Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

state:in-the-wild — CVE vulnerabilities tagged 396

396 CVE security advisories tagged "state:in-the-wild" with AI Chinese analysis, CVSS, references and POCs.

The tag "state:in-the-wild" signifies that a disclosed vulnerability has been actively exploited by attackers in real-world environments, rather than remaining theoretical or limited to controlled laboratory testing. This classification is critical because it indicates an immediate and tangible threat to public infrastructure, demanding urgent mitigation strategies from administrators and developers. Typically, these vulnerabilities involve remote code execution, authentication bypasses, or critical logic flaws that allow adversaries to compromise systems without physical access. The presence of this tag implies that exploit code is likely circulating in the wild, increasing the risk of widespread data breaches, service disruptions, or lateral movement within networks. Consequently, organizations must prioritize patching these specific CVEs to prevent active intrusion, as the window between disclosure and exploitation has effectively closed, leaving systems exposed to sophisticated threat actors seeking immediate gain.

CVE IDTitleCVSSSeverityPublished
CVE-2024-51567 CyberPanel 安全漏洞 — n/a 10.0 Critical2024-10-29
CVE-2024-51378 CyberPanel 安全漏洞 — n/a 10.0 Critical2024-10-29
CVE-2021-4444 Product Filter by WooBeWoo <= 1.4.9 - Missing Authorization — Product Filter for WooCommerce by WBWCWE-862 7.3 High2024-10-16
CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports — wasmtimeCWE-670 5.5 Medium2024-10-09
CVE-2024-9680 Mozilla Firefox 安全漏洞 — Firefox 8.8 -2024-10-09
CVE-2024-45506 HAProxy 安全漏洞 — n/a 7.5AIHighAI2024-09-04
CVE-2024-45389 Pagefind DOM clobbering could escalate to Cross-site Scripting (XSS) — pagefindCWE-79 6.4 Medium2024-09-03
CVE-2024-42252 closures: Change BUG_ON() to WARN_ON() — Linux 7.1AIHighAI2024-08-08
CVE-2024-39891 Twilio Authy API 安全漏洞 — n/a 5.3 Medium2024-07-02
CVE-2024-28200 N-central Authentication Bypass — N-centralCWE-288 9.1 Critical2024-07-01
CVE-2021-47337 scsi: core: Fix bad pointer dereference when ehandler kthread is invalid — Linux 7.8AIHighAI2024-05-21
CVE-2024-35960 net/mlx5: Properly link new fs rules into the tree — Linux 5.5 -2024-05-20
CVE-2024-23660 Binance Trust Wallet app 安全特征问题漏洞 — n/a 7.5 -2024-02-08
CVE-2023-50428 Bitcoin Core 安全漏洞 — n/a--2023-12-09
CVE-2023-47630 Attacker can cause Kyverno user to unintentionally consume insecure image — kyvernoCWE-345 7.1 High2023-11-14
CVE-2023-42813 Denial of service from malicious manifest in kyverno — kyvernoCWE-400 6.1 Medium2023-11-13
CVE-2023-42814 Denial of service from malicious image manifest in kyverno — kyvernoCWE-835 3.1 Low2023-11-13
CVE-2023-42815 Denial of service from malicious image manifest in kyverno — kyvernoCWE-835 3.1 Low2023-11-13
CVE-2023-42816 Denial of service from malicious signature in kyverno — kyvernoCWE-345 6.1 Medium2023-11-13
CVE-2023-47246 Sysaid Technologies SysAid 安全漏洞 — n/a 8.8 -2023-11-10
CVE-2023-31418 Elasticsearch uncontrolled resource consumption — ElasticsearchCWE-400 7.5 High2023-10-26
CVE-2023-30801 qBittorrent Web UI Default Credentials Lead to RCE — qBittorrent clientCWE-1392 9.8 Critical2023-10-10
CVE-2023-44487 Apache HTTP/2 资源管理错误漏洞 — n/a 7.5 -2023-10-10
CVE-2023-42824 Apple iOS和iPadOS 安全漏洞 — iOS and iPadOS 7.8 -2023-10-04
CVE-2023-41993 Apple Safari 代码问题漏洞 — macOS 8.8 -2023-09-21
CVE-2023-41992 Apple watchOS 代码问题漏洞 — macOS 7.8 -2023-09-21
CVE-2023-41991 Apple watchOS 信任管理问题漏洞 — iOS and iPadOS 5.5 -2023-09-21
CVE-2023-3892 Unsafe XML parsing of 3rd party DICOM private tags may lead to XXE — MIM AssistantCWE-611 5.6 Medium2023-09-19
CVE-2023-41990 Apple watchOS 安全漏洞 — iOS and iPadOS 7.8 -2023-09-11
CVE-2023-41064 Apple macOS Ventura 安全漏洞 — macOS 7.8 -2023-09-07

Vulnerabilities classified as state:in-the-wild represent 396 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.