Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-915 — Vulnerability Class 51

51 vulnerabilities classified as CWE-915. AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-10359 Mass Assignment in Preset Creation Allows User ID Manipulation in danny-avila/librechat — danny-avila/librechat 5.4 -2025-03-20
CVE-2025-2304 Camaleon CMS Privilege Escalation — camaleon-cms 8.8 -2025-03-14
CVE-2025-24370 Django-Unicorn Class Pollution Vulnerability, Leading to XSS, DoS and Authentication Bypass — django-unicorn 9.1 -2025-02-03
CVE-2024-55638 Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008 — Drupal Core 9.8 -2024-12-09
CVE-2024-55637 Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-007 — Drupal Core 9.8 -2024-12-09
CVE-2024-55636 Drupal core - Less critical - Gadget chain - SA-CORE-2024-006 — Drupal Core 9.8 -2024-12-09
CVE-2024-5452 RCE via Property/Class Pollution in lightning-ai/pytorch-lightning — lightning-ai/pytorch-lightning 8.8AIHighAI2024-06-06
CVE-2024-0404 Mass Assignment Vulnerability in mintplex-labs/anything-llm — mintplex-labs/anything-llm 9.8 -2024-04-16
CVE-2024-3283 Privilege Escalation via Mass Assignment in mintplex-labs/anything-llm — mintplex-labs/anything-llm 7.2AIHighAI2024-04-10
CVE-2023-39983 MXsecurity Register Database Pollution — MXsecurity Series 5.3 Medium2023-09-02
CVE-2023-32079 Netmaker Privilige Escalation Vulnerability — netmaker 8.8 High2023-08-24
CVE-2022-43441 node-sqlite3 安全漏洞 — node-sqlite3 8.1 High2023-03-16
CVE-2022-4068 Improperly Controlled Modification of Dynamically-Determined Object Attributes in librenms/librenms — librenms/librenms 8.2 -2022-11-20
CVE-2022-2625 PostgreSQL 安全漏洞 — postgresql 7.1 -2022-08-18
CVE-2022-31106 Prototype Pollution in underscore.deep — underscore.deep 8.3 High2022-06-28
CVE-2022-24802 Prototype Pollution in deepmerge-ts — deepmerge-ts 8.1 High2022-03-31
CVE-2021-32811 Remote Code Execution via Script (Python) objects under Python 3 — Zope 7.5 High2021-08-02
CVE-2021-32807 Remote Code Execution via unsafe classes in otherwise permitted modules — AccessControl 4.4 Medium2021-07-30
CVE-2021-21368 Prototype poisoning — msgpack5 6.7 Medium2021-03-12
CVE-2021-21304 Prototype Pollution in Dynamoose — dynamoose 7.2 High2021-02-08
CVE-2020-11066 Improperly Controlled Modification of Dynamically-Determined Object Attributes in TYPO3 CMS — TYPO3 CMS 8.7 High2020-05-13

Vulnerabilities classified as CWE-915 represent 51 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.