Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 2554 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-22234 Spring Security - BCrypt Password Encoder maximum password length breaks timing attack mitigation SpringSpring Security Medium 5.3 2026-01-22 21:02:24 Deep Dive
CVE-2025-63019 WordPress Cookies and Content Security Policy plugin <= 2.34 - Sensitive Data Exposure vulnerability Johan Jonk StenströmCookies and Content Security Policy Medium 5.3 2026-01-22 16:51:48 Deep Dive
CVE-2026-1325 Sangfor Operation and Maintenance Security Management System edit_pwd_mall password recovery SangforOperation and Maintenance Security Management System Medium 5.3 2026-01-22 13:02:11 Deep Dive
CVE-2021-47867 WIN-PACK PRO 4.8 - 'ScheduleService' Unquoted Service Path SecurityWinpakpro High 7.8 2026-01-21 17:27:45 Deep Dive
CVE-2026-0726 Nexter Extension – Site Enhancements Toolkit <= 4.4.6 - Unauthenticated PHP Object Injection via 'nxt_unserialize_replace' posimyththemesNexter Extension – Security, Performance, Code Snippets & Site Toolkit High 8.1 2026-01-20 14:26:31 Deep Dive
CVE-2026-0519 Information Disclosure in Secure Access Between 12.70 and 14.20 Absolute SecuritySecure Access 中危 -2026-01-17 01:13:59 Deep Dive
CVE-2026-0518 XSS in Secure Access Consoles prior to 14.20 Absolute SecuritySecure Access 中危 -2026-01-17 01:09:29 Deep Dive
CVE-2026-0517 Denial of Service in Secure Access Servers Prior to 14.20. Absolute SecuritySecure Access 中危 -2026-01-17 01:04:56 Deep Dive
CVE-2025-15370 Shield Security <= 21.0.9 - Authenticated (Subscriber+) Insecure Direct Object Reference to Disable Google Authenticator paultgoodchildShield: Blocks Bots, Protects Users, and Prevents Security Breaches Medium 4.3 2026-01-16 04:44:35 Deep Dive
CVE-2025-67931 WordPress BulletProof Security plugin <= 6.9 - Sensitive Data Exposure vulnerability AITproBulletProof Security 中危 -2026-01-08 09:17:49 Deep Dive
CVE-2026-20893 Fujitsu Security Solution AuthConductor Client Basic 访问控制错误漏洞 Fujitsu Client Computing LimitedFujitsu Security Solution AuthConductor Client Basic V2 高危 -2026-01-07 03:16:19 Deep Dive
CVE-2025-15114 Ksenia Security lares Home Automation 1.6 PIN Exposure Vulnerability Ksenia Security S.p.A.lares Critical 9.8 2025-12-30 22:41:47 Deep Dive
CVE-2025-15113 Ksenia Security lares Home Automation 1.6 Remote Code Execution via MPFS Upload Ksenia Security S.p.A.lares High 8.4 2025-12-30 22:41:47 Deep Dive
CVE-2025-15112 Ksenia Security lares Home Automation 1.6 URL Redirection Vulnerability Ksenia Security S.p.A.lares Medium 5.4 2025-12-30 22:41:46 Deep Dive
CVE-2025-15111 Ksenia Security lares Home Automation 1.6 Default Credentials Vulnerability Ksenia Security S.p.A.lares Critical 9.8 2025-12-30 22:41:46 Deep Dive
CVE-2025-62128 WordPress SiteLock Security plugin <= 5.0.1 - Broken Access Control vulnerability SiteLockSiteLock Security – WP Hardening, Login Security & Malware Scans Medium 4.3 2025-12-30 16:23:47 Deep Dive
CVE-2025-13703 VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability VIPREAdvanced Security--2025-12-23 21:30:26 Deep Dive
CVE-2023-53973 Zillya Total Security 3.0.2367.0 Local Privilege Escalation via Quarantine Module ZillyaZillya Total Security High 8.4 2025-12-22 21:35:33 Deep Dive
CVE-2025-66121 WordPress SiteGround Security plugin <= 1.5.8 - Broken Access Control vulnerability SiteGroundSiteGround Security Medium 5.3 2025-12-16 08:12:53 Deep Dive
CVE-2025-13728 FluentAuth - Auth Security Plugin <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'fluent_auth_reset_password' Shortcode techjewelFluentAuth – The Ultimate Authorization & Security Plugin for WordPress Medium 6.4 2025-12-15 14:25:12 Deep Dive