Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

state:in-the-wild — CVE vulnerabilities tagged 396

396 CVE security advisories tagged "state:in-the-wild" with AI Chinese analysis, CVSS, references and POCs.

The tag "state:in-the-wild" signifies that a disclosed vulnerability has been actively exploited by attackers in real-world environments, rather than remaining theoretical or limited to controlled laboratory testing. This classification is critical because it indicates an immediate and tangible threat to public infrastructure, demanding urgent mitigation strategies from administrators and developers. Typically, these vulnerabilities involve remote code execution, authentication bypasses, or critical logic flaws that allow adversaries to compromise systems without physical access. The presence of this tag implies that exploit code is likely circulating in the wild, increasing the risk of widespread data breaches, service disruptions, or lateral movement within networks. Consequently, organizations must prioritize patching these specific CVEs to prevent active intrusion, as the window between disclosure and exploitation has effectively closed, leaving systems exposed to sophisticated threat actors seeking immediate gain.

CVE IDTitleCVSSSeverityPublished
CVE-2023-27637 PrestaShop SQL注入漏洞 — n/a 9.8 -2023-03-22
CVE-2023-28725 General Bytes Crypto Application Server 代码问题漏洞 — n/a 9.8 -2023-03-21
CVE-2023-23529 Apple iOS和iPadOS 安全漏洞 — iOS and iPadOS 8.8 -2023-02-27
CVE-2023-24059 Grand Theft Auto V 安全漏洞 — n/a 9.4 -2023-01-22
CVE-2022-34478 Mozilla Firefox 安全漏洞 — Firefox 6.5 -2022-12-22
CVE-2022-26486 Mozilla Firefox 资源管理错误漏洞 — Firefox 9.6 -2022-12-22
CVE-2022-26485 Mozilla Firefox 资源管理错误漏洞 — Firefox 8.8 -2022-12-22
CVE-2022-42856 Apple iOS 安全漏洞 — tvOS 8.8 -2022-12-15
CVE-2022-45045 多款Xiongmai设备操作系统命令注入漏洞 — n/a 8.8 -2022-12-01
CVE-2022-42827 Apple iOS和iPadOS 缓冲区错误漏洞 — iOS and iPadOS 7.8 -2022-11-01
CVE-2016-20016 MV POWER CCTV DVR 安全漏洞 — n/a 9.8 -2022-10-19
CVE-2016-20017 D-Link DSL-2750B 命令注入漏洞 — n/a 9.8 -2022-10-19
CVE-2017-20149 MikroTik RouterOS 缓冲区错误漏洞 — n/a 9.8 -2022-10-15
CVE-2022-32917 Apple macOS Big Sur 缓冲区错误漏洞 — iOS 7.3 -2022-09-20
CVE-2022-40769 profanity 安全特征问题漏洞 — n/a 7.5 -2022-09-18
CVE-2022-40734 laravel-filemanager 路径遍历漏洞 — n/a 7.5 -2022-09-14
CVE-2022-32894 Apple macOS Monterey 缓冲区错误漏洞 — iOS and iPadOS 7.8 -2022-08-24
CVE-2022-32893 Apple macOS Monterey Safari 缓冲区错误漏洞 — Safari 8.8 -2022-08-24
CVE-2022-37450 Go Ethereum 安全漏洞 — n/a 5.9 -2022-08-05
CVE-2022-22675 Apple iOS和Apple iPadOS 缓冲区错误漏洞 — iOS and iPadOS 7.8 -2022-05-26
CVE-2022-29164 Privilege Escalation in argo-workflows — argo-workflowsCWE-269 7.1 High2022-05-05
CVE-2022-22620 Apple多款产品资源管理错误漏洞 — Safari (v and ) 8.8 -2022-03-18
CVE-2022-22587 Apple多款产品缓冲区错误漏洞 — iOS and iPadOS 7.8 -2022-03-18
CVE-2022-24740 Improper Authentication in Volto — voltoCWE-287 5.0 Medium2022-03-14
CVE-2022-26143 Mitel Networks MiCollab和Mitel Networks MiVoice Business Express 访问控制错误漏洞 — n/a 9.1 -2022-03-09
CVE-2022-25335 RigoBlock Dragos 安全漏洞 — n/a 7.5 -2022-02-18
CVE-2022-24682 Zimbra Collaboration Suite 跨站脚本漏洞 — n/a 6.1 -2022-02-09
CVE-2022-23597 Remote program execution with user interaction — n/a 8.3 High2022-02-01
CVE-2021-45461 FreePBX 安全漏洞 — n/a 9.8 -2021-12-22
CVE-2021-43844 Externally Controlled Reference to a Resource in Another Sphere in MSEdgeRedirect — MSEdgeRedirectCWE-610 8.8 High2021-12-20

Vulnerabilities classified as state:in-the-wild represent 396 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.