dromara Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by dromara
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Arbitrary File Access in RuoYi-Vue-Plus Software by Dromara
CVE-2025-66916DromaraRuoYi-Vue-Plus9.4CRITICALHertzbeat Fixes YAML Deserialization Vulnerability in Version 1.4.1
CVE-2023-51389DromaraHertzbeat9.8CRITICALHertzbeat Monitoring System Vulnerability Fix
CVE-2023-51388DromaraHertzbeat9.8CRITICALJNDI Injection Vulnerability in Hertzbeat's `JmxCollectImpl.java` Could Lead to Remote Code Execution
CVE-2023-51653DromaraHertzbeat9.8CRITICALDenial of Service Vulnerability in hutool-core by Dromara
CVE-2023-51075DromaraHutool7.5HIGHExpression Injection Vulnerability in Hertzbeat
CVE-2023-51387dromarahertzbeat8.8HIGHUnauthorized access vulnerability on three interfaces
CVE-2023-51650DromaraHertzbeat7.5HIGHPermission bypass due to incorrect configuration in github.com/dromara/hertzbeat
CVE-2022-39337DromaraHertzbeat7.5HIGHHardcoded Key Vulnerability in Dromara Sureness Authentication Framework
CVE-2023-31581DromaraSureness9.8CRITICALAuthentication Bypass in Dromara SaToken by Spring Dynamic Controllers
CVE-2023-43961DromaraSa-token8.8HIGHRemote Code Execution Vulnerability in Dromara SaToken
CVE-2023-44794DromaraSa-token9.8CRITICAL