排序
CVE-2025-0107: Palo Alto Networks Expedition – OS Command Injection
漏洞标题 CVE-2025-0107: Palo Alto Networks Expedition - OS Command Injection 漏洞描述 An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthentica...
2025年2月17日 04:48CVE-2025-57819: FreePBX – Remote Code Execution
漏洞标题 CVE-2025-57819: FreePBX - Remote Code Execution 漏洞描述 FreePBX 15, 16, and 17 contain a remote code execution caused by insufficiently sanitized user-supplied data in en...
2025年2月16日 00:23CVE-2025-12139: Integrate Google Drive <= 1.5.3 - Information Disclosure
漏洞标题 CVE-2025-12139: Integrate Google Drive <= 1.5.3 - Information Disclosure 漏洞描述 File Manager for Google Drive - Integrate Google Drive with WordPress plugin for WordP...
2025年2月15日 04:53CVE-2025-24514: Ingress-Nginx Controller – Configuration Injection via Unsanitized `auth-url` Annotation
漏洞标题 CVE-2025-24514: Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-url` Annotation 漏洞描述 A security issue was discovered in ingress-nginx https-//...
2025年2月14日 07:09CVE-2025-2075: Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
漏洞标题 CVE-2025-2075: Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation 漏洞描述 The Uncanny Automator - Easy Automation...
2025年2月13日 19:12CVE-2025-54253: Adobe Experience Manager Forms – Insecure Deserialization
漏洞标题 CVE-2025-54253: Adobe Experience Manager Forms - Insecure Deserialization 漏洞描述 Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration ...
2025年2月13日 18:49(CVE-2025-4388)Liferay Portal及DXP反射型跨站脚本漏洞
漏洞标题 (CVE-2025-4388)Liferay Portal及DXP反射型跨站脚本漏洞 漏洞描述 (CVE-2025-4388)Liferay Portal及DXP反射型跨站脚本漏洞 PoC代码 暂无
2025年2月13日 11:45CVE-2025-5777: Citrix NetScaler Memory Disclosure – CitrixBleed 2
漏洞标题 CVE-2025-5777: Citrix NetScaler Memory Disclosure - CitrixBleed 2 漏洞描述 Insufficient input validation leading to memory overread on the NetScaler Management Interface N...
2025年2月12日 15:42CVE-2025-51502: Microweber CMS 2.0 – Reflected XSS in Admin Page Creation
漏洞标题 CVE-2025-51502: Microweber CMS 2.0 - Reflected XSS in Admin Page Creation 漏洞描述 Reflected Cross-Site Scripting (XSS) exists in Microweber CMS 2.0 through the layout par...
2025年2月12日 13:51CVE-2025-46822: Java-springboot-codebase 1.1 – Arbitrary File Read
漏洞标题 CVE-2025-46822: Java-springboot-codebase 1.1 - Arbitrary File Read 漏洞描述 OsamaTaher/Java-springboot-codebase is a collection of Java and Spring Boot code snippets, appl...
2025年2月9日 22:12(CVE-2025-29927) Next.js 中间件授权检查绕过漏洞
漏洞标题 (CVE-2025-29927) Next.js 中间件授权检查绕过漏洞 漏洞描述 (CVE-2025-29927) Next.js 中间件授权检查绕过漏洞 PoC代码 暂无
2025年2月9日 18:43(CVE-2025-64764) Astro服务器岛功能反射型XSS漏洞
漏洞标题 (CVE-2025-64764) Astro服务器岛功能反射型XSS漏洞 漏洞描述 (CVE-2025-64764) Astro服务器岛功能反射型XSS漏洞 PoC代码 暂无
2025年2月9日 13:44CVE-2025-61757: Oracle Identity Manager REST WebServices – Authentication Bypass
漏洞标题 CVE-2025-61757: Oracle Identity Manager REST WebServices - Authentication Bypass 漏洞描述 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (compon...
2025年2月9日 06:38CVE-2025-2712: Yonyou UFIDA ERP-NC V5.0 – Cross-Site Scripting
漏洞标题 CVE-2025-2712: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the langcode par...
2025年2月9日 02:46CVE-2025-34152: Shenzhen Aitemi M300 Wi-Fi Repeater – Unauthenticated Remote Command Execution via `time` Parameter
漏洞标题 CVE-2025-34152: Shenzhen Aitemi M300 Wi-Fi Repeater – Unauthenticated Remote Command Execution via `time` Parameter 漏洞描述 An unauthenticated OS command injection vulne...
2025年2月8日 23:56CVE-2025-2746: Kentico Xperience 13 CMS – Staging Service Authentication Bypass (WT-2025-0011)
漏洞标题 CVE-2025-2746: Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0011) 漏洞描述 Before Kentico Xperience 13 Hotfix 173, this vulnerability can be e...
2025年2月8日 23:11
