快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352749
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-56127 |
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitra...
|
HIGH | 8.8 | 2025-12-11 |
ruijie rg-bcr600w_firmware
|
CVE NVD | |
| CVE-2025-56129 |
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrar...
|
HIGH | 8.8 | 2025-12-11 |
ruijie rg-bcr860_firmware
|
CVE NVD | |
| CVE-2025-56130 |
OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH_3.0(1)B11P230 allowing attackers t...
|
HIGH | 8.8 | 2025-12-11 |
ruijie rg-nbs5100-24gt4sfp_firmware
ruijie rg-s1930_firmware
|
CVE NVD | |
| CVE-2025-59802 |
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content ...
|
HIGH | 7.5 | 2025-12-11 |
foxit pdf_editor
foxit pdf_editor
+6个
|
CVE NVD | |
| CVE-2025-59803 |
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can e...
|
MEDIUM | 5.3 | 2025-12-11 |
foxit pdf_editor
foxit pdf_editor
+6个
|
CVE NVD | |
| CVE-2025-65471 |
An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 ...
|
HIGH | 8.8 | 2025-12-11 |
easyimages2.0_project easyimages2.0
|
CVE NVD | |
| CVE-2025-65472 |
A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 a...
|
HIGH | 8.8 | 2025-12-11 |
easyimages2.0_project easyimages2.0
|
CVE NVD | |
| CVE-2025-65473 |
An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 an...
|
CRITICAL | 9.1 | 2025-12-11 |
easyimages2.0_project easyimages2.0
|
CVE NVD | |
| CVE-2025-65474 |
An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 ...
|
HIGH | 8.8 | 2025-12-11 |
easyimages2.0_project easyimages2.0
|
CVE NVD | |
| CVE-2025-66429 |
An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the Te...
|
HIGH | 8.8 | 2025-12-11 |
cpanel cpanel
|
CVE NVD | |
| CVE-2025-66918 |
edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting (XSS) in admin/add-sessi...
|
HIGH | 8.8 | 2025-12-11 |
hashenudara edoc-doctor-appointment-system
|
CVE NVD | |
| CVE-2025-67648 |
Shopware's inproper input validation can lead to Reflected XSS through Storefront Login Page
|
HIGH | 7.1 | 2025-12-10 |
shopware shopware
shopware shopware
|
CVE NVD | |
| CVE-2025-67646 |
TableProgressTracking's missing CSRF protection allows unauthorized state changes
|
LOW | 3.5 | 2025-12-10 |
Telepedia TableProgressTracking
|
CVE NVD | |
| CVE-2025-67644 |
LangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list method
|
HIGH | 7.3 | 2025-12-10 |
langchain-ai langgraph
|
CVE NVD | |
| CVE-2025-67511 |
Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool
|
CRITICAL | 9.7 | 2025-12-10 |
aliasrobotics cai
|
CVE NVD | |
| CVE-2025-67509 |
MySQLSelectTool Read-Only Bypass via SELECT INTO OUTFILE Allows Arbitrary File Write
|
HIGH | 8.2 | 2025-12-10 |
neuron-core neuron-ai
|
CVE NVD | |
| CVE-2025-67510 |
MySQLWriteTool allows arbitrary/destructive SQL when exposed to untrusted prompts (agent “footgun”)
|
CRITICAL | 9.4 | 2025-12-10 |
neuron-core neuron-ai
|
CVE NVD | |
| CVE-2025-67513 |
FreePBX Endpoint Manager 安全漏洞
|
MEDIUM | 6.9 | 2025-12-10 |
FreePBX security-reporting
FreePBX security-reporting
|
CVE NVD +1 | |
| CVE-2025-67505 |
Race condition in the Okta Java SDK
|
HIGH | 8.4 | 2025-12-10 |
okta okta-sdk-java
|
CVE NVD | |
| CVE-2025-67490 |
Auth0 Next.js SDK has Improper Request Caching Lookup
|
MEDIUM | 5.4 | 2025-12-10 |
auth0 nextjs-auth0
auth0 nextjs-auth0
|
CVE NVD |