浏览 31+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-22246 | CVE-2025-22246 – UAA Private Key Exposure | Cloud Foundry | UAA | Low | 3.0 | 2025-05-13 05:14:41 | Deep Dive |
| CVE-2025-22216 | CVE-2025-22216 UAA Missing Zone Validation | Cloud Foundry | Cloud Foundry UAA | Medium | 5.4 | 2025-01-31 05:47:25 | Deep Dive |
| CVE-2021-22001 | UAA server 信息泄露漏洞 | - | Cloud Foundry UAA server | 高危 | - | 2021-07-22 13:17:35 | Deep Dive |
| CVE-2020-5402 | UAA fails to check the state parameter when authenticating with external IDPs | Cloud Foundry | UAA | 高危 | - | 2020-02-27 19:30:24 | Deep Dive |
| CVE-2019-11293 | UAA logs all query parameters with debug logging level | Cloud Foundry | UAA Release | 中危 | - | 2019-12-06 20:00:17 | Deep Dive |
| CVE-2019-11290 | Cloud Foundry UAA logs query parameters in tomcat access file | Cloud Foundry | UAA Release | 高危 | - | 2019-11-25 23:56:17 | Deep Dive |
| CVE-2019-11282 | UAA is vulnerable to a Blind SCIM injection leading to information disclosure | Cloud Foundry | UAA Release | 中危 | - | 2019-10-23 15:28:24 | Deep Dive |
| CVE-2019-11279 | Privilege Escalation via Scope Manipulation in UAA | Cloud Foundry | UAA Release (OSS) | 高危 | - | 2019-09-26 21:15:10 | Deep Dive |
| CVE-2019-11278 | Privilege Escalation via Blind SCIM Injection in UAA | Cloud Foundry | UAA Release (OSS) | 高危 | - | 2019-09-26 21:11:24 | Deep Dive |
| CVE-2019-11274 | UAA SCIM Filter XSS | Cloud Foundry | UAA Release (OSS) | 中危 | - | 2019-08-09 19:22:18 | Deep Dive |
| CVE-2019-11270 | UAA clients.write vulnerability | Cloud Foundry | UAA Release (OSS) | 高危 | - | 2019-08-05 16:21:55 | Deep Dive |
| CVE-2019-3794 | UAA - Login app subject to clickjacking attack | Cloud Foundry | UAA Release (OSS) | 中危 | - | 2019-07-18 15:47:00 | Deep Dive |
| CVE-2019-11268 | UAA SQL Identity Zone Vulnerability | Cloud Foundry | UAA Release (OSS) | 中危 | - | 2019-07-11 18:11:37 | Deep Dive |
| CVE-2019-3787 | UAA defaults email address to an insecure domain | Cloud Foundry | UAA Release (OSS) | 高危 | - | 2019-06-19 22:28:07 | Deep Dive |
| CVE-2019-3801 | Java Projects using HTTP to fetch dependencies | Cloud Foundry | CredHub | 超危 | - | 2019-04-25 20:17:37 | Deep Dive |
| CVE-2019-3788 | UAA redirect-uri allows wildcard in the subdomain | Cloud Foundry | UAA Release (OSS) | 中危 | - | 2019-04-25 20:17:37 | Deep Dive |
| CVE-2019-3775 | UAA allows users to modify their own email address | Cloud Foundry | UAA Release (OSS) | 中危 | - | 2019-03-07 19:00:00 | Deep Dive |
| CVE-2018-15754 | UAA can issue tokens across identity providers if users with matching usernames exist | Cloud Foundry | UAA Release | 高危 | - | 2018-12-13 22:00:00 | Deep Dive |
| CVE-2018-15761 | UAA Privilege Escalation | Cloud Foundry | UAA | 高危 | - | 2018-11-19 14:00:00 | Deep Dive |
| CVE-2018-11082 | Cloud Foundry UAA MFA does not prevent brute force of MFA code | Cloud Foundry | UAA Release | 超危 | - | 2018-10-05 21:00:00 | Deep Dive |