漏洞标题 CVE-2025-1974-k8s: Ingress-Nginx Controller - Unauthenticated Remote Code Execution 漏洞描述 A security issue was discovered in ingress-nginx where the `auth-tls-match-cn`...

漏洞标题 (CVE-2025-4123) Grafana 路径遍历与开放重定向导致的跨站脚本漏洞 漏洞描述 (CVE-2025-4123) Grafana 路径遍历与开放重定向导致的跨站脚本漏洞 PoC代码 暂无

漏洞标题 CVE-2025-5086: Dassault Systèmes DELMIA Apriso (up to 2025) - Insecure Deserialization 漏洞描述 A deserialization of untrusted data vulnerability affecting DELMIA Apriso ...

漏洞标题 （CVE-2025-15004）DedeCMS至5.7.118版本freelist_main.php文件orderby参数SQL注入漏洞 漏洞描述 （CVE-2025-15004）DedeCMS至5.7.118版本freelist_main.php文件orderby参数SQL注入漏...

漏洞标题 CVE-2025-34027: Versa Concerto API Path Based - Authentication Bypass 漏洞描述 Authentication bypass in the Versa Concerto API, caused by URL decoding inconsistencies. It ...

漏洞标题 CVE-2025-0674: Elber ESE DVB-S/S2 - Authentication Bypass 漏洞描述 Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized...

漏洞标题 CVE-2025-2709: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the key and redi...

漏洞标题 CVE-2025-2010: WordPress JobWP Plugin <= 2.3.9 - SQL Injection 漏洞描述 The JobWP - Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is v...

漏洞标题 CVE-2025-52665: UniFi Access - Broken Access Control 漏洞描述 UniFi Access Application 3.3.22 through 3.4.31 contains a broken authentication caused by misconfiguration ex...

漏洞标题 CentreStack 存在反序列化漏洞（CVE-2025-30406） 漏洞描述 CVE-2025-30406 是由 CentreStack 门户的硬编码 machineKey使用导致的反序列化漏洞。攻击者可以通过该漏洞获取服务器权限，...

漏洞标题 CVE-2025-9316: N-central - Authentication Bypass 漏洞描述 N-central < 2025.4 can generate sessionIDs for unauthenticated users This issue affects N-central: before 2025...

漏洞标题 CVE-2025-5961: WordPress WPvivid Backup & Migration Plugin <= 0.9.116 - Authenticated Arbitrary File Upload 漏洞描述 The Migration, Backup, Staging – WPvivid Backu...

漏洞标题 CVE-2025-47539: Eventin <= 4.0.26 - Privilege Escalation 漏洞描述 The Eventin WordPress plugin before 4.0.27 suffers from an unauthenticated privilege escalation vulner...

漏洞标题 CVE-2025-2710: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the flag paramet...

漏洞标题 CVE-2025-52970: Fortinet FortiWeb - Authentication Bypass to Admin Privilege 漏洞描述 A improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, vers...

漏洞标题 CVE-2025-2563: User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation 漏洞描述 The User Registration & Membership plugin for WordPress i...