Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 265 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-0604 Keycloak-ldap-federation: authentication bypass due to missing ldap bind after password reset in keycloak -- Medium 5.4 2025-01-22 14:34:46 Deep Dive
CVE-2024-11139 Schneider Electric EcoStruxure Power Build Rapsody 缓冲区错误漏洞 Schneider ElectricEcoStruxure™ Power Build Rapsody 中危 -2025-01-17 08:37:25 Deep Dive
CVE-2025-22731 WordPress Build Private Store For Woocommerce plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability silverplugins217Build Private Store For Woocommerce Medium 4.3 2025-01-15 15:23:36 Deep Dive
CVE-2024-11736 Org.keycloak:keycloak-quarkus-server: unrestricted admin use of system and environment variables -- Medium 4.9 2025-01-14 08:36:09 Deep Dive
CVE-2024-11734 Org.keycloak:keycloak-quarkus-server: denial of service in keycloak server via security headers -- Medium 6.5 2025-01-14 08:35:42 Deep Dive
CVE-2024-49649 WordPress Build App Online plugin <= 1.0.23 - Local File Inclusion vulnerability hakeemnalaBuild App Online Critical 9.8 2025-01-07 10:49:31 Deep Dive
CVE-2024-10973 Keycloak: cli option for encrypted jgroups ignored -- Medium 5.7 2024-12-17 22:59:39 Deep Dive
CVE-2024-12397 Io.quarkus.http/quarkus-http-core: quarkus http cookie smuggling -- High 7.4 2024-12-12 09:05:28 Deep Dive
CVE-2024-12369 Elytron-oidc-client: oidc authorization code injection -- Medium 4.2 2024-12-09 20:53:09 Deep Dive
CVE-2024-12099 Dollie Hub – Build Your Own WordPress Cloud Platform <= 6.2.0 - Authenticated (Contributor+) Post Disclosure getdollieDollie AI – Connect Medium 4.3 2024-12-04 03:37:41 Deep Dive
CVE-2024-53751 WordPress Build App Online plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerability hakeemnalaBuild App Online Medium 5.4 2024-12-02 13:48:37 Deep Dive
CVE-2024-10492 Keycloak-quarkus-server: keycloak path trasversal -- 低危 -2024-11-25 07:37:31 Deep Dive
CVE-2024-10270 Org.keycloak:keycloak-services: keycloak denial of service -- Medium 6.5 2024-11-25 07:37:05 Deep Dive
CVE-2024-10451 Org.keycloak:keycloak-quarkus-server: sensitive data exposure in keycloak build process Red HatRed Hat build of Keycloak 24 Medium 5.9 2024-11-25 07:37:05 Deep Dive
CVE-2024-9666 Org.keycloak/keycloak-quarkus-server: keycloak proxy header handling denial-of-service (dos) vulnerability -- Medium 4.7 2024-11-25 07:29:52 Deep Dive
CVE-2023-4639 Undertow: cookie smuggling/spoofing Red HatMigration Toolkit for Runtimes 1 on RHEL 8 High 7.4 2024-11-17 10:21:45 Deep Dive
CVE-2023-1419 Debezium: script injection via connector parameter Red HatRed Hat build of Debezium Medium 5.9 2024-11-17 10:20:36 Deep Dive
CVE-2023-0657 Keycloak: impersonation via logout token exchange -- Low 3.4 2024-11-17 10:19:04 Deep Dive
CVE-2024-10234 Wildfly: wildfly vulnerable to cross-site scripting (xss) -- Medium 6.1 2024-10-22 13:17:58 Deep Dive
CVE-2024-3656 Keycloak: unguarded admin rest api endpoints allows low privilege users to use administrative functionalities -- High 8.1 2024-10-09 18:59:11 Deep Dive