浏览 100+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-28350 | lxml_html_clean: <base> tag injection through default Cleaner configuration | fedora-python | lxml_html_clean | Medium | 6.1 | 2026-03-05 19:49:56 | Deep Dive |
| CVE-2026-28348 | lxml_html_clean: CSS @import Filter Bypass via Unicode Escapes | fedora-python | lxml_html_clean | Medium | 6.1 | 2026-03-05 19:49:26 | Deep Dive |
| CVE-2025-1272 | Kernel: secure boot does not automatically enable kernel lockdown | Fedora Project | Fedora Linux | High | 7.7 | 2026-02-18 20:29:15 | Deep Dive |
| CVE-2025-23012 | Fedora Repository fedoraIntCallUser default credentials | Fedora Repository | Fedora Repository | High | 7.5 | 2025-01-23 20:25:01 | Deep Dive |
| CVE-2025-23011 | Fedora Repository archive extraction path traversal | Fedora Repository | Fedora Repository | High | 8.8 | 2025-01-23 20:22:31 | Deep Dive |
| CVE-2024-52595 | HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through | fedora-python | lxml_html_clean | High | 7.7 | 2024-11-19 21:27:09 | Deep Dive |
| CVE-2024-2746 | Incomplete fix for CVE-2024-1929 | Fedora | dnf5daemon-server | High | 8.8 | 2024-05-08 01:55:10 | Deep Dive |
| CVE-2024-1929 | Local Root Exploit via Configuration Dictionary | Fedora | dnf5daemon-server | High | 7.5 | 2024-05-08 01:53:35 | Deep Dive |
| CVE-2024-1930 | No Limit on Number of Open Sessions / Bad Session Close Behaviour | Fedora | dnf5daemon-server | Medium | 6.5 | 2024-05-08 01:52:55 | Deep Dive |
| CVE-2023-4235 | Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_deliver_report() function | - | ofono | High | 8.1 | 2024-04-17 22:54:27 | Deep Dive |
| CVE-2023-4234 | Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_submit_report() function | - | ofono | High | 8.1 | 2024-04-17 22:53:33 | Deep Dive |
| CVE-2023-4233 | Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the sms_decode_address_field() function | - | ofono | High | 8.1 | 2024-04-17 22:50:50 | Deep Dive |
| CVE-2023-4232 | Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_status_report() function | - | ofono | High | 8.1 | 2024-04-17 22:49:13 | Deep Dive |
| CVE-2023-3966 | Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet | - | openvswitch | High | 7.5 | 2024-02-22 12:15:53 | Deep Dive |
| CVE-2024-1312 | Kernel: race condition leads to use after free during vma lock in lock_vma_under_rcu | - | kernel | Medium | 5.1 | 2024-02-08 12:38:03 | Deep Dive |
| CVE-2021-4435 | Yarn: untrusted search path | - | yarn | High | 7.7 | 2024-02-04 19:16:36 | Deep Dive |
| CVE-2023-6780 | Glibc: integer overflow in __vsyslog_internal() | - | glibc | Medium | 5.3 | 2024-01-31 14:08:03 | Deep Dive |
| CVE-2023-6779 | Glibc: off-by-one heap-based buffer overflow in __vsyslog_internal() | - | glibc | High | 8.2 | 2024-01-31 14:07:42 | Deep Dive |
| CVE-2023-6246 | Glibc: heap-based buffer overflow in __vsyslog_internal() | - | glibc | High | 8.4 | 2024-01-31 14:06:22 | Deep Dive |
| CVE-2023-6258 | Pkcs11-provider: side-channel proofing pkcs#1 1.5 paths | - | pkcs11-provider | High | 8.1 | 2024-01-30 16:55:19 | Deep Dive |