快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352348
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-65742 |
An unauthenticated Broken Function Level Authorization (BFLA) vulnerability in Newgen OmniDocs v11.0...
|
HIGH | 8.2 | 2025-12-15 |
newgensoft omnidocs
|
CVE NVD | |
| CVE-2025-65778 |
An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 1...
|
HIGH | 8.1 | 2025-12-15 |
wekan_project wekan
|
CVE NVD | |
| CVE-2025-65779 |
WeKan 安全漏洞
|
HIGH | 7.5 | 2025-12-15 |
wekan_project wekan
|
CVE NVD +1 | |
| CVE-2025-65780 |
An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 1...
|
HIGH | 8.8 | 2025-12-15 |
wekan_project wekan
|
CVE NVD | |
| CVE-2025-65781 |
An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 1...
|
HIGH | 8.2 | 2025-12-15 |
wekan_project wekan
|
CVE NVD | |
| CVE-2025-65782 |
An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 1...
|
MEDIUM | 6.5 | 2025-12-15 |
wekan_project wekan
|
CVE NVD | |
| CVE-2025-65835 |
The Cordova plugin cordova-plugin-x-socialsharing (SocialSharing-PhoneGap-Plugin) for Android 6.0.4,...
|
MEDIUM | 6.2 | 2025-12-15 |
eddyverbruggen cordova_social_sharing
|
CVE NVD | |
| CVE-2025-66434 |
An SSTI (Server-Side Template Injection) vulnerability exists in the get_dunning_letter_text method ...
|
HIGH | 8.8 | 2025-12-15 |
frappe erpnext
|
CVE NVD | |
| CVE-2025-66435 |
An SSTI (Server-Side Template Injection) vulnerability exists in the get_contract_template method of...
|
MEDIUM | 4.3 | 2025-12-15 |
frappe erpnext
|
CVE NVD | |
| CVE-2025-66436 |
An SSTI (Server-Side Template Injection) vulnerability exists in the get_terms_and_conditions method...
|
MEDIUM | 4.3 | 2025-12-15 |
frappe erpnext
|
CVE NVD | |
| CVE-2025-66437 |
An SSTI (Server-Side Template Injection) vulnerability exists in the get_address_display method of F...
|
HIGH | 8.8 | 2025-12-15 |
frappe erpnext
|
CVE NVD | |
| CVE-2025-66438 |
A Server-Side Template Injection (SSTI) vulnerability exists in the Frappe ERPNext through 15.89.0 P...
|
CRITICAL | 9.8 | 2025-12-15 |
frappe erpnext
|
CVE NVD | |
| CVE-2025-66439 |
An issue was discovered in Frappe ERPNext through 15.89.0. Function get_outstanding_reference_docume...
|
CRITICAL | 9.8 | 2025-12-15 |
frappe erpnext
|
CVE NVD | |
| CVE-2025-66440 |
An issue was discovered in Frappe ERPNext through 15.89.0. Function get_outstanding_reference_docume...
|
CRITICAL | 9.8 | 2025-12-15 |
frappe erpnext
|
CVE NVD | |
| CVE-2025-66843 |
grav before v1.7.49.5 has a Stored Cross-Site Scripting (Stored XSS) vulnerability in the page editi...
|
MEDIUM | 5.4 | 2025-12-15 |
getgrav grav
|
CVE NVD | |
| CVE-2025-66844 |
In grav <1.7.49.5, a SSRF (Server-Side Request Forgery) vector may be triggered via Twig templates w...
|
CRITICAL | 9.1 | 2025-12-15 |
getgrav grav
|
CVE NVD | |
| CVE-2025-66963 |
An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via ...
|
MEDIUM | 5.5 | 2025-12-15 |
hitrontech hi3120_firmware
|
CVE NVD | |
| CVE-2025-67809 |
An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A hardcoded Flickr API key and ...
|
MEDIUM | 4.7 | 2025-12-15 |
zimbra collaboration
|
CVE NVD | |
| CVE-2025-67901 |
openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client to c...
|
MEDIUM | 5.3 | 2025-12-14 |
kristapsdz openrsync
|
CVE NVD | |
| CVE-2025-14692 |
Mayan EDMS authentication redirect
|
MEDIUM | 5.3 | 2025-12-14 |
Mayan EDMS
Mayan EDMS
|
CVE NVD |