排序
CVE-2023-1454: Jeecg-boot 3.5.0 qurestSql – SQL Injection
漏洞标题 CVE-2023-1454: Jeecg-boot 3.5.0 qurestSql - SQL Injection 漏洞描述 A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part ...
2023年12月9日 22:51CVE-2023-35156: XWiki >= 6.0-rc-1 – Cross-Site Scripting
漏洞标题 CVE-2023-35156: XWiki >= 6.0-rc-1 - Cross-Site Scripting 漏洞描述 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of i...
2023年12月9日 22:47CVE-2023-37728: IceWarp Webmail Server v10.2.1 – Cross Site Scripting
漏洞标题 CVE-2023-37728: IceWarp Webmail Server v10.2.1 - Cross Site Scripting 漏洞描述 Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability ...
2023年12月9日 22:07Apache RocketMQ CVE-2023-33246 远程代码执行漏洞
漏洞标题 Apache RocketMQ CVE-2023-33246 远程代码执行漏洞 漏洞描述 Apache RocketMQ存在远程代码执行漏洞,此漏洞是由于对权限和用户输入校验不当导致的。 PoC代码 暂无
2023年12月9日 18:09CVE-2023-6875: WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass
漏洞标题 CVE-2023-6875: WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass 漏洞描述 The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP ...
2023年12月9日 16:20CVE-2023-25573: Metersphere – Arbitrary File Read
漏洞标题 CVE-2023-25573: Metersphere - Arbitrary File Read 漏洞描述 Metersphere is an open source continuous testing platform. In affected versions an improper access control vulne...
2023年12月9日 04:23CVE-2023-2648: Weaver E-Office 9.5 – Remote Code Execution
漏洞标题 CVE-2023-2648: Weaver E-Office 9.5 - Remote Code Execution 漏洞描述 A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an u...
2023年12月9日 01:55CVE-2023-3578: DedeCMS 5.7.109 – Server-Side Request Forgery
漏洞标题 CVE-2023-3578: DedeCMS 5.7.109 - Server-Side Request Forgery 漏洞描述 Manipulation of the rssurl parameter in co_do.php leads to server-side request forgery in DedeCMS ver...
2023年12月9日 00:45CVE-2023-6831: mlflow – Path Traversal
漏洞标题 CVE-2023-6831: mlflow - Path Traversal 漏洞描述 Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. PoC代码
2023年12月8日 23:48CVE-2023-40750: PHPJabbers Yacht Listing Script v1.0 – Cross-Site Scripting
漏洞标题 CVE-2023-40750: PHPJabbers Yacht Listing Script v1.0 - Cross-Site Scripting 漏洞描述 There is a Cross Site Scripting (XSS) vulnerability in the "action" paramete...
2023年12月8日 21:43CVE-2023-5360: WordPress Royal Elementor Addons Plugin <= 1.3.78 - Arbitrary File Upload
漏洞标题 CVE-2023-5360: WordPress Royal Elementor Addons Plugin <= 1.3.78 - Arbitrary File Upload 漏洞描述 Arbitrary File Upload vulnerability in WordPress Royal Elementor Addon...
2023年12月8日 07:43CVE-2023-20889: VMware Aria Operations for Networks – Code Injection Information Disclosure Vulnerability
漏洞标题 CVE-2023-20889: VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability 漏洞描述 Aria Operations for Networks contains an information dis...
2023年12月7日 13:26CVE-2023-28432: MinIO Cluster Deployment – Information Disclosure
漏洞标题 CVE-2023-28432: MinIO Cluster Deployment - Information Disclosure 漏洞描述 MinIO is susceptible to information disclosure. In a cluster deployment starting with RELEASE.20...
2023年12月7日 08:49Cisco IOS XE ebui_wsma_http 接口权限绕过漏洞(CVE-2023-20198)
漏洞标题 Cisco IOS XE ebui_wsma_http 接口权限绕过漏洞(CVE-2023-20198) 漏洞描述 Cisco IOS XE 是一个开放灵活的操作系统,针对未来的工作进行了优化。作为适用于企业有线和无线接入、聚合...
2023年12月6日 23:08CVE-2023-27292: OpenCATS – Open Redirect
漏洞标题 CVE-2023-27292: OpenCATS - Open Redirect 漏洞描述 OpenCATS contains an open redirect vulnerability due to improper validation of user-supplied GET parameters. This, in tur...
2023年12月6日 16:08Atlassian Confluence CVE-2023-22515 权限提升漏洞 (阶段1: 属性修改)
漏洞标题 Atlassian Confluence CVE-2023-22515 权限提升漏洞 (阶段1: 属性修改) 漏洞描述 Atlassian Confluence CVE-2023-22515 权限提升漏洞 (阶段1: 属性修改) 日期: 2024-02-07 | 影响软件:...
2023年12月6日 12:53
