Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-346 (源验证错误) — Vulnerability Class 152

152 vulnerabilities classified as CWE-346 (源验证错误). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-57965 Axios 安全漏洞 — axios--2025-01-29
CVE-2025-24010 Vite allows any websites to send any requests to the development server and read the response — vite 6.5 Medium2025-01-20
CVE-2023-46715 Fortinet FortiOS 访问控制错误漏洞 — FortiProxy 4.7 Medium2025-01-14
CVE-2024-55917 Trend Micro Apex One 安全漏洞 — Trend Micro Apex One 7.8 High2024-12-31
CVE-2024-10534 Improper Access Control in Dataprom Informatics' PACS-ACSS — Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS) 9.8AICriticalAI2024-11-15
CVE-2024-6674 Data Leak through CORS Misconfiguration in parisneo/lollms-webui — parisneo/lollms-webui 7.1AIHighAI2024-10-29
CVE-2024-23458 Local Privilege Escalation on Zscaler Client Connector on Windows — Client Connector 7.3 High2024-08-06
CVE-2024-22062 Permissions and Access Control Vulnerability in ZTE ZXCLOUD IRAI — ZXCLOUD IRAI 6.3 Medium2024-07-09
CVE-2024-5549 Data leak through CORS misconfiguration in stitionai/devika — stitionai/devika 8.2 -2024-07-09
CVE-2024-36421 GHSL-2023-234: Flowise Cors Misconfiguration in packages/server/src/index.ts — Flowise 7.5 High2024-07-01
CVE-2024-6301 Origin Validation Error in Conduit — Conduit 5.3 Medium2024-06-25
CVE-2024-5905 Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent — Cortex XDR Agent 7.1AIHighAI2024-06-12
CVE-2024-28883 BIG-IP APM browser network access VPN client vulnerability — BIG-IP Edge Client 7.4 High2024-05-08
CVE-2024-2377 Hitachi Energy SDM600 安全漏洞 — SDM600 7.6 High2024-04-30
CVE-2024-1249 Keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkloginiframe leads to ddos 7.4 High2024-04-17
CVE-2023-5973 Truncated port name — Fabric OS 4.3 Medium2024-04-05
CVE-2024-2182 Ovn: insufficient validation of bfd packets may lead to denial of service 6.5 Medium2024-03-12
CVE-2024-25996 PHOENIX CONTACT: Remote code execution due to an origin validation error in CHARX Series — CHARX SEC-3000 5.3 Medium2024-03-12
CVE-2023-30996 IBM Cognos Analytics cross-origin resource sharing — Cognos Analytics 5.3 Medium2024-02-24
CVE-2024-25124 Fiber has Insecure CORS Configuration, Allowing Wildcard Origin with Credentials — fiber 9.4 Critical2024-02-21
CVE-2024-26135 MeshCentral cross-site websocket hijacking (CSWSH) vulnerability — MeshCentral 8.4 High2024-02-20
CVE-2024-24782 HIMA: Origin Validation Error in multiple products — F30 03X YY (COM) 4.3 Medium2024-02-13
CVE-2024-24557 Moby classic builder cache poisoning — moby 6.9 Medium2024-02-01
CVE-2023-20275 Cisco Adaptive Security Appliance 和 Firepower Threat Defense 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software 4.1 Medium2023-12-12
CVE-2023-49803 @koa/cors has overly permissive origin policy — cors 8.6 High2023-12-11
CVE-2023-28794 PAC Files Exposed to Internet Websites — Client Connector 4.3 Medium2023-11-06
CVE-2023-28795 Client IPC validation bypass — Client Connector 7.8 High2023-10-23
CVE-2021-26737 Privilege Escalation Using PID Reuse in ZCC macOS — Client Connector 5.5 Medium2023-10-23
CVE-2021-26735 Untrusted Search Path While Executing REG DELETE by Uninstaller — Client Connector 6.7 Medium2023-10-23
CVE-2023-44190 Junos OS Evolved: PTX10001, PTX10004, PTX10008, PTX10016: MAC address validation bypass vulnerability — Junos OS Evolved 6.1 Medium2023-10-11

Vulnerabilities classified as CWE-346 (源验证错误) represent 152 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.