Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

state:in-the-wild — CVE vulnerabilities tagged 396

396 CVE security advisories tagged "state:in-the-wild" with AI Chinese analysis, CVSS, references and POCs.

The tag "state:in-the-wild" signifies that a disclosed vulnerability has been actively exploited by attackers in real-world environments, rather than remaining theoretical or limited to controlled laboratory testing. This classification is critical because it indicates an immediate and tangible threat to public infrastructure, demanding urgent mitigation strategies from administrators and developers. Typically, these vulnerabilities involve remote code execution, authentication bypasses, or critical logic flaws that allow adversaries to compromise systems without physical access. The presence of this tag implies that exploit code is likely circulating in the wild, increasing the risk of widespread data breaches, service disruptions, or lateral movement within networks. Consequently, organizations must prioritize patching these specific CVEs to prevent active intrusion, as the window between disclosure and exploitation has effectively closed, leaving systems exposed to sophisticated threat actors seeking immediate gain.

CVE IDTitleCVSSSeverityPublished
CVE-2013-5054 Microsoft Office 令牌劫持漏洞 — n/a 9.1 -2013-12-11
CVE-2013-5057 Microsoft Office 权限许可和访问控制漏洞 — n/a 8.1 -2013-12-11
CVE-2013-5065 Microsoft Windows 内核中的漏洞可能允许特权提升 — n/a 8.4 -2013-11-27
CVE-2013-6282 Linux kernel 输入验证漏洞 — n/a 7.1 -2013-11-19
CVE-2013-3918 Microsoft IE ActiveX控件缓冲区溢出漏洞 — n/a 8.8 -2013-11-12
CVE-2013-3906 多个Microsoft产品图形组件远程代码执行漏洞 — n/a 8.8 -2013-11-06
CVE-2011-4106 WordPress Timthumb Plugin timthumb目录任意文件上传漏洞 — n/a 9.8 -2013-10-26
CVE-2013-6026 D-Link和Planex/路由器Web接口安全漏洞 — n/a 9.1 -2013-10-19
CVE-2013-6129 vBulletin install/upgrade.php脚本安全漏洞 — n/a 9.8 -2013-10-19
CVE-2013-3897 Microsoft Internet Explorer内存损坏漏洞 — n/a 7.5 -2013-10-09
CVE-2013-5576 Joomla! ‘media.php’任意文件上传漏洞 — n/a 8.8 -2013-10-09
CVE-2013-4854 ISC BIND/DNSco BIND RFC 5011实现拒绝服务漏洞 — n/a 7.5 -2013-07-26
CVE-2013-1347 Microsoft Internet Explorer 8 远程执行代码漏洞 — n/a 8.1 -2013-05-05
CVE-2013-1493 Oracle Java SE 2D组件远程代码执行漏洞 — n/a 8.8 -2013-03-04
CVE-2013-0643 Adobe Flash Player Firefox沙盒任意代码执行漏洞 — n/a 8.8 -2013-02-27
CVE-2013-0648 Adobe Flash Player ExternalInterface ActionScript功能未明安全漏 — n/a 8.8 -2013-02-27
CVE-2013-0640 Adobe Reader/Acrobat 未明安全漏洞 — n/a 7.8 -2013-02-14
CVE-2013-0641 Adobe Reader/Acrobat 未明安全漏洞 — n/a 7.8 -2013-02-14
CVE-2013-0633 Adobe Flash Player 缓冲区溢出漏洞 — n/a 8.8 -2013-02-08
CVE-2013-0634 Adobe Flash Player 缓冲区溢出漏洞 — n/a 8.8 -2013-02-08
CVE-2013-0632 Adobe ColdFusion 信息泄露漏洞 — n/a 9.8 -2013-01-17
CVE-2013-0422 Oracle Java Runtime Environment 远程代码执行漏洞 — n/a 9.8 -2013-01-10
CVE-2013-0625 Adobe ColdFusion 远程验证绕过漏洞 — n/a 8.1 -2013-01-09
CVE-2013-0629 Adobe ColdFusion 未授权访问漏洞 — n/a 7.4 -2013-01-09
CVE-2013-0631 Adobe ColdFusion 信息泄露漏洞 — n/a 7.5 -2013-01-09
CVE-2012-6498 Atomymaxsite index.php脚本未限制文件上传漏洞 — n/a 9.8 -2013-01-08
CVE-2012-6081 MoinMoin 多个未限制文件上传漏洞 — n/a 8.8 -2013-01-03
CVE-2012-6467 Opera 快捷方式处理错误漏洞 — n/a 7.4 -2013-01-02
CVE-2012-4792 Microsoft Internet Explorer 释放后使用漏洞 — n/a 8.8 -2012-12-30
CVE-2012-4969 Microsoft Internet Explorer ‘CMshtmlEd::Exec’函数释放后使用漏洞 — n/a 8.8 -2012-09-18

Vulnerabilities classified as state:in-the-wild represent 396 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.