漏洞标题 CVE-2021-33829: Drupal 7 CKEditor XSS 漏洞描述 CKEditor 4.14.0 through 4.16.x before 4.16.1 contains a reflected cross-site scripting caused by mishandling in comments, le...

漏洞标题 CVE-2022-42475: Fortinet SSL-VPN - Heap-Based Buffer Overflow 漏洞描述 A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN (versions 7.2.0 through 7.2....

漏洞标题 Apache OFBiz RMI反序列化前台命令执行(CVE-2021-26295) 漏洞描述 OFBiz是基于Java的Web框架，包括实体引擎，服务引擎和基于小部件的UI。近日，Apache OFBiz官方发布安全更新。Apache ...

漏洞标题 CVE-2022-3506: WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting 漏洞描述 WordPress Related Posts plugin prior to 2.1.3 contains a cross-site scripting vulne...

漏洞标题 CVE-2025-23061: Mongoose - NoSQL Injection 漏洞描述 NoSQL injection vulnerability in Mongoose < 8.9.5 affecting the populate() function's match option. This vulner...

漏洞标题 CVE-2025-53771: Microsoft SharePoint Server - Authentication Bypass (ToolShell) 漏洞描述 Microsoft Office SharePoint Server contains an improper authentication vulnerabili...

漏洞标题 CVE-2021-39152: XStream <1.4.18 - Server-Side Request Forgery 漏洞描述 XStream before 1.4.18 is susceptible to server-side request forgery. An attacker can request data...

漏洞标题 CVE-2022-34049: WAVLINK WN530HG4 - Improper Access Control 漏洞描述 Wavlink WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can downloa...

漏洞标题 CVE-2023-23488: WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection 漏洞描述 WordPress Paid Memberships Pro plugin before 2.9.8 contains a blind SQL injection v...

漏洞标题 CVE-2018-1273 Spring Data Commons 远程命令执行 漏洞描述 Pivotal Spring Data Commons和Spring Data REST都是美国Pivotal Software公司的产品。PivotalSpring Data Commons是一个为...

漏洞标题 CVE-2017-5983: JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE) 漏洞描述 The JIRA Workflow Designer Plugin in Atlassian JIRA...

漏洞标题 CVE-2024-45309: OneDev.io < 11.0.9 - Arbitrary File Read 漏洞描述 Files on the host computer can be accessed by directory traversal. PoC代码

漏洞标题 CVE-2024-21645: pyload - Log Injection 漏洞描述 A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbit...

漏洞标题 CVE-2024-3032: WordPress Themify Builder < 7.5.8 - Open Redirect 漏洞描述 The Themify Builder WordPress plugin before version 7.5.8 contains an open redirect vulnerabil...

漏洞标题 CVE-2022-3982: WordPress Booking Calendar <3.2.2 - Arbitrary File Upload 漏洞描述 WordPress Booking Calendar plugin before 3.2.2 is susceptible to arbitrary file upload...

漏洞标题 CVE-2015-5531: Elasticsearch CVE-2015-5531 漏洞描述 Elasticsearch before 1.4.4 allows remote attackers to read arbitrary files via a crafted request to the head plugin. Po...