漏洞标题 CVE-2023-47643: SuiteCRM Unauthenticated Graphql Introspection 漏洞描述 Graphql Introspection is enabled without authentication, exposing the scheme defining all object ty...

漏洞标题 CVE-2023-34039: VMWare Aria Operations - Remote Code Execution 漏洞描述 VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039) ...

漏洞标题 CVE-2020-12800: WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution 漏洞描述 WordPress Contact Form 7 before 1.3.3.3 allows unrestricted file upload and remote co...

漏洞标题 CVE-2022-37122: Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Path Traversal 漏洞描述 Carel pCOWeb HVAC BACnet Gateway 2.1.0 contains an unauthenticated arbitrary file disclosu...

漏洞标题 CVE-2022-2487: Wavlink WN535K2/WN535K3 - OS Command Injection 漏洞描述 Wavlink WN535K2 and WN535K3 routers are susceptible to OS command injection which affects unknown co...

漏洞标题 CVE-2025-6970: WordPress Events Manager <= 7.0.3 - SQL Injection 漏洞描述 The Events Manager - Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable...

漏洞标题 CVE-2008-6668: nweb2fax <=0.2.7 - Local File Inclusion 漏洞描述 nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted...

漏洞标题 CVE-2022-1388: F5 BIG-IP iControl REST Auth Bypass RCE 漏洞描述 This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through t...

漏洞标题 CVE-2025-6204: DELMIA Apriso - Command Injection 漏洞描述 An Improper Control of Generation of Code (code injection / file upload → RCE) vulnerability affecting DELMIA Ap...

漏洞标题 CVE-2025-4427: Ivanti Endpoint Manager Mobile - Unauthenticated Remote Code Execution 漏洞描述 An authentication bypass in Ivanti Endpoint Manager Mobile allowing attacker...

漏洞标题 CVE-2024-23692: Rejetto HTTP File Server - Template injection 漏洞描述 This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the af...

漏洞标题 CVE-2010-1717: Joomla! Component iF surfALERT 1.2 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 ...

漏洞标题 CVE-2021-41349: Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting 漏洞描述 Microsoft Exchange Server is vulnerable to a spoofing vulnerability. Be aware t...

漏洞标题 CVE-2019-19822: TOTOLINK/Realtek Routers - Information Disclosure 漏洞描述 A certain router administration interface using Realtek APMIB (e.g., on TOTOLINK models) allows ...

漏洞标题 CVE-2025-27817: Apache Kafka 客户端任意文件读取 漏洞描述 允许未经身份验证的攻击者利用该漏洞实现任意文件读取，大多数据处理中间件或流式处理框架，如：Apache Spark Structured ...

漏洞标题 CVE-2024-45622: ASIS - SQL Injection Authentication Bypass 漏洞描述 ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQ...