Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-184 (不完整的黑名单) — Vulnerability Class 74

74 vulnerabilities classified as CWE-184 (不完整的黑名单). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-67747 Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list — fickling 8.4AIHighAI2025-12-16
CVE-2025-67716 Auth0 Next.js SDK has Improper Validation of Query Parameters — nextjs-auth0 5.7 Medium2025-12-11
CVE-2025-61924 PrestaShop Checkout Target PayPal merchant account hijacking from backoffice — ps_checkout 3.8 Low2025-10-16
CVE-2025-48732 WWBN AVideo 安全漏洞 — AVideo 7.3 High2025-07-24
CVE-2025-24388 Unsafe handling of AJAX calls — OTRS 3.8 Low2025-06-16
CVE-2025-1484 Hitachi Asset Suite 安全漏洞 — Asset Suite 6.5 Medium2025-05-30
CVE-2025-46417 picklescan 安全漏洞 — Picklescan 9.1 -2025-04-24
CVE-2025-29822 Microsoft OneNote Security Feature Bypass Vulnerability — Microsoft 365 Apps for Enterprise 7.8 High2025-04-08
CVE-2025-1716 picklescan - Security scanning bypass via 'pip main' — picklescan 8.1 -2025-02-26
CVE-2024-54149 Winter CMS Modules allows a sandbox bypass in Twig templates leading to data modification and deletion — winter 8.5 High2024-12-09
CVE-2024-32152 Ankitects Anki 安全漏洞 — Anki 3.1 Low2024-07-22
CVE-2024-5217 Incomplete Input Validation in GlideExpression Script — Now Platform 9.8 Critical2024-07-10
CVE-2024-5178 Incomplete Input Validation in SecurelyAccess API — Now Platform 4.9 Medium2024-07-10
CVE-2024-30103 Microsoft Outlook Remote Code Execution Vulnerability — Microsoft Office 2019 8.8 High2024-06-11
CVE-2024-20278 Cisco IOS XE Software 安全漏洞 — Cisco IOS XE Software 6.5 Medium2024-03-27
CVE-2024-28246 KaTeX is missing normalization of the protocol in URLs allows bypassing forbidden protocols — KaTeX 5.5 Medium2024-03-25
CVE-2023-45593 AiLux imx6 安全漏洞 — imx6 bundle 6.8 Medium2024-03-05
CVE-2023-45133 Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code — babel 9.4 Critical2023-10-12
CVE-2023-3374 Privilege Escalation in Bookreen — Bookreen 9.8 Critical2023-09-05
CVE-2023-40037 Apache NiFi: Incomplete Validation of JDBC and JNDI Connection URLs — Apache NiFi 8.1 -2023-08-18
CVE-2023-23844 SolarWinds Platform Incomplete List of Disallowed Inputs Vulnerability — SolarWinds Platform 7.2 High2023-07-26
CVE-2023-34253 Grav vulnerable to Server-side Template Injection (SSTI) via Denylist Bypass — grav 8.8 High2023-06-14
CVE-2023-34252 Grav Server-side Template Injection via Insufficient Validation in filterFilter — grav 8.8 High2023-06-14
CVE-2023-2017 Improper Control of Generation of Code in Twig Rendered Views in Shopware — Shopware 6 8.8 High2023-04-17
CVE-2022-34888 Lenovo XClarity Controller 安全漏洞 — Lenovo XClarity Controller 2.7 Low2023-01-30
CVE-2022-32763 Lansweeper 跨站脚本漏洞 — lansweeper 5.4 -2022-12-19
CVE-2022-35962 Crafted link in Zulip message can cause disclosure of credentials — zulip-mobile 8.0 High2022-08-29
CVE-2022-38179 JetBrains Ktor framework 安全漏洞 — Ktor 4.7 Medium2022-08-12
CVE-2021-31370 Junos OS: QFX5000 Series and EX4600 Series: Control traffic might be dropped if a high rate of specific multicast traffic is received — Junos OS 6.5 Medium2021-10-19
CVE-2021-25737 Holes in EndpointSlice Validation Enable Host Network Hijack — Kubernetes 2.7 Low2021-09-06

Vulnerabilities classified as CWE-184 (不完整的黑名单) represent 74 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.