Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

polonel — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting polonel. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Polonel serves as an open-source network monitoring tool primarily used for real-time traffic analysis and security monitoring across networks. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 18 recorded CVEs. The application's web interface has been particularly susceptible to input validation weaknesses, while its configuration management has faced improper access control problems. No major public security incidents have been widely documented, though its consistent vulnerability pattern suggests potential risks in environments where default configurations or outdated versions remain in use.

Top products by polonel: polonel/trudesk
CVE IDTitleCVSSSeverityPublished
CVE-2022-2128 Unrestricted Upload of File with Dangerous Type in polonel/trudesk — polonel/trudeskCWE-434 8.0 -2022-06-20
CVE-2022-2023 Incorrect Use of Privileged APIs in polonel/trudesk — polonel/trudeskCWE-648 8.8 -2022-06-20
CVE-2022-1947 Use of Incorrect Operator in polonel/trudesk — polonel/trudeskCWE-480 6.5 -2022-05-31
CVE-2022-1808 Execution with Unnecessary Privileges in polonel/trudesk — polonel/trudeskCWE-250 8.8 -2022-05-31
CVE-2022-1893 Improper Removal of Sensitive Information Before Storage or Transfer in polonel/trudesk — polonel/trudeskCWE-212 4.6 Medium2022-05-31
CVE-2022-1926 Integer Overflow or Wraparound in polonel/trudesk — polonel/trudeskCWE-190 7.5 -2022-05-31
CVE-2022-1931 Incorrect Synchronization in polonel/trudesk — polonel/trudeskCWE-821 8.8 -2022-05-31
CVE-2022-1752 Unrestricted Upload of File with Dangerous Type in polonel/trudesk — polonel/trudeskCWE-434 8.0 -2022-05-21
CVE-2022-1775 Weak Password Requirements in polonel/trudesk — polonel/trudeskCWE-521 9.8 -2022-05-20
CVE-2022-1803 Improper Restriction of Rendered UI Layers or Frames in polonel/trudesk — polonel/trudeskCWE-1021 8.2 -2022-05-20
CVE-2022-1770 Improper Privilege Management in polonel/trudesk — polonel/trudeskCWE-269 8.8 -2022-05-20
CVE-2022-1754 Integer Overflow or Wraparound in polonel/trudesk — polonel/trudeskCWE-190 7.5 -2022-05-20
CVE-2022-1728 Allowing long password leads to denial of service in polonel/trudesk in polonel/trudesk — polonel/trudeskCWE-190 6.5 -2022-05-16
CVE-2022-1718 The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in polonel/trudesk — polonel/trudeskCWE-190 6.5 -2022-05-16
CVE-2022-1719 Reflected XSS on ticket filter function in polonel/trudesk — polonel/trudeskCWE-79 5.4 -2022-05-16
CVE-2022-1044 Sensitive Data Exposure Due To Insecure Storage Of Profile Image in polonel/trudesk — polonel/trudeskCWE-922 5.7 -2022-05-12
CVE-2022-1045 Stored XSS viva .svg file upload in polonel/trudesk — polonel/trudeskCWE-434 5.4 -2022-04-11
CVE-2022-1290 Stored XSS in "Name", "Group Name" & "Title" in polonel/trudesk — polonel/trudeskCWE-79 5.4 -2022-04-10

This page lists every published CVE security advisory associated with polonel. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.