漏洞标题 CVE-2025-61757: Oracle Identity Manager REST WebServices - Authentication Bypass 漏洞描述 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (compon...

漏洞标题 CVE-2025-34031: Moodle Jmol Filter 6.1 - Local File Inclusion 漏洞描述 Moodle Jmol Filter 6.1 is vulnerable to local file inclusion through the jsmol.php file, allowing at...

漏洞标题 CVE-2025-49706: Microsoft SharePoint Server - Authentication Bypass 漏洞描述 Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perf...

漏洞标题 CVE-2025-32969: XWiki REST API Query - SQL Injection 漏洞描述 A SQL injection vulnerability exists in XWiki's REST API query endpoint. An unauthenticated attacker can...

漏洞标题 CVE-2025-27218: Sitecore Experience Manager (XM)/Experience Platform (XP) 10.4 - Insecure Deserialization 漏洞描述 Sitecore Experience Manager (XM) and Experience Platform...

漏洞标题 CVE-2025-58434: Flowise <= 3.0.5 - Account Takeover 漏洞描述 Flowise versions 3.0.5 and earlier had a vulnerability in the forgot-password endpoint, which returned vali...

漏洞标题 CVE-2025-55182: React Server Components - Remote Code Execution 漏洞描述 React Server Components 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including react-server-dom-parcel, reac...

漏洞标题 CVE-2025-48954: Discourse OAuth Social Login - Cross-site Scripting 漏洞描述 Discourse versions prior to 3.5.0.beta6 contain a stored Cross-Site Scripting (XSS) vulnerabil...

漏洞标题 CVE-2025-2776: SysAid On-Prem <= 23.3.40 - XML External Entity 漏洞描述 SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (...

漏洞标题 CVE-2025-2776: SysAid On-Prem <= 23.3.40 - XML External Entity 漏洞描述 SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (...

漏洞标题 CVE-2025-31486: Vite server.fs.deny Bypass - Local File Inclusion 漏洞描述 Vite is a frontend tooling framework for javascript. The contents of arbitrary files can be retu...

漏洞标题 CVE-2025-27218: Sitecore Experience Manager (XM)/Experience Platform (XP) 10.4 - Insecure Deserialization 漏洞描述 Sitecore Experience Manager (XM) and Experience Platform...

漏洞标题 CVE-2025-2712: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the langcode par...

漏洞标题 CVE-2025-32970: XWiki WYSIWYG API - Open Redirect 漏洞描述 A vulnerability in XWiki's WYSIWYG API allows an attacker to redirect users to arbitrary external URLs thro...

漏洞标题 CVE-2025-6970: WordPress Events Manager <= 7.0.3 - SQL Injection 漏洞描述 The Events Manager - Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable...

漏洞标题 CVE-2025-64446: FortiWeb - Authentication Bypass 漏洞描述 A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, F...