Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-807 (在安全决策中依赖未经信任的输入) — Vulnerability Class 53

53 vulnerabilities classified as CWE-807 (在安全决策中依赖未经信任的输入). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-49827 Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) Vulnerable to Bypass of IAM Authenticator — conjur 8.2AIHighAI2025-07-15
CVE-2024-55354 Lucee 安全漏洞 — Lucee Server 8.8 High2025-04-08
CVE-2025-0117 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability — GlobalProtect App 7.8 -2025-03-12
CVE-2025-1969 Request approval spoofing in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center — Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center 4.3 Medium2025-03-04
CVE-2025-1126 Lexmark has identified a vulnerability in our Lexmark Print Management Client (LPMC). — Lexmark Print Management Client 9.3 Critical2025-02-11
CVE-2025-24369 Anubis has a bot protection bypass when a sophisticated attacker asks to pass a challenge of difficulty 0 — x 4.9 -2025-01-27
CVE-2024-9310 Traffic Alert and Collision Avoidance System (TCAS) II has a Reliance on Untrusted Inputs in a Security Decision vulnerability — Collision Avoidance Systems 6.5 -2025-01-22
CVE-2024-45654 IBM Security ReaQta improper input validation — Security ReaQta 4.3 Medium2025-01-19
CVE-2024-11146 TrueFiling authorization bypass via user-controlled keys — TrueFiling 6.3 Medium2025-01-17
CVE-2024-47254 2N Access Commander 安全漏洞 — 2N Access Commander 6.3 Medium2024-11-05
CVE-2024-51561 Authentication bypass Vulnerability in Aero — Aero 6.8AIMediumAI2024-11-04
CVE-2024-21510 Sinatra 安全漏洞 — sinatra 5.4 Medium2024-11-01
CVE-2024-5754 BT: Encryption procedure host vulnerability — Zephyr 8.2 High2024-09-13
CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state — tpm2-tools 9.1 Critical2024-06-28
CVE-2023-46686 Gallagher Command Centre 安全漏洞 — Command Centre Diagnostics Service 5.5 Medium2023-12-18
CVE-2022-24400 DCK pinning attack in TETRA — TETRA Standard 7.5 High2023-10-19
CVE-2023-0009 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability — GlobalProtect App 7.8 High2023-06-14
CVE-2022-20744 Cisco Firepower Management Center Software Information Disclosure Vulnerability — Cisco Firepower Management Center 6.5 -2022-05-03
CVE-2021-36777 login-proxy sends password to attacker-provided domain — Build service 8.1 High2022-03-09
CVE-2021-31999 Rancher: Privilege escalation vulnerability via malicious Connection header — Rancher 8.8 High2021-07-15
CVE-2021-29479 Cached redirect poisoning via X-Forwarded-Host header — ratpack 7.0 High2021-06-29
CVE-2020-5252 Malicious package may avoid detection in python auditing — safety 5.0 Medium2020-03-23
CVE-2017-0887 Nextcloud Server 安全漏洞 — Nextcloud Server 2.7 -2017-04-05

Vulnerabilities classified as CWE-807 (在安全决策中依赖未经信任的输入) represent 53 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.