263'131

条目总数

114.1

每日新增数量 ø

125.7

每日更新数量 ø

7'990

每日提交数量 ø

73'369

覆盖产品数量

社区

自1970年以来，记录和解释安全漏洞，威胁和漏洞的第一大漏洞数据库。

VulDB Data Team just updated VDB-258160

VulDB Mod Team just queued a new entry to be reviewed

Someone joined the community

VulDB CTI Team identified activities by APT actor "Cobalt Strike"

Hefei-Coffee and 3 others joined the community

本日漏洞

MicroWorld eScan Antivirus Kernel ProcObsrvesx.sys Privilege Escalation

分类为致命的漏洞已在MicroWorld eScan Antivirus 4.0.0.49中发现。此漏洞会影响某些未知进程库ProcObsrvesx.sys的组件Kernel Handler。手动调试的不合法输入可导致 Privilege Escalation。分享公告的网址是northwave-cybersecurity.com。该漏洞被标识为CVE-2024-28519，成功的攻击必须要先进入局域网。没有可利用漏洞。

威胁情报

8.35

BestWebSoft Facebook Like Button facebook-button-plugin.php fcbkbttn_settings_page 跨网站脚本

6.82

Tenda i21 formQosManage_auto 内存损坏

6.68

Tenda W15E addIpMacBind formIPMacBindAdd 内存损坏

5.42

Tenda AC500 DhcpListClient fromDhcpListClient 内存损坏

5.35

TikiWiki tiki-register.php 权限升级

最近

SourceCodester Prison Management System user-record.php 跨网站脚本

Campcodes Complete Web-Based School Management System student_payment_details2.php 跨网站脚本

Campcodes Complete Web-Based School Management System student_payment_details3.php 跨网站脚本

Campcodes Complete Web-Based School Management System student_payment_details4.php 跨网站脚本

Campcodes Complete Web-Based School Management System student_payment_invoice.php 跨网站脚本

更新

Tenda FH1202 SetClientState formSetClientState 内存损坏

Tenda FH1202 WriteFacMac formWriteFacMac 权限升级

Tenda FH1202 fast_setting_wifi_set form_fast_setting_wifi_set 内存损坏

Tenda FH1202 execCommand formexeCommand 内存损坏

Tenda F1203 openSchedWifi setSchedWifi 内存损坏

CVSS当前Top

9.8

Teledyne FLIR M300 POST Request 弱身份验证

9.8

RIOT-OS gcoap_dns_server_proxy_get 内存损坏

9.6

Tinyproxy HTTP Connection Header 内存损坏

9.6

Aruba ArubaOS L2-L3 Management Service 内存损坏

9.6

Aruba ArubaOS Local User Authentication Database Service 内存损坏

攻击价格当前Top

$10k-$25k

Apple iOS/iPadOS Website 权限升级

$10k-$25k

Google Chrome Dawn 内存损坏

$10k-$25k

Google Chrome ANGLE 权限升级

$10k-$25k

Microsoft Azure AI Playground Markdown 权限升级

$10k-$25k

D-Link DIR-822+ prog.cgi SetPlcNetworkpwd 权限升级

最新攻击

POC

SourceCodester Prison Management System user-record.php 未知漏洞

POC

Campcodes Complete Web-Based School Management System student_payment_details2.php 未知漏洞

POC

Campcodes Complete Web-Based School Management System student_payment_details3.php 未知漏洞

POC

Campcodes Complete Web-Based School Management System student_payment_details4.php 未知漏洞

POC

Campcodes Complete Web-Based School Management System student_payment_invoice.php 未知漏洞

最新视频

YouTube

Sikka SSCWindowsService SSCService 权限升级

YouTube

Adobe Acrobat Reader 内存损坏

YouTube

NCR Terminal Handler WSDL 跨网站请求伪造

YouTube

Gabriels FTP Server 拒绝服务

YouTube

Totolink N200RE V5 cstecgi.cgi 弱身份验证

Do you want to use VulDB in your project?

Use the official API to access entries easily!