排序
CVE-2025-34023: Karel IP Phone IP1211 Web Management Panel – Local File Inclusion
漏洞标题 CVE-2025-34023: Karel IP Phone IP1211 Web Management Panel - Local File Inclusion 漏洞描述 Karel IP Phone IP1211 Web Management Panel is vulnerable to local file inclusion...
2025年11月2日 02:38CVE-2025-2712: Yonyou UFIDA ERP-NC V5.0 – Cross-Site Scripting
漏洞标题 CVE-2025-2712: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the langcode par...
2025年11月1日 19:40Apache Tomcat 远程命令执行(CVE-2025-24813)
漏洞标题 Apache Tomcat 远程命令执行(CVE-2025-24813) 漏洞描述 Apache Tomcat 是一个开源的 Java Servlet 容器,广泛用于运行基于 Java 的 Web 应用程序。该漏洞(CVE-2025-24813)允许远程攻...
2025年11月1日 14:51CVE-2025-34031: Moodle Jmol Filter 6.1 – Local File Inclusion
漏洞标题 CVE-2025-34031: Moodle Jmol Filter 6.1 - Local File Inclusion 漏洞描述 Moodle Jmol Filter 6.1 is vulnerable to local file inclusion through the jsmol.php file, allowing at...
2025年10月31日 13:56CVE-2025-34077: WordPress Pie Register <= 3.7.1.4 - Authentication Bypass
漏洞标题 CVE-2025-34077: WordPress Pie Register <= 3.7.1.4 - Authentication Bypass 漏洞描述 An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤...
2025年10月31日 02:58CVE-2025-24963: Vitest Browser Mode – Local File Read
漏洞标题 CVE-2025-24963: Vitest Browser Mode - Local File Read 漏洞描述 Vitest is a testing framework powered by Vite. The `__screenshot-error` handler on the browser mode HTTP ser...
2025年10月30日 11:08CVE-2025-49844: Redis Lua Parser < 8.2.2 - Use After Free
漏洞标题 CVE-2025-49844: Redis Lua Parser < 8.2.2 - Use After Free 漏洞描述 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an ...
2025年10月30日 06:23CVE-2025-2710: Yonyou UFIDA ERP-NC V5.0 – Cross-Site Scripting
漏洞标题 CVE-2025-2710: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the flag paramet...
2025年10月30日 06:04CVE-2025-47423: Personal Weather Station Dashboard 12 – Directory Traversal
漏洞标题 CVE-2025-47423: Personal Weather Station Dashboard 12 - Directory Traversal 漏洞描述 Personal Weather Station Dashboard 12_lts allows unauthenticated remote attackers to r...
2025年10月30日 02:50CVE-2025-49002: DataEase 远程代码执行漏洞
漏洞标题 CVE-2025-49002: DataEase 远程代码执行漏洞 漏洞描述 CVE-2025-49002 是由于H2数据库模块没有严格过滤用户输入的JDBC连接参数,可使用大小写绕过补丁。攻击者可利用这些漏洞实现未授...
2025年10月29日 21:13CVE-2025-54249: Adobe Experience Manager ≤ 6.5.23.0 – SSRF
漏洞标题 CVE-2025-54249: Adobe Experience Manager ≤ 6.5.23.0 – SSRF 漏洞描述 Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery ...
2025年10月29日 00:18CVE-2025-1023: ChurchCRM – SQL Injection
漏洞标题 CVE-2025-1023: ChurchCRM - SQL Injection 漏洞描述 A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiti...
2025年10月27日 09:22CVE-2025-27218: Sitecore Experience Manager (XM)/Experience Platform (XP) 10.4 – Insecure Deserialization
漏洞标题 CVE-2025-27218: Sitecore Experience Manager (XM)/Experience Platform (XP) 10.4 - Insecure Deserialization 漏洞描述 Sitecore Experience Manager (XM) and Experience Platform...
2025年10月26日 23:29CVE-2025-34031: Moodle Jmol Filter 6.1 – Local File Inclusion
漏洞标题 CVE-2025-34031: Moodle Jmol Filter 6.1 - Local File Inclusion 漏洞描述 Moodle Jmol Filter 6.1 is vulnerable to local file inclusion through the jsmol.php file, allowing at...
2025年10月26日 21:42CVE-2025-31489: MinIO – Incomplete Signature Validation for Unsigned-Trailer Uploads
漏洞标题 CVE-2025-31489: MinIO - Incomplete Signature Validation for Unsigned-Trailer Uploads 漏洞描述 MinIO is a High Performance Object Storage released under GNU Affero General ...
2025年10月25日 14:52CVE-2025-1661: HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion
漏洞标题 CVE-2025-1661: HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion 漏洞描述 The HUSKY – Products Filter Professiona...
2025年10月24日 16:55
