最新发布第323页
CVE-2024-6095: LocalAI – Partial Local File Read
漏洞标题 CVE-2024-6095: LocalAI - Partial Local File Read 漏洞描述 A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Fo...
CVE-2021-43798: Grafana v8.x – Arbitrary File Read
漏洞标题 CVE-2021-43798: Grafana v8.x - Arbitrary File Read 漏洞描述 Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to lo...
CVE-2015-0554: ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N – Information Disclosure
漏洞标题 CVE-2015-0554: ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure 漏洞描述 ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware...
CVE-2021-24762: WordPress Perfect Survey <1.5.2 - SQL Injection
漏洞标题 CVE-2021-24762: WordPress Perfect Survey <1.5.2 - SQL Injection 漏洞描述 Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET p...
CVE-2010-1307: Joomla! Component Magic Updater – Local File Inclusion
漏洞标题 CVE-2010-1307: Joomla! Component Magic Updater - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for J...
CVE-2019-11581: Atlassian Jira Server-Side Template Injection
漏洞标题 CVE-2019-11581: Atlassian Jira Server-Side Template Injection 漏洞描述 Jira Server and Data Center is susceptible to a server-side template injection vulnerability via the...
CVE-2019-19823: TOTOLINK/Realtek Routers – Information Disclosure
漏洞标题 CVE-2019-19823: TOTOLINK/Realtek Routers - Information Disclosure 漏洞描述 A certain router administration interface using Realtek APMIB (e.g., on TOTOLINK models) allows ...
CVE-2022-31373: SolarView Compact 6.00 – Cross-Site Scripting
漏洞标题 CVE-2022-31373: SolarView Compact 6.00 - Cross-Site Scripting 漏洞描述 SolarView Compact 6.00 contains a cross-site scripting vulnerability via Solar_AiConf.php. An attack...
Artica Pandora FMS未授权访问(CVE-2020-8497)
漏洞标题 Artica Pandora FMS未授权访问(CVE-2020-8497) 漏洞描述 Artica Pandora FMS是西班牙Artica公司的一套监控系统,在 Artica Pandora FMS 到 7.42中,未经身份验证的攻击者可以读取聊天...
CVE-2025-8943: Flowise < 3.0.1 - Remote Command Execution
漏洞标题 CVE-2025-8943: Flowise < 3.0.1 - Remote Command Execution 漏洞描述 The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to s...
CVE-2022-44877: Centos Web Panel 7 Unauthenticated Remote Code
漏洞标题 CVE-2022-44877: Centos Web Panel 7 Unauthenticated Remote Code 漏洞描述 Shodan: http.title:"Login | Control WebPanel" fofa: app="CWP-虚拟主机控制面板" ...
以示例讲解Clickhouse Docker集群部署以及配置_docker
这篇文章主要介绍了Clickhouse Docker集群部署及配置,示例讲解的非常详细,希望可以帮助到有需要的小伙伴 目录写在前面环境部署Zookeeper集群部署Clickhouse集群部署1.临时镜像拷贝出配置 2.修...
平台某项目-服务器SSH密钥与日志和命令记录泄露
对于特殊的路径,我比较喜欢收集,然后批量扫子域名,来获取到敏感信息,在之前的渗透里面,机缘巧合下,拿到了一次最贵的信息泄露的漏洞 路径链接如下 /.bashrc 个人配置记录 /.ssh/authorized...
CVE-2024-21887: Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) – Command Injection
漏洞标题 CVE-2024-21887: Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection 漏洞描述 A command injection vulnerability in web components of ...
CVE-2016-8706: Memcached Server SASL Authentication – Remote Code Execution
漏洞标题 CVE-2016-8706: Memcached Server SASL Authentication - Remote Code Execution 漏洞描述 An integer overflow in process_bin_sasl_auth function in Memcached, which is responsib...
CVE-2024-5765: WpStickyBar <= 2.1.0 - SQL Injection
漏洞标题 CVE-2024-5765: WpStickyBar <= 2.1.0 - SQL Injection 漏洞描述 The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX...







