Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-88 (参数注入或修改) — Vulnerability Class 141

141 vulnerabilities classified as CWE-88 (参数注入或修改). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-22583 Salesforce Marketing Cloud Engagement 安全漏洞 — Marketing Cloud Engagement 7.5 -2026-01-24
CVE-2026-22582 Salesforce Marketing Cloud Engagement 安全漏洞 — Marketing Cloud Engagement 9.1 -2026-01-24
CVE-2026-0774 WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability — WatchYourLAN 8.8 -2026-01-23
CVE-2026-24061 GNU Inetutils 参数注入漏洞 — Inetutils 9.8 Critical2026-01-21
CVE-2025-67858 A crafted "interface" input parameter can lead to integrity loss of the firewall configuration — Foomuuri 9.8 -2026-01-08
CVE-2025-66002 Local users can perform arbitrary unmounts via smb4k mount helper due to lack of input validation — smb4k 7.1 -2026-01-08
CVE-2025-14946 Libnbd: libnbd: arbitrary code execution via ssh argument injection through a malicious uri — libnbd 4.8 Medium2025-12-19
CVE-2025-68144 mcp-server-git argument injection in git_diff and git_checkout functions allows overwriting local files — servers 9.1AICriticalAI2025-12-17
CVE-2025-62847 QTS, QuTS hero — QTS 9.1AICriticalAI2025-12-16
CVE-2024-58275 Easywall 0.3.1 - Authentication Bypass via Command Injection in /ports-save Endpoint — Easywall 8.8AIHighAI2025-12-04
CVE-2025-12613 Cloudinary Node SDK 安全漏洞 — cloudinary 8.6 High2025-11-10
CVE-2025-12556 IDIS ICM Viewer Argument Injection — ICM Viewer 8.8 High2025-11-06
CVE-2025-36565 Dell PowerProtect Data Domain 参数注入漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 6.7 Medium2025-10-07
CVE-2025-43905 Dell PowerProtect Data Domain 参数注入漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 4.3 Medium2025-10-07
CVE-2025-59489 Unity Runtime 参数注入漏洞 — Unity Editor 7.4 High2025-10-03
CVE-2025-59937 go-mail has insufficient address encoding when passing mail addresses to the SMTP client — go-mail 8.2AIHighAI2025-09-29
CVE-2025-59433 @conventional-changelog/git-client has an Argument Injection vulnerability — conventional-changelog 5.3 Medium2025-09-22
CVE-2025-47421 Privilege escalation via SCP login — TOUCHSCREENS x70 7.2AIHighAI2025-09-03
CVE-2025-43730 Dell ThinOS 10 参数注入漏洞 — ThinOS 10 8.4 High2025-08-27
CVE-2025-57791 Argument Injection Vulnerability in CommServe — CommCell 8.8 -2025-08-20
CVE-2025-6232 Lenovo Vantage 安全漏洞 — Vantage 7.8 High2025-07-17
CVE-2025-6231 Lenovo Vantage 安全漏洞 — Vantage 7.8 High2025-07-17
CVE-2025-53509 Advantech iView Argument Injection — iView 6.5 Medium2025-07-10
CVE-2025-52459 Advantech iView Argument Injection — iView 6.5 Medium2025-07-10
CVE-2025-46835 Git GUI can create and overwrite files for which the user has write permission — git-gui 8.5 High2025-07-10
CVE-2025-48385 Git alllows arbitrary file writes via bundle-uri parameter injection — git 8.8 -2025-07-08
CVE-2025-49520 Event-driven-ansible: authenticated argument injection in git url in eda project creation — Red Hat Ansible Automation Platform 2.5 for RHEL 8 8.8 High2025-06-30
CVE-2025-52480 Registrator.jl Argument Injection Vulnerability — Registrator.jl 9.8AICriticalAI2025-06-25
CVE-2025-35010 Microhard Bullet-LTE and IPn4Gii AT+MNPINGTM Argument Injection — IPn4Gii / Bullet-LTE Firmware 7.1 High2025-06-08
CVE-2025-35009 Microhard Bullet-LTE and IPn4Gii AT+MNNETSP Argument Injection — IPn4Gii / Bullet-LTE Firmware 7.1 High2025-06-08

Vulnerabilities classified as CWE-88 (参数注入或修改) represent 141 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.