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress plugin Add to Feedly, no detailed...

7.1CVSS6.5AI score0.00108EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•5 views

POS Point of Sale System /2512.php File Cross-Site Scripting Vulnerability

POS Point of Sale System is a pos point of sale system. POS Point of Sale System suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the scripts parameter of the...

6.1CVSS6.1AI score0.00264EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/09 12:0 a.m.•11 views

WordPress Plugin AdForest Has Unspecified Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin AdForest 6.0.9 and prior versions, which stems from...

9.8CVSS6.9AI score0.00459EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•6 views

Unspecified Vulnerability in NVIDIA DOCA

NVIDIA DOCA is a software framework from NVIDIA. NVIDIA DOCA has a security vulnerability that can be exploited by attackers to potentially cause elevation of privilege...

7.3CVSS6.8AI score0.00141EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Chrome Extension Improperly Implemented Vulnerability

Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from an Extension Misimplementation vulnerability that stems from an inadequate validation mechanism f...

8.8CVSS6.6AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•6 views

Google Pixel elevation of privilege vulnerability (CNVD-2025-25480)

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that can be exploited by an attacker that may lead to physical elevation of privileges...

8.4CVSS6.5AI score0.00086EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

Google Android Denial of Service Vulnerability (CNVD-2025-28663)

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which is caused by a privilege bypass due to a missing privilege check in the isSystem function in WifiPermissionsTil.java. An attacker can exploit this...

5.5CVSS6.7AI score0.00078EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Android elevation of privilege vulnerability (CNVD-2025-23046)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by background activity that may be initiated as a result of logic errors in multiple functions of LocationProviderManager.java. An attacker...

7.8CVSS7.4AI score0.00086EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

Google Android elevation of privilege vulnerability (CNVD-2025-23038)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused due to memory corruption after free usage in multiple locations. The vulnerability can be exploited by an attacker to gain elevated...

7.8CVSS7.5AI score0.00083EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Android Denial of Service Vulnerability (CNVD-2025-24502)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability caused by resource exhaustion when repeatedly adding allowed packages to the allowPackageAccess function in multiple files. An attacker could exploit the...

5.5CVSS6.7AI score0.00076EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Android elevation of privilege vulnerability (CNVD-2025-24503)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local privilege escalation...

7.3CVSS6.9AI score0.00097EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

appRain CMF SQL Injection Vulnerability (CNVD-2025-21133)

appRain CMF is a content management framework. appRain CMF suffers from an SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BPage%5D%5Bname%5D parameter of /apprain/page/manage-static-pages/create. An attacker could use this...

9.8CVSS7.5AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21120)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/dialogs endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21121)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/hysontable endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authenticatio...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Android elevation of privilege vulnerability (CNVD-2025-29707)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

7.8CVSS7.2AI score0.00091EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•6 views

Google Android Information Disclosure Vulnerability (CNVD-2025-30725)

Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

6.5CVSS6.2AI score0.00262EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android elevation of privilege vulnerability (CNVD-2025-26884)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is a cross-user file leak due to a logic error in the getDestinationForApp function in SpaAppBridgeActivity. An attacker can exploit the vulnerabili...

7.8CVSS7.1AI score0.00079EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

Google Android Reuse After Release Vulnerability

Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from a post-release reuse vulnerability, which can be exploited...

8.8CVSS6.5AI score0.00545EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•2 views

Google Android Denial of Service Vulnerability (CNVD-2025-23029)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability caused by a logic error in multiple functions of DexUseManagerLocal.java. An attacker can exploit the vulnerability to cause the system server to crash...

5.5CVSS6.8AI score0.00092EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Android Logic Error Vulnerability

Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from a logic error vulnerability that can be exploited by...

7.8CVSS6.2AI score0.00079EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Android Code Execution Vulnerability (CNVD-2025-23031)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a code execution vulnerability that is caused by out-of-bounds access due to incorrect boundary checking in multiple locations. An attacker can exploit the vulnerability to execute arbitrary code...

8.1CVSS8.2AI score0.00498EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android elevation of privilege vulnerability (CNVD-2025-24495)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to gain higher privileges on the system...

7.8CVSS7.4AI score0.00089EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android Information Disclosure Vulnerability (CNVD-2025-26880)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that can be exploited by an attacker to cause local information disclosure...

3.3CVSS6AI score0.00078EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•6 views

Google Android elevation of privilege vulnerability (CNVD-2025-29706)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is due to a logic error in multiple locations that can be exploited by an attacker to elevate privileges...

7.3CVSS7.2AI score0.00081EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Android Privilege Bypass Vulnerability

Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from a privilege bypass vulnerability that can be exploited by ...

7.8CVSS6.5AI score0.00083EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•6 views

Google Android elevation of privilege vulnerability (CNVD-2025-24496)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to an unsafe deserialization flaw in the assertSafeToStartCustomActivity function in AppRestrictions Fragment.java. An attacker can exploit the...

7.8CVSS7.4AI score0.00164EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•8 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21110)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input in /apprain/appreport/manage/endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Android elevation of privilege vulnerability (CNVD-2025-26879)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a path traversal error in multiple locations, which can be exploited by an attacker to gain elevated privileges on the system...

4.4CVSS7.4AI score0.00106EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android elevation of privilege vulnerability (CNVD-2025-26732)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a BAL bypass in the clearAllowBgActivityStarts function in PendingIntentRecord.java. An attacker can exploit the vulnerability to eleva...

7.8CVSS7.2AI score0.00083EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•2 views

Google Android Protocol Implementation Incorrect Vulnerability

Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from an incorrect protocol implementation vulnerability that ca...

8.8CVSS6.7AI score0.00315EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•2 views

Google Android Information Disclosure Vulnerability (CNVD-2025-30726)

Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

5.5CVSS6.2AI score0.00084EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•2 views

Google Android elevation of privilege vulnerability (CNVD-2025-29704)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

7.8CVSS7.2AI score0.00092EPSS
Exploits0References1
Total number of security vulnerabilities131179