漏洞标题 CVE-2025-56266: Avigilon ACM - Host Header Injection 漏洞描述 A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code v...

漏洞标题 CVE-2025-0108: PAN-OS Management Interface - Path Confusion to Authentication Bypass 漏洞描述 A vulnerability in PAN-OS management interface allows authentication bypass t...

漏洞标题 CVE-2025-10211: ChanCMS <= 3.3.0 - Server-Side Request Forgery 漏洞描述 yanyutao0402 ChanCMS 3.3.0 contains a server-side request forgery caused by manipulation of the ...

漏洞标题 CVE-2025-34143: ETQ Reliance - Authentication Bypass via Trailing Space 漏洞描述 An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform....

漏洞标题 CVE-2025-25291: GitLab - SAML Authentication Bypass 漏洞描述 ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication ...

漏洞标题 CVE-2025-9985: Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File 漏洞描述 The Featured Image from URL (FIFU) plugin for WordPr...

漏洞标题 CVE-2025-2748: Kentico Xperience CMS - Unauthenticated Stored XSS 漏洞描述 The Kentico Xperience application does not fully validate or filter files uploaded via the multi...

漏洞标题 CVE-2025-6403: Code-Projects School Fees Payment System 1.0 - SQL Injection 漏洞描述 A vulnerability was found in code-projects School Fees Payment System 1.0. It has been...

漏洞标题 (CVE-2025-58751) Vite server.fs 安全绕过漏洞 漏洞描述 (CVE-2025-58751) Vite server.fs 安全绕过漏洞 PoC代码 暂无

漏洞标题 CVE-2025-48954: Discourse OAuth Social Login - Cross-site Scripting 漏洞描述 Discourse versions prior to 3.5.0.beta6 contain a stored Cross-Site Scripting (XSS) vulnerabil...

漏洞标题 CVE-2025-25034: SugarCRM - Unauthenticated Remote Code Execution via PHP Object Injection 漏洞描述 A PHP object injection vulnerability exists in SugarCRM versions prior t...

漏洞标题 CVE-2025-55182: React Server Components - Remote Code Execution 漏洞描述 React Server Components 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including react-server-dom-parcel, reac...

漏洞标题 CVE-2025-0107: Palo Alto Networks Expedition - OS Command Injection 漏洞描述 An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthentica...

漏洞标题 CVE-2025-57819: FreePBX - Remote Code Execution 漏洞描述 FreePBX 15, 16, and 17 contain a remote code execution caused by insufficiently sanitized user-supplied data in en...

漏洞标题 CVE-2025-12139: Integrate Google Drive <= 1.5.3 - Information Disclosure 漏洞描述 File Manager for Google Drive - Integrate Google Drive with WordPress plugin for WordP...

漏洞标题 CVE-2025-24514: Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-url` Annotation 漏洞描述 A security issue was discovered in ingress-nginx https-//...