CWE-639 通过用户控制密钥绕过授权机制 类弱点 1033 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2022-0512 | NPM url-parse 安全漏洞 — unshiftio/url-parse | 9.1 | - | 2022-02-14 |
| CVE-2021-25096 | Wordpress Plugin IP2Location Country Blocker 访问控制错误漏洞 — IP2Location Country Blocker | 6.5 | - | 2022-02-07 |
| CVE-2022-0266 | livehelperchat 安全漏洞 — livehelperchat/livehelperchat | 6.8 | - | 2022-01-19 |
| CVE-2021-3852 | Weseek growi 安全漏洞 — weseek/growi | 8.1 | - | 2022-01-12 |
| CVE-2021-44160 | Carinal Tien Hospital Health Report System 安全漏洞 — Health Report System | 7.3 | High | 2021-12-29 |
| CVE-2021-24739 | WordPress 插件授权问题漏洞 — Logo Carousel – Logo Slider, Logo Showcase, and Clients Logo Gallery | 8.1 | - | 2021-12-21 |
| CVE-2021-43820 | Seafile 安全漏洞 — seafile-server | 7.4 | High | 2021-12-14 |
| CVE-2021-3964 | elgg 安全漏洞 — elgg/elgg | 8.1 | - | 2021-12-01 |
| CVE-2021-36329 | Dell Emc Streaming Data Platform 安全漏洞 — Dell EMC Streaming Data Platform | 6.5 | Medium | 2021-11-30 |
| CVE-2021-24892 | WordPress 安全漏洞 — Advanced Forms Ppro | 8.8 | - | 2021-11-23 |
| CVE-2021-22967 | PortlandLabs Concrete CMS 安全漏洞 — https://github.com/concrete5/concrete5 | 7.5 | - | 2021-11-19 |
| CVE-2021-22951 | PortlandLabs Concrete CMS 安全漏洞 — https://github.com/concrete5/concrete5 | 7.5 | - | 2021-11-19 |
| CVE-2021-24840 | WordPress 插件安全漏洞 — Squaretype | 5.3 | - | 2021-11-08 |
| CVE-2021-39225 | Nextcloud 安全漏洞 — security-advisories | 8.1 | High | 2021-10-25 |
| CVE-2021-40355 | Teamcenter 代码问题漏洞 — Teamcenter V12.4 | 8.8 | - | 2021-09-14 |
| CVE-2021-37184 | Siemens Industrial Edge Management 授权问题漏洞 — Industrial Edge Management | 9.1 | - | 2021-09-14 |
| CVE-2021-37628 | Nextcloud 信息泄露漏洞 — security-advisories | 7.5 | High | 2021-09-07 |
| CVE-2021-37630 | Nextcloud 安全漏洞 — security-advisories | 6.5 | Medium | 2021-09-07 |
| CVE-2021-37631 | Nextcloud安全漏洞 — security-advisories | 6.5 | Medium | 2021-09-07 |
| CVE-2021-24562 | WordPress 插件跨站脚本漏洞 — LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress | 7.5 | - | 2021-08-23 |
| CVE-2021-36801 | Akaunting 安全漏洞 — Akaunting | 8.1 | High | 2021-08-04 |
| CVE-2021-24473 | WordPress 插件访问控制错误漏洞 — User Profile Picture | 5.4 | - | 2021-08-02 |
| CVE-2021-32744 | Collabora Online 安全漏洞 — online | 9.8 | Critical | 2021-07-21 |
| CVE-2021-24374 | WordPress plugin Jetpack Carousel module of the JetPack 安全漏洞 — Jetpack – WP Security, Backup, Speed, & Growth | 5.3 | - | 2021-06-21 |
| CVE-2021-32654 | Nextcloud 安全漏洞 — security-advisories | 8.1 | High | 2021-06-01 |
| CVE-2021-21324 | GLPI 安全漏洞 — glpi | 6.8 | Medium | 2021-03-08 |
| CVE-2020-8297 | Nextcloud Deck 安全漏洞 — Nextcloud Deck | 4.3 | - | 2021-02-23 |
| CVE-2021-21022 | Adobe Magento 授权问题漏洞 — Magento Commerce | 5.3 | - | 2021-02-11 |
| CVE-2021-21012 | Adobe Bridge 缓冲区错误漏洞 — Magento Commerce | 5.3 | - | 2021-01-13 |
| CVE-2020-26068 | Cisco RoomOS Software 权限许可和访问控制问题漏洞 — Cisco TelePresence Endpoint Software (TC/CE) | 5.5 | Medium | 2020-11-18 |
CWE-639(通过用户控制密钥绕过授权机制) 是常见的弱点类别,本平台收录该类弱点关联的 1033 条 CVE 漏洞。