快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352348
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-14697 |
Shenzhen Sixun Software Sixun Shanghui Group Business Management System ExportFiles file access
|
MEDIUM | 6.3 | 2025-12-15 |
Shenzhen Sixun Software Sixun Shanghui Group Business Management System
|
CVE NVD | |
| CVE-2025-14696 |
Shenzhen Sixun Software Sixun Shanghui Group Business Management System UpdatePasswordBatch password recovery
|
MEDIUM | 6.9 | 2025-12-15 |
Shenzhen Sixun Software Sixun Shanghui Group Business Management System
|
CVE NVD | |
| CVE-2025-14695 |
SamuNatsu HaloBot Inter-plugin API index.js html_renderer dynamically-managed code resources
|
MEDIUM | 5.3 | 2025-12-15 |
SamuNatsu HaloBot
|
CVE NVD | |
| CVE-2025-14694 |
ketr JEPaaS readAllPostil sql injection
|
MEDIUM | 5.1 | 2025-12-15 |
ketr JEPaaS
ketr JEPaaS
+7个
|
CVE NVD | |
| CVE-2025-14693 |
Ugreen DH2100+ USB symlink
|
HIGH | 7.0 | 2025-12-15 |
Ugreen DH2100+
Ugreen DH2100+
+2个
|
CVE NVD | |
| CVE-2023-36337 |
A reflected cross-site scripting (XSS) vulnerability in the component /index.php/cuzh4 of PHP Invent...
|
MEDIUM | 6.1 | 2025-12-15 |
inventory_management_system_project inventory_management_system
|
CVE NVD | |
| CVE-2023-36338 |
Inventory Management System 1 was discovered to contain a SQL injection vulnerability.
|
MEDIUM | 5.3 | 2025-12-15 |
inventory_management_system_project inventory_management_system
|
CVE NVD | |
| CVE-2023-38913 |
SQL injection vulnerability in anirbandutta9 NEWS-BUZZ v.1.0 allows a remote attacker to execute arb...
|
MEDIUM | 5.3 | 2025-12-15 |
anirbandutta9 news-buzz
|
CVE NVD | |
| CVE-2024-44598 |
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module.
|
HIGH | 8.8 | 2025-12-15 |
fntsoftware fnt_command
|
CVE NVD | |
| CVE-2024-44599 |
FNT Command 13.4.0 is vulnerable to Directory Traversal.
|
HIGH | 8.3 | 2025-12-15 |
fntsoftware fnt_command
|
CVE NVD | |
| CVE-2025-51962 |
A HTML Injection vulnerability in the comment section of the project page in MicroStudio 24.01.29 al...
|
MEDIUM | 6.1 | 2025-12-15 |
microstudio microstudio
|
CVE NVD | |
| CVE-2025-55703 |
An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The vulnerabili...
|
LOW | 2.5 | 2025-12-15 |
sunbirddcim power_iq
|
CVE NVD | |
| CVE-2025-55893 |
TOTOLINK N200RE V9.3.5u.6437_B20230519 is vulnerable to command Injection in setOpModeCfg via hostNa...
|
MEDIUM | 6.5 | 2025-12-15 |
totolink n200re_firmware
|
CVE NVD | |
| CVE-2025-55895 |
TOTOLINK A3300R V17.0.0cu.557_B20221024 and N200RE V9.3.5u.6448_B20240521 and V9.3.5u.6437_B20230519...
|
CRITICAL | 9.1 | 2025-12-15 |
totolink a3300r_firmware
totolink n200re_firmware
|
CVE NVD | |
| CVE-2025-55901 |
TOTOLINK A3300R V17.0.0cu.596_B20250515 is vulnerable to command injection in the function NTPSyncWi...
|
MEDIUM | 6.5 | 2025-12-15 |
totolink a3300r_firmware
|
CVE NVD | |
| CVE-2025-60786 |
A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows atta...
|
HIGH | 8.8 | 2025-12-15 |
kagilum icescrum
|
CVE NVD | |
| CVE-2025-65176 |
An issue was discovered in Dynatrace OneAgent before 1.325.47. When attempting to access a remote ne...
|
HIGH | 7.5 | 2025-12-15 |
dynatrace oneagent
|
CVE NVD | |
| CVE-2025-65213 |
MooreThreads torch_musa through all versions contains an unsafe deserialization vulnerability in tor...
|
CRITICAL | 9.8 | 2025-12-15 |
mthreads torch_musa
|
CVE NVD | |
| CVE-2025-65430 |
An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as is_active=False aft...
|
MEDIUM | 5.4 | 2025-12-15 |
allauth allauth
|
CVE NVD | |
| CVE-2025-65431 |
An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferred_u...
|
MEDIUM | 5.4 | 2025-12-15 |
allauth allauth
|
CVE NVD |