排序
CVE-2025-2711: Yonyou UFIDA ERP-NC V5.0 – Cross-Site Scripting
漏洞标题 CVE-2025-2711: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the langcode par...
2025年9月19日 05:33CVE-2025-49844: Redis Lua Parser < 8.2.2 - Use After Free
漏洞标题 CVE-2025-49844: Redis Lua Parser < 8.2.2 - Use After Free 漏洞描述 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an ...
2025年11月22日 21:57(CVE-2025-29927) Next.js 中间件授权检查绕过漏洞
漏洞标题 (CVE-2025-29927) Next.js 中间件授权检查绕过漏洞 漏洞描述 (CVE-2025-29927) Next.js 中间件授权检查绕过漏洞 PoC代码 暂无
2025年8月1日 06:23CVE-2025-5605: WSO2 Management Console – Authentication Bypass
漏洞标题 CVE-2025-5605: WSO2 Management Console - Authentication Bypass 漏洞描述 An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. ...
2025年6月23日 13:04CVE-2025-1743: Pichome 2.1.0 – Arbitrary File Read
漏洞标题 CVE-2025-1743: Pichome 2.1.0 - Arbitrary File Read 漏洞描述 A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This affects an unknown ...
2025年3月16日 18:15CVE-2025-2710: Yonyou UFIDA ERP-NC V5.0 – Cross-Site Scripting
漏洞标题 CVE-2025-2710: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the flag paramet...
2025年5月17日 04:38CVE-2025-40630: IceWarp Mail Server ≤11.4.0 – Open Redirect
漏洞标题 CVE-2025-40630: IceWarp Mail Server ≤11.4.0 - Open Redirect 漏洞描述 IceWarp Mail Server version 11.4.0 and below contains an open redirect vulnerability that allows atta...
2025年11月20日 13:02CVE-2025-2712: Yonyou UFIDA ERP-NC V5.0 – Cross-Site Scripting
漏洞标题 CVE-2025-2712: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the langcode par...
2025年2月9日 02:46CVE-2025-54253: Adobe Experience Manager Forms – Insecure Deserialization
漏洞标题 CVE-2025-54253: Adobe Experience Manager Forms - Insecure Deserialization 漏洞描述 Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration ...
2025年2月13日 18:49CVE-2025-2746: Kentico Xperience 13 CMS – Staging Service Authentication Bypass (WT-2025-0011)
漏洞标题 CVE-2025-2746: Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0011) 漏洞描述 Before Kentico Xperience 13 Hotfix 173, this vulnerability can be e...
2025年4月12日 02:00CVE-2025-51502: Microweber CMS 2.0 – Reflected XSS in Admin Page Creation
漏洞标题 CVE-2025-51502: Microweber CMS 2.0 - Reflected XSS in Admin Page Creation 漏洞描述 Reflected Cross-Site Scripting (XSS) exists in Microweber CMS 2.0 through the layout par...
2025年5月3日 21:33CVE-2025-31486: Vite server.fs.deny Bypass – Local File Inclusion
漏洞标题 CVE-2025-31486: Vite server.fs.deny Bypass - Local File Inclusion 漏洞描述 Vite is a frontend tooling framework for javascript. The contents of arbitrary files can be retu...
2025年9月18日 06:55CVE-2025-41243: Spring Cloud Gateway Server Webflux – Broken Access Control
漏洞标题 CVE-2025-41243: Spring Cloud Gateway Server Webflux - Broken Access Control 漏洞描述 Spring Cloud Gateway Server Webflux contains a vulnerability caused by unsecured and e...
2025年1月30日 10:22CVE-2025-8943: Flowise < 3.0.1 - Remote Command Execution
漏洞标题 CVE-2025-8943: Flowise < 3.0.1 - Remote Command Execution 漏洞描述 The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to s...
2025年6月16日 09:54(CVE-2025-27817) Apache Kafka Client任意文件读取和SSRF漏洞
漏洞标题 (CVE-2025-27817) Apache Kafka Client任意文件读取和SSRF漏洞 漏洞描述 (CVE-2025-27817) Apache Kafka Client任意文件读取和SSRF漏洞 PoC代码 暂无
2025年5月21日 13:35CVE-2025-2539: File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read
漏洞标题 CVE-2025-2539: File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read 漏洞描述 The File Away plugin for WordPress is vulnerable to unauth...
2025年6月13日 23:09
