Lucene search
+L

131179 matches found

CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21129)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/language/default.xml endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

appRain CMF Cross-Site Scripting Vulnerability (CNVD-2025-20910)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user-supplied input on the /appain/admin/config/electrical endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•8 views

Google Android elevation of privilege vulnerability (CNVD-2026-10644)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a logic error in the Pixel Sim Lock component. An attacker can exploit the vulnerability to elevate privileges...

7.8CVSS5.8AI score0.00082EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

Google Android elevation of privilege vulnerability (CNVD-2025-30722)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a logic error in the code of multiple functions in RoleService.java, which can be exploited by an attacker to gain elevated privileges on the system...

4CVSS7.6AI score0.00091EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•7 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21134)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/page/manage-static-pages/create endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Unspecified Vulnerability in Google Android (CNVD-2025-23039)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...

4CVSS6.6AI score0.001EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•2 views

Google Android elevation of privilege vulnerability (CNVD-2025-28662)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

7CVSS7.2AI score0.00083EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android elevation of privilege vulnerability (CNVD-2025-23040)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a clickjacking/overwriting attack in the maybeShowDialog function in ControlsSettingsDialogManager.kt that results in ControlsSettingsTialog...

7.8CVSS7.3AI score0.00081EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•6 views

Google Android elevation of privilege vulnerability (CNVD-2025-23034)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by an out-of-bounds write due to a heap-based buffer overflow in the appendFrom function in Parcel.cpp. An attacker can exploit the vulnerability to...

7.8CVSS8AI score0.00098EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21127)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which stems from the lack of effective filtering and escaping of user-supplied data in the /apprain/developer/addons parameter page, which can be exploited by an attacker to steal a victim's...

5.4CVSS6.4AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•6 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21115)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/baselibs endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Unspecified Vulnerability in Google Android (CNVD-2025-23037)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...

4CVSS6.6AI score0.00086EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21124)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input by the /apprain/developer/addons/update/tablesorter endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authenticati...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android Code Execution Vulnerability (CNVD-2025-23036)

Google Android is a Linux-based open source operating system from Google. Google Android has a code execution vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

8CVSS8.3AI score0.00244EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android Elevation of Privilege Vulnerability

Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from an elevation of privilege vulnerability that stems from...

7.8CVSS6.5AI score0.00076EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•8 views

Google Android elevation of privilege vulnerability (CNVD-2025-26882)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a logic error in the VerifyNoToverlapInSessions function in apexd.cpp that results in the blocking of security updates via mainline installation...

8.4CVSS7.5AI score0.00184EPSS
Exploits4References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android Information Disclosure Vulnerability (CNVD-2025-23028)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by an insecure default value flaw in the generateRandomPasword function in LocalBluetoothLeBroadcast.java. An attacker can exploit the leak to obtai...

5.7CVSS6.1AI score0.0012EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•2 views

Google Android elevation of privilege vulnerability (CNVD-2025-21369)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

7.8CVSS7AI score0.00095EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android Denial of Service Vulnerability (CNVD-2025-23041)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability that can be exploited by attackers to cause a local denial of service...

8.8CVSS6.5AI score0.00276EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•8 views

Google Android path traversal vulnerability (CNVD-2025-21374)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a path traversal vulnerability that can be exploited by an attacker to cause a local denial of service...

5.5CVSS6.4AI score0.00094EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21109)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the apprain/admin/managegroup/add/ endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials...

5.4CVSS6.3AI score0.00197EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•20 views

Unspecified Vulnerability in NVIDIA BlueField (CNVD-2025-21178)

NVIDIA BlueField is a series of data processing units from NVIDIA. NVIDIA BlueField has a security vulnerability that can be exploited by attackers to potentially cause a denial of service, elevation of privilege, and information disclosure...

8.7CVSS6.6AI score0.00135EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

Google Android Information Disclosure Vulnerability (CNVD-2025-24500)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that can be exploited by an attacker to cause local information disclosure...

5.5CVSS6AI score0.00122EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android Obfuscated Proxy Vulnerability (CNVD-2025-26792)

Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from an obfuscated proxy vulnerability that originates from...

7.8CVSS6AI score0.00077EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android Obfuscated Proxy Vulnerability

Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from an obfuscated proxy vulnerability that originates from an...

7.3CVSS6.5AI score0.00078EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Online Shopping Portal /admin/updateorder.php Cross-Site Scripting Vulnerability

Online Shopping Portal is an online store. Online Shopping Portal suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in /admin/updateorder.php, which can be exploited by an attacker to execute arbitrary web script o...

5.4CVSS6AI score0.0019EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Android Denial of Service Vulnerability (CNVD-2025-23030)

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which is caused due to incorrect input validation of multiple functions in AppOpsService.java. An attacker can exploit this vulnerability to cause a denial of...

5.5CVSS6.7AI score0.00085EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android elevation of privilege vulnerability (CNVD-2025-23042)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to gain higher privileges on the system...

7.3CVSS7.4AI score0.00131EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•6 views

Google Android elevation of privilege vulnerability (CNVD-2025-29705)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a way to bypass intent type checking due to proxy obfuscation in the isSafeIntent function in AccountTypePreferenceLoader.java. An...

7.8CVSS7.2AI score0.00082EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Unspecified Vulnerability in NVIDIA DOCA (CNVD-2025-21180)

NVIDIA DOCA is a software framework from NVIDIA. NVIDIA DOCA has a security vulnerability that can be exploited by attackers to cause elevation of privilege...

7.3CVSS6.8AI score0.00141EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•9 views

Google Android elevation of privilege vulnerability (CNVD-2025-28661)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

4CVSS6.9AI score0.00086EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

Google Android elevation of privilege vulnerability (CNVD-2025-28659)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

5.1CVSS6.9AI score0.00095EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21126)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/uploadify endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

Google Android elevation of privilege vulnerability (CNVD-2025-26730)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

7.8CVSS7.2AI score0.00089EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•6 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21112)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input by the /apprain/developer/addons/update/ace endpoint. An attacker could use this vulnerability to steal the victim's cookie-based...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

Google Android elevation of privilege vulnerability (CNVD-2025-26729)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to an unsafe default value in the onNullBinding function in RemoteFillService.java that causes background activity to start. An attacker can exploit th...

7.8CVSS7.2AI score0.00082EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21117)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/canvasjs endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

appRain CMF cross-site scripting vulnerability (CNVD-2025-21128)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/debug-log/db endpoint. An attacker could use this vulnerability to steal a victim's cookie-based authentication credentials...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•2 views

Google Android elevation of privilege vulnerability (CNVD-2025-23043)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to gain higher privileges on the system...

7.8CVSS7.4AI score0.00091EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•4 views

appRain CMF SQL Injection Vulnerability (CNVD-2025-21108)

appRain CMF is a content management framework. appRain CMF suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BAdmin%5D%5Busername%5D parameter of /apprain/admin/manage/add. An attacker could use this vulnerability t...

9.8CVSS7.5AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android Denial of Service Vulnerability (CNVD-2025-26881)

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android due to a resource exhaustion flaw in multiple functions in AccountManagerService.java. An attacker can exploit this vulnerability to cause a denial of service...

5.5CVSS6.4AI score0.00076EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

Google Android elevation of privilege vulnerability (CNVD-2025-23025)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a way to bypass intent security checks due to proxy obfuscation in multiple functions in AppRestrictions Fragment.java. An attacker can...

7.8CVSS7.4AI score0.00082EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•8 views

Google Android elevation of privilege vulnerability (CNVD-2025-23035)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to gain higher privileges on the system...

3.2CVSS7.4AI score0.00101EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

Google Android Information Disclosure Vulnerability (CNVD-2025-24498)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by a logic error in the writeContent function in RemotePrintDocument.java. An attacker can exploit this vulnerability to obtain sensitive informatio...

5CVSS6.2AI score0.00083EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

Google Android elevation of privilege vulnerability (CNVD-2025-28665)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause an elevation of privilege on a paired device...

7.8CVSS7.1AI score0.00104EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•5 views

Google Android elevation of privilege vulnerability (CNVD-2025-29703)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a logic error in the updateState function in ContentProtectionTogglePreferenceController.java, which can be exploited by an attacker to elevate...

7.8CVSS7.2AI score0.00079EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•3 views

TOTOLINK X5000R Command Injection Vulnerability

TOTOLINK X5000R is a wireless router supporting Wi-Fi 6 technology with full coverage mesh system and dual-band transmission for home and business network environments. The TOTOLINK X5000R suffers from a command injection vulnerability that stems from the parameter pid in the file...

9.8CVSS6.8AI score0.03738EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•6 views

Google Android elevation of privilege vulnerability (CNVD-2025-26731)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

7.8CVSS7.2AI score0.00085EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•36 views

appRain CMF SQL Injection Vulnerability (CNVD-2025-21132)

appRain CMF is a content management framework. appRain CMF suffers from an SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BPage%5D%5Bname%5D parameter of /apprain/page/manage-dynamic-pages/create. An attacker could use this...

9.8CVSS7.9AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/08 12:0 a.m.•9 views

Google Android Denial of Service Vulnerability (CNVD-2025-23027)

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which is caused by a logic error in the handlePackagesChanged function in DevicePolicyManagerService.java. An attacker can exploit this vulnerability to cause a...

6.1CVSS6.6AI score0.00079EPSS
Exploits0References1
Total number of security vulnerabilities131179