Vulnerabilities > Dromara
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-22 | CVE-2023-51387 | Code Injection vulnerability in Dromara Hertzbeat Hertzbeat is an open source, real-time monitoring system. | 8.8 |
2023-12-22 | CVE-2023-51650 | Missing Authorization vulnerability in Dromara Hertzbeat Hertzbeat is an open source, real-time monitoring system. | 7.5 |
2023-12-22 | CVE-2022-39337 | Incorrect Authorization vulnerability in Dromara Hertzbeat Hertzbeat is an open source, real-time monitoring system with custom-monitoring, high performance cluster, prometheus-like and agentless. | 7.5 |
2023-10-25 | CVE-2023-31581 | Use of Hard-coded Credentials vulnerability in Dromara Sureness Dromara Sureness before v1.0.8 was discovered to use a hardcoded key. | 9.8 |
2023-10-25 | CVE-2023-43961 | Incorrect Authorization vulnerability in Dromara Sa-Token An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 8.8 |
2023-10-25 | CVE-2023-44794 | Unspecified vulnerability in Dromara Sa-Token An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL. | 9.8 |
2023-06-15 | CVE-2023-3276 | XXE vulnerability in Dromara Hutool A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. | 7.5 |