Cnvd - Page 93 of Cnvd Vulnerabilities List

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20423)

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

6.8CVSS8.1AI score0.00964EPSS

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20422)

6.8CVSS8.1AI score0.00972EPSS

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20419)

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20301)

6.8CVSS8.1AI score0.00964EPSS

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20295)

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20293)

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20291)

6.8CVSS8.1AI score0.00972EPSS

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20290)

Kenwood DMX958XR Command Injection Vulnerability

6.7CVSS8.2AI score0.0012EPSS

SAMSUNG Blockchain Keystore Code Execution Vulnerability (CNVD-2025-20014)

SAMSUNG Blockchain Keystore is a system tool for creating, storing, managing and backing up private keys from Samsung South Korea. A code execution vulnerability exists in SAMSUNG Blockchain Keystore, which can be exploited by an attacker to execute arbitrary code on the system...

6.7CVSS8.2AI score0.0012EPSS

SAMSUNG Blockchain Keystore Code Execution Vulnerability

CNVD•added 2025/08/18 12:0 a.m.•1 views

SAMSUNG Blockchain Keystore Information Disclosure Vulnerability

SAMSUNG Blockchain Keystore is a system tool for creating, storing, managing and backing up private keys from Samsung South Korea. An information disclosure vulnerability exists in SAMSUNG Blockchain Keystore, which is caused by an out-of-bounds read flaw. An attacker could exploit the...

4.4CVSS6.1AI score0.00137EPSS

7.5CVSS6.1AI score0.0044EPSS

NVIDIA Triton Inference Server Information Disclosure Vulnerability

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an information disclosure vulnerability that is caused by an out-of-bounds read flaw in the...

6.1CVSS5.9AI score0.00205EPSS

SAP NetWeaver ABAP Platform Cross-Site Scripting Vulnerability

NetWeaver ABAP Platform is an enterprise-class application development and deployment platform provided by SAP. A cross-site scripting vulnerability exists in NetWeaver ABAP Platform. An attacker could use this vulnerability to generate a malicious link and make it publicly accessible. When an...

6.1CVSS7.1AI score0.00189EPSS

SAP NetWeaver Application Server ABAP HTML Injection Vulnerability

SAP NetWeaver Application Server ABAP is an application server developed by SAP to run ABAP applications. An HTML injection vulnerability exists in SAP NetWeaver Application Server ABAP. An attacker could exploit this vulnerability to construct URLs containing malicious scripts that could be...

7.3CVSS6.8AI score0.00097EPSS

Huawei HarmonyOS lock screen module state verification vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A stateful validation vulnerability exists in the Huawei HarmonyOS lock screen module, which can be exploited by an attacker to compromise confidentiality an...

6.5CVSS6.7AI score0.00142EPSS

Huawei HarmonyOS devicemanager module out-of-bounds read vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds read vulnerability exists in the Huawei HarmonyOS devicemanager module, which can be exploited by attackers to affect availability...

Kenwood DMX958XR libSystemLib Function OS Command Injection Vulnerability

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. An operating system command injection vulnerability exists in the Kenwood DMX958XR libSystemLib function, which can be exploited by an attacker to execute code in a root context...

5.3CVSS6.7AI score0.00088EPSS

Huawei HarmonyOS multi-mode input module iterator failure vulnerability Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. The Huawei HarmonyOS multi-mode input module suffers from an Iterator Failure Vulnerability vulnerability that can be exploited by attackers to affect...

6.7CVSS8.2AI score0.00139EPSS

SAMSUNG Blockchain Keystore Code Execution Vulnerability (CNVD-2025-20015)

8.4CVSS6.8AI score0.00112EPSS

Huawei HarmonyOS virtualization base module path traversal vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A path traversal vulnerability exists in the Huawei HarmonyOS virtualization base module, which can be exploited by an attacker to compromise confidentiality...

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20297)

6.7CVSS7.2AI score0.00095EPSS

Huawei HarmonyOS and EMUI Buffer Overflow Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A buffer overflow vulnerability exists in Huawei HarmonyO...

7.5CVSS6.7AI score0.00439EPSS

NVIDIA Triton Inference Server Denial of Service Vulnerability (CNVD-2025-20002)

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service...

6.1CVSS5.7AI score0.00205EPSS

SAP NetWeaver Application Server for ABAP Cross-Site Scripting Vulnerability (CNVD-2025-21207)

SAP NetWeaver Application Server for ABAP is a powerful development and runtime platform that is at the heart of many basic SAP business applications. A cross-site scripting vulnerability exists in SAP NetWeaver Application Server for ABAP. An attacker could exploit this vulnerability by...

8.1CVSS8.2AI score0.0871EPSS

Grav CMS Remote Code Execution Vulnerability

Grav CMS is Grav open source a flat file-based content management system . Grav CMS suffers from a remote code execution vulnerability that originates from allowing authenticated administrators to upload malicious plugins via the admin/tools/direct-install interface, which can be exploited by an...

Exploits7References1

4.4CVSS6.8AI score0.0008EPSS

Huawei HarmonyOS cjwindow Module Pointer Dangling Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A pointer dangling vulnerability exists in the Huawei HarmonyOS cjwindow module, which can be exploited by an attacker to cause functional stability to be...

6.5CVSS6.8AI score0.00128EPSS

Huawei HarmonyOS NearLink stack SSAP module out-of-bounds read vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds read vulnerability exists in the SSAP module of the Huawei HarmonyOS NearLink protocol stack, which can be exploited by an attacker to cause...

9.1CVSS6.7AI score0.00469EPSS

NVIDIA Triton Inference Server Security Bypass Vulnerability

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. A security bypass vulnerability exists in NVIDIA Triton Inference Server, which can be exploited by attackers to cause a denial of service...

8.8CVSS8.1AI score0.00783EPSS

Kenwood DMX958XR ReadMVGImage Function OS Command Injection Vulnerability

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. An operating system command injection vulnerability exists in the Kenwood DMX958XR ReadMVGImage function, which can be exploited by an attacker to execute code in a root context...

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20302)

7.8CVSS7.4AI score0.00181EPSS

Adobe Substance3D Modeler Out-of-Bounds Write Vulnerability (CNVD-2025-19229)

Adobe Substance3D Modeler is the core tool in the Adobe Substance 3D series of software, designed for 3D modeling, supporting digital clay sculpting, symmetry tools, automated UV management, and other features for seamless switching across computer VR environments. An out-of-bounds write...

5.5CVSS6.8AI score0.0009EPSS

Huawei HarmonyOS Denial of Service Vulnerability (CNVD-2025-20843)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A denial-of-service vulnerability exists in Huawei HarmonyOS, which can be exploited by an attacker to cause the availability of advertised services to be...

8CVSS6.6AI score0.00084EPSS

Huawei HarmonyOS Denial of Service Vulnerability (CNVD-2025-19439)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A denial of service vulnerability exists in Huawei HarmonyOS, which can be exploited by attackers to affect availability...

CNVD•added 2025/08/18 12:0 a.m.•5 views

Unspecified Vulnerability in Kenwood DMX958XR

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. A security vulnerability exists in the Kenwood DMX958XR, which can be exploited by attackers to cause a software downgrade...

6.8CVSS6.8AI score0.00295EPSS

6.8CVSS6.8AI score0.00121EPSS

Unspecified Vulnerability in Huawei HarmonyOS and EMUI HVB Modules

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security vulnerability exists in Huawei HarmonyOS an...

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20421)

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20296)

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20426)

7.3CVSS6.7AI score0.00096EPSS

Huawei HarmonyOS and EMUI Resource Read Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A resource read vulnerability exists in Huawei HarmonyOS...

8.3CVSS7AI score0.00137EPSS

Huawei HarmonyOS devicemanager bind authentication bypass vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A bind authentication bypass vulnerability exists in Huawei HarmonyOS devicemanager, which can be exploited by an attacker to compromise confidentiality...

5.5CVSS6.8AI score0.00097EPSS

Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-22269)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from ParcelMismatch in attribute deserialization, and can be exploited by an attacker to cau...

CNVD•added 2025/08/18 12:0 a.m.•5 views

Huawei HarmonyOS distributed notification service memory misreference vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A memory misreference vulnerability exists in the Huawei HarmonyOS distributed notification service, which can be exploited by an attacker to cause an...

7.5CVSS6.8AI score0.00136EPSS

CNVD•added 2025/08/18 12:0 a.m.•5 views

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20300)

6.5CVSS7.3AI score0.00463EPSS

Bottinelli Informatical Vedo Suite Server-Side Request Forgery Vulnerability

Bottinelli Informatical Vedo Suite is an enterprise software suite for the textile and design industry from Bottinelli Informatica, Italy. Bottinelli Informatical Vedo Suite suffers from a server-side request forgery vulnerability, which originates from the /apivedo/video/preview endpoint that do...

Exploits2References1

CNVD•added 2025/08/18 12:0 a.m.•6 views

Huawei HarmonyOS NearLink stack SSAP module out-of-bounds read vulnerability (CNVD-2025-22260)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds read vulnerability exists in the SSAP module of the Huawei HarmonyOS NearLink protocol stack, which can be exploited by an attacker to affec...

6.5CVSS6.7AI score0.00132EPSS

5.5CVSS6.9AI score0.00091EPSS

Huawei HarmonyOS ArkUI Framework Out-of-Bounds Array Access Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds array access vulnerability exists in the Huawei HarmonyOS ArkUI framework, which can be exploited by an attacker to impact usability...

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20420)

8.8CVSS7.8AI score0.00406EPSS

Kenwood DMX958XR Stack Buffer Overflow Vulnerability

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a stack buffer overflow vulnerability that stems from JKRadioService not properly validating the length of user-supplied data, which can be exploited by an attacker to execute code in the root...

7.5CVSS6.7AI score0.00461EPSS

NVIDIA Triton Inference Server Denial of Service Vulnerability (CNVD-2025-20006)

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service...