Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-829 (从非可信控制范围包含功能例程) — Vulnerability Class 105

105 vulnerabilities classified as CWE-829 (从非可信控制范围包含功能例程). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-45482 Privilege escalation in B&R APROL — B&R APROL 7.8AIHighAI2025-03-25
CVE-2025-27607 Python JSON Logger has a Potential RCE via missing `msgspec-python313-pre` dependency — python-json-logger 8.8 High2025-03-07
CVE-2025-24796 Remote Code Execution within Collabora Online jail with Macros Enabled — online 9.8 -2025-03-06
CVE-2025-27510 RCE in the package conda-forge-metadata — conda-forge-metadata 9.8 -2025-03-04
CVE-2025-0982 Sandbox Escape in Google Cloud Application Integration's JavaScript Task (Rhino Engine) — Application Integration 10.0 -2025-02-06
CVE-2022-49038 Synology Drive 安全漏洞 — Synology Drive Client 7.8 High2024-09-26
CVE-2024-43690 Gallagher Command Centre Server 安全漏洞 — Command Centre Server 8.0 High2024-09-11
CVE-2024-29073 Ankitects Anki 安全漏洞 — Anki 5.3 Medium2024-07-22
CVE-2024-38537 Inclusion of Untrusted polyfill.io Code Vulnerability in fides.js — fides--2024-07-02
CVE-2024-38476 Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect — Apache HTTP Server 9.1AICriticalAI2024-07-01
CVE-2024-3043 Zigbee co-ordinator realignment packet may lead to denial of service — Ember ZNet SDK 7.5 High2024-06-27
CVE-2023-49133 TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) 8.1 High2024-04-09
CVE-2023-49134 TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) 8.1 High2024-04-09
CVE-2024-28184 WeasyPrint allows the attachment of arbitrary files and URLs to a PDF — WeasyPrint 7.4 High2024-03-09
CVE-2024-24821 Code execution and possible privilege escalation via compromised InstalledVersions.php or installed.php in Composer — composer 8.8 High2024-02-08
CVE-2022-31021 Unlinkability broken in ursa when verifiers use malicious keys — ursa 3.3 Low2024-01-16
CVE-2023-4591 Inclusion of Functionality from Untrusted Control Sphere in WPN-XM Serverstack — Serverstack 7.5 High2023-11-03
CVE-2023-45798 Yettiesoft VestCert Remote Code Execution Vulnerability — VestCert 8.4 High2023-10-30
CVE-2023-5523 M-Files Web Companion allows Remote Code Execution — Web Companion 8.6 High2023-10-20
CVE-2023-41267 Apache HDFS Provider error message suggested installation of incorrect pip package — Apache Airflow HDFS Provider 8.8 -2023-09-14
CVE-2023-2453 Local file Inclusion (LFI) in Forum Infusion via Directory Traversal — PHPFusion 8.8 High2023-09-05
CVE-2023-31170 Inclusion of Functionality from Untrusted Control Sphere — SEL-5030 acSELerator QuickSet Software 5.9 Medium2023-08-31
CVE-2023-31168 Inclusion of Functionality from Untrusted Control Sphere — SEL-5030 acSELerator QuickSet Software 5.5 Medium2023-08-31
CVE-2023-36609 Ovarro TBox RTUs 安全漏洞 — TBox MS-CPU32 7.2 High2023-07-03
CVE-2022-46302 Remote Code Execution with Root Privileges via Broad Apache Permissions — Checkmk 8.8 High2023-04-20
CVE-2022-4134 glance 安全漏洞 — openstack 3.5 -2023-03-06
CVE-2023-26053 Gradle usage of long IDs for PGP keys opens potential for collision attacks — gradle 6.6 Medium2023-03-02
CVE-2022-41216 Cloudflow - Local File Inclusion Vulnerability — Cloudflow 8.3 High2023-02-22
CVE-2022-22246 Junos OS: PHP file inclusion vulnerability in J-Web — Junos OS 7.5 High2022-10-18
CVE-2022-33317 Mitsubishi Electric MC Works64和ICONICS GENESIS64 安全漏洞 — GENESIS64 7.8 High2022-07-20

Vulnerabilities classified as CWE-829 (从非可信控制范围包含功能例程) represent 105 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.