快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352225
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2021-47711 |
Kentico Xperience <= 13.0.52 Online Marketing Macros SQL Injection
|
HIGH | 8.7 | 2025-12-18 |
Kentico Xperience
kentico xperience
|
CVE NVD | |
| CVE-2020-36891 |
Kentico Xperience <= 12.0.49 File Upload Stored XSS
|
MEDIUM | 5.1 | 2025-12-18 |
Kentico Xperience
kentico xperience
|
CVE NVD | |
| CVE-2020-36890 |
Kentico Xperience <= 10 Administrator Access Control Bypass
|
HIGH | 8.6 | 2025-12-18 |
Kentico Xperience
kentico xperience
|
CVE NVD | |
| CVE-2020-36889 |
Kentico Xperience <= 12.0.90 Administration Interface Stored XSS
|
MEDIUM | 5.1 | 2025-12-18 |
Kentico Xperience
kentico xperience
|
CVE NVD | |
| CVE-2019-25230 |
Kentico Xperience <= 12.0.0 User Widget Information Disclosure
|
MEDIUM | 5.3 | 2025-12-18 |
Kentico Xperience
kentico xperience
|
CVE NVD | |
| CVE-2019-25229 |
Kentico Xperience <= 12.0.29 MVC Forms Unrestricted File Upload
|
HIGH | 8.7 | 2025-12-18 |
Kentico Xperience
kentico xperience
|
CVE NVD | |
| CVE-2019-25228 |
Kentico Xperience <= 12.0.47 Virtual Context Information Disclosure
|
MEDIUM | 5.1 | 2025-12-18 |
Kentico Xperience
kentico xperience
|
CVE NVD | |
| CVE-2025-64400 |
Insufficient permission checks when pre-enrolling users Summary
|
MEDIUM | 4.1 | 2025-12-18 |
Palantir com.palantir.controlpanel:control-panel
|
CVE NVD | |
| CVE-2025-67745 |
Myhoard logs backup encryption key in plain text
|
HIGH | 7.1 | 2025-12-18 |
Aiven-Open myhoard
|
CVE NVD | |
| CVE-2025-14885 |
SourceCodester Client Database Management System Leads Generation user_leads.php unrestricted upload
|
MEDIUM | 5.3 | 2025-12-18 |
SourceCodester Client Database Management System
lerouxyxchire client_database_management_system
|
CVE NVD | |
| CVE-2025-59949 |
FreshRSS has Logout CSRF that Leads to DoS via <track src>
|
MEDIUM | 5.3 | 2025-12-18 |
FreshRSS FreshRSS
freshrss freshrss
|
CVE NVD | |
| CVE-2025-14739 |
Uninitialized Pointer Vulnerability in TP-Link WR940N and WR941ND
|
MEDIUM | 6.8 | 2025-12-18 |
TP-Link Systems Inc. WR940N and WR941ND
|
CVE NVD | |
| CVE-2025-14738 |
Configuration Disclosure Vulnerability in TP-Link WA850RE
|
MEDIUM | 5.7 | 2025-12-18 |
TP-Link Systems Inc. WA850RE
|
CVE NVD | |
| CVE-2025-14737 |
Command Injection Vulnerability in TP-Link WA850RE
|
HIGH | 7.1 | 2025-12-18 |
TP-Link Systems Inc. WA850RE
tp-link tl-wa850re_firmware
|
CVE NVD | |
| CVE-2025-14884 |
D-Link DIR-605 Firmware Update Service command injection
|
HIGH | 8.6 | 2025-12-18 |
D-Link DIR-605
dlink dir-605_firmware
|
CVE NVD | |
| CVE-2025-14879 |
Tenda WH450 HTTP Request onSSIDChange stack-based overflow
|
CRITICAL | 9.3 | 2025-12-18 |
Tenda WH450
tenda wh450_firmware
|
CVE NVD | |
| CVE-2025-62960 |
WordPress Construction Light theme <= 1.6.7 - Broken Access Control vulnerability
|
MEDIUM | 5.4 | 2025-12-18 |
Sparkle WP Construction Light
|
CVE NVD | |
| CVE-2025-62961 |
WordPress Sparkle FSE theme <= 1.0.9 - Broken Access Control vulnerability
|
MEDIUM | 5.4 | 2025-12-18 |
Sparkle WP Sparkle FSE
|
CVE NVD | |
| CVE-2025-62998 |
WordPress WP AI CoPilot plugin <= 1.2.7 - Sensitive Data Exposure vulnerability
|
MEDIUM | 5.0 | 2025-12-18 |
WP Messiah WP AI CoPilot
|
CVE NVD | |
| CVE-2025-63002 |
WordPress Sermon Manager plugin <= 2.30.0 - Broken Access Control vulnerability
|
MEDIUM | 5.3 | 2025-12-18 |
wpforchurch Sermon Manager
|
CVE NVD |