浏览 34+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2252 | XML External Entity (XXE) vulnerability resulting in Server-Side Request Forgery (SSRF) | Xerox | FreeFlow Core | High | 7.5 | 2026-02-27 08:18:18 | Deep Dive |
| CVE-2026-2251 | Path Traversal leading to Remote Code Execution (RCE) | Xerox | FreeFlow Core | Critical | 9.8 | 2026-02-27 08:08:52 | Deep Dive |
| CVE-2026-1769 | Stored XSS on Xerox CentreWare Web 7.0.6 | Xerox | CentreWare | Medium | 5.3 | 2026-02-06 17:19:45 | Deep Dive |
| CVE-2025-8356 | Path Traversal leading to RCE | Xerox | FreeFlow Core | Critical | 9.8 | 2025-08-08 15:40:13 | Deep Dive |
| CVE-2025-8355 | XXE leading to SSRF | Xerox | FreeFlow Core | High | 7.5 | 2025-08-08 15:31:45 | Deep Dive |
| CVE-2025-1984 | Local Privilege Escalation on Xerox® Desktop Print Experience® v8.5 | Xerox | Xerox® Desktop Print Experience | Medium | 5.2 | 2025-03-12 15:27:08 | Deep Dive |
| CVE-2024-12511 | SMB/FTP Address Book Scan Pass-back attack | Xerox | Versalink B400 | High | 7.6 | 2025-02-03 19:23:52 | Deep Dive |
| CVE-2024-12510 | LDAP Authentication Sever Pass-back attack | Xerox | Versalink B400 | Medium | 6.7 | 2025-02-03 18:52:17 | Deep Dive |
| CVE-2024-55931 | Token stored in session storage | Xerox | Xerox Workplace Suite | Medium | 6.5 | 2025-01-27 11:28:46 | Deep Dive |
| CVE-2024-55930 | Weak default folder permissions | Xerox | Xerox Workplace Suite | Medium | 6.7 | 2025-01-23 17:36:02 | Deep Dive |
| CVE-2024-55929 | Mail spoofing | Xerox | Xerox Workplace Suite | Medium | 5.3 | 2025-01-23 17:30:34 | Deep Dive |
| CVE-2024-55928 | Clear text secrets returned & Remote system secrets in clear text | Xerox | Xerox Workplace Suite | Medium | 6.5 | 2025-01-23 17:25:47 | Deep Dive |
| CVE-2024-55927 | Flawed token generation implementation & Hard-coded key implementation | Xerox | Xerox Workplace Suite | High | 7.6 | 2025-01-23 17:20:30 | Deep Dive |
| CVE-2024-55926 | Arbitrary file upload, deletion and read through header manipulation | Xerox | Xerox Workplace Suite | High | 7.6 | 2025-01-23 17:12:21 | Deep Dive |
| CVE-2024-55925 | API Security bypass through header manipulation | Xerox | Xerox Workplace Suite | High | 7.5 | 2025-01-23 17:03:33 | Deep Dive |
| CVE-2024-6333 | Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products | Xerox | AltaLink® B8045 / B8055 / B8065 / B8075 / B8090 | C8030 / C8035 / C8045 / C8055 / C807 | High | 7.2 | 2024-10-17 13:51:16 | Deep Dive |
| CVE-2024-47559 | Authenticated RCE via Path Traversal | Xerox | FreeFlow Core | High | 7.6 | 2024-10-07 18:21:40 | Deep Dive |
| CVE-2024-47558 | Authenticated RCE via Path Traversal | Xerox | FreeFlow Core | High | 7.6 | 2024-10-07 18:19:52 | Deep Dive |
| CVE-2024-47557 | Pre-Auth RCE via Path Traversal | Xerox | FreeFlow Core | High | 8.3 | 2024-10-07 18:17:55 | Deep Dive |
| CVE-2024-47556 | Pre-Auth RCE via Path Traversal | Xerox | FreeFlow Core | High | 8.3 | 2024-10-07 18:14:08 | Deep Dive |