快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352348
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-14252 |
An Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers to rea...
|
HIGH | 8.5 | 2025-12-16 |
Advantech SUSI
|
CVE NVD | |
| CVE-2025-14777 |
Keycloak: keycloak idor in realm client creating/deleting
|
MEDIUM | 6.0 | 2025-12-16 |
Red Hat Red Hat Build of Keycloak
|
CVE NVD | |
| CVE-2025-66357 |
CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper check for unusual or exceptional ...
|
MEDIUM | 6.9 | 2025-12-16 |
Inaba Denki Sangyo Co., Ltd. CHOCO TEI WATCHER mini (IB-MCT001)
inaba ib-mct001_firmware
|
CVE NVD | |
| CVE-2025-59479 |
CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper restriction of rendered UI layers...
|
MEDIUM | 5.1 | 2025-12-16 |
Inaba Denki Sangyo Co., Ltd. CHOCO TEI WATCHER mini (IB-MCT001)
inaba ib-mct001_firmware
|
CVE NVD | |
| CVE-2025-61976 |
CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper check for unusual or exceptional ...
|
HIGH | 8.7 | 2025-12-16 |
Inaba Denki Sangyo Co., Ltd. CHOCO TEI WATCHER mini (IB-MCT001)
inaba ib-mct001_firmware
|
CVE NVD | |
| CVE-2025-13956 |
LearnPress – WordPress LMS Plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure
|
MEDIUM | 5.3 | 2025-12-16 |
thimpress LearnPress – WordPress LMS Plugin
|
CVE NVD | |
| CVE-2025-14749 |
Ningyuanda TC155 ONVIF PTZ Control device_service access control
|
MEDIUM | 5.3 | 2025-12-16 |
Ningyuanda TC155
shenzhenningyuandatechnology tc155_firmware
|
CVE NVD | |
| CVE-2025-14748 |
Ningyuanda TC155 ONVIF Device Management Service device_service access control
|
MEDIUM | 5.3 | 2025-12-16 |
Ningyuanda TC155
shenzhenningyuandatechnology tc155_firmware
|
CVE NVD | |
| CVE-2025-59385 |
QNAP Systems Hero和QNAP Systems QTS 安全漏洞
|
HIGH | 8.1 | 2025-12-16 |
QNAP Systems Inc. QTS
QNAP Systems Inc. QuTS hero
+37个
|
CVE NVD +1 | |
| CVE-2025-62847 |
QNAP Systems Hero和QNAP Systems QTS 参数注入漏洞
|
MEDIUM | 6.6 | 2025-12-16 |
QNAP Systems Inc. QTS
QNAP Systems Inc. QuTS hero
+37个
|
CVE NVD +1 | |
| CVE-2025-62848 |
QNAP Systems Hero和QNAP Systems QTS 代码问题漏洞
|
HIGH | 8.1 | 2025-12-16 |
QNAP Systems Inc. QTS
QNAP Systems Inc. QuTS hero
+37个
|
CVE NVD +1 | |
| CVE-2025-62849 |
QNAP Systems Hero和QNAP Systems QTS SQL注入漏洞
|
MEDIUM | 5.2 | 2025-12-16 |
QNAP Systems Inc. QTS
QNAP Systems Inc. QuTS hero
+37个
|
CVE NVD +1 | |
| CVE-2025-14747 |
Ningyuanda TC155 RTSP Service denial of service
|
MEDIUM | 5.3 | 2025-12-16 |
Ningyuanda TC155
shenzhenningyuandatechnology tc155_firmware
|
CVE NVD | |
| CVE-2025-14746 |
Ningyuanda TC155 RTSP Live Video Stream Endpoint improper authentication
|
MEDIUM | 5.3 | 2025-12-16 |
Ningyuanda TC155
shenzhenningyuandatechnology tc155_firmware
|
CVE NVD | |
| CVE-2025-68115 |
Parse Server vulnerable to Cross-Site Scripting (XSS) via Unescaped Mustache Template Variables
|
MEDIUM | 5.3 | 2025-12-16 |
parse-community parse-server
parse-community parse-server
+3个
|
CVE NVD | |
| CVE-2025-68113 |
ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay
|
MEDIUM | 6.5 | 2025-12-16 |
altcha-org altcha-lib
|
CVE NVD | |
| CVE-2025-67751 |
ChurchCRM has SQL Injection in Event Editor via `EN_tyid` Parameter caused by an Incomplete Fix
|
HIGH | 7.2 | 2025-12-16 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD | |
| CVE-2025-67874 |
ChurchCRM 安全漏洞
|
MEDIUM | 6.9 | 2025-12-16 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD +1 | |
| CVE-2025-67744 |
Mermaid XSS vulnerability leads to Remote Code Execution
|
CRITICAL | 9.7 | 2025-12-16 |
ThinkInAIXYZ deepchat
thinkinai deepchat
|
CVE NVD | |
| CVE-2025-67748 |
Fickling 代码问题漏洞
|
HIGH | 7.1 | 2025-12-16 |
trailofbits fickling
trailofbits fickling
|
CVE NVD +1 |