漏洞列表 - 漏洞数据展示平台

快速搜索提示： 按厂商查询（如：microsoft）| 按产品查询（如：microsoft sql_server）

搜索关键词支持模糊搜索，但速度较慢

严重程度

数据源

排序

常用厂商： microsoft cisco google apple oracle

示例： microsoft sql_server cisco ios apache http_server

漏洞列表 352749

CVE ID	标题	严重程度	CVSS	发布时间	受影响产品	数据源
CVE-2025-14522	baowzh hfly upload_json.php unrestricted upload	MEDIUM	5.3	2025-12-11	baowzh hfly baowzh hfly	CVE NVD
CVE-2025-14521	baowzh hfly download path traversal	MEDIUM	5.3	2025-12-11	baowzh hfly baowzh hfly	CVE NVD
CVE-2025-14520	baowzh hfly delfile path traversal	MEDIUM	5.3	2025-12-11	baowzh hfly baowzh hfly	CVE NVD
CVE-2025-67742	In JetBrains TeamCity before 2025.11 path traversal was possible via file upload	LOW	3.8	2025-12-11	JetBrains TeamCity jetbrains teamcity	CVE NVD
CVE-2025-67741	In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute	MEDIUM	4.8	2025-12-11	JetBrains TeamCity jetbrains teamcity	CVE NVD
CVE-2025-67740	In JetBrains TeamCity before 2025.11 improper access control could expose GitHub App token's metadat...	LOW	2.7	2025-12-11	JetBrains TeamCity jetbrains teamcity	CVE NVD
CVE-2025-67739	In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths ...	LOW	3.1	2025-12-11	JetBrains TeamCity jetbrains teamcity	CVE NVD
CVE-2025-14519	baowzh hfly advtext add cross site scripting	MEDIUM	5.1	2025-12-11	baowzh hfly baowzh hfly	CVE NVD
CVE-2025-14518	PowerJob Network Request PingPongUtils.java checkConnectivity server-side request forgery	MEDIUM	5.3	2025-12-11	powerjob powerjob	CVE NVD
CVE-2025-13124	IDOR in Netiket''s ApplyLogic	HIGH	7.6	2025-12-11	Netiket Information Technologies Ltd. Co. ApplyLogic	CVE NVD
CVE-2025-14265	Improper server-side validation in ScreenConnect extension framework	CRITICAL	9.1	2025-12-11	ConnectWise ScreenConnect connectwise screenconnect	CVE NVD
CVE-2024-40593	A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7...	MEDIUM	5.9	2025-12-11	Fortinet FortiPortal Fortinet FortiAnalyzer +12个	CVE NVD
CVE-2025-14517	Yalantis uCrop AndroidManifest.xml UCropActivity improper export of android application components	MEDIUM	4.8	2025-12-11	Yalantis uCrop	CVE NVD
CVE-2025-14516	Yalantis uCrop URL com.yalantis.ucrop.task.BitmapLoadTask.java downloadFile server-side request forgery	MEDIUM	5.3	2025-12-11	Yalantis uCrop	CVE NVD
CVE-2025-14523	Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)	HIGH	8.2	2025-12-11	Red Hat Red Hat Enterprise Linux 10 Red Hat Red Hat Enterprise Linux 6 +3个	CVE NVD
CVE-2025-13003	IDOR in Aksis Computer's AxOnboard	HIGH	7.6	2025-12-11	Aksis Computer Services and Consulting Inc. AxOnboard	CVE NVD
CVE-2025-14515	Campcodes Supplier Management System add_unit.php sql injection	MEDIUM	6.9	2025-12-11	Campcodes Supplier Management System campcodes supplier_management_system	CVE NVD
CVE-2025-14514	Campcodes Supplier Management System add_distributor.php sql injection	MEDIUM	6.9	2025-12-11	Campcodes Supplier Management System campcodes supplier_management_system	CVE NVD
CVE-2025-64995	Privilege Escalation via Process Hijacking in 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction	MEDIUM	6.5	2025-12-11	TeamViewer DEX teamviewer digital_employee_experience	CVE NVD
CVE-2025-64994	Privilege Escalation via Uncontrolled Search Path in 1E-Nomad-SetWorkRate instruction	MEDIUM	6.5	2025-12-11	TeamViewer DEX teamviewer digital_employee_experience	CVE NVD

耗时统计

总耗时:	242.79 ms
构建查询耗时:	0.0 ms
统计耗时:	235.23 ms
获取数据耗时:	6.45 ms
数据转换耗时:	1.1 ms

数据统计

匹配文档数:	352749
返回文档数:	20
当前页码:	374
每页数量:	20
跳过记录数:	7460

查询详情

查询集合:	`uni_vulnerabilities`
使用过滤器:	否
搜索关键词:	-
严重程度:	-
数据源:	-
效率分析:	良好查询速度正常

优化建议：

匹配文档数量很大（352749），建议使用更精确的搜索条件
当前未使用任何过滤条件，查询全部数据可能较慢

漏洞列表 352749

参考链接