漏洞列表 - 漏洞数据展示平台

快速搜索提示： 按厂商查询（如：microsoft）| 按产品查询（如：microsoft sql_server）

搜索关键词支持模糊搜索，但速度较慢

严重程度

数据源

排序

常用厂商： microsoft cisco google apple oracle

示例： microsoft sql_server cisco ios apache http_server

漏洞列表 352999

CVE ID	标题	严重程度	CVSS	发布时间	受影响产品	数据源
CVE-2025-14111	Rarlab RAR App com.rarlab.rar path traversal	LOW	2.3	2025-12-05	Rarlab RAR App rarlab rar	CVE NVD
CVE-2025-34291	Langflow <= 1.6.9 CORS Misconfiguration to Token Hijack & RCE	CRITICAL	9.4	2025-12-05	Langflow Langflow langflow langflow	CVE NVD
CVE-2025-14108	ZSPACE Q2C NAS HTTP POST Request open zfilev2_api.OpenSafe command injection	HIGH	8.7	2025-12-05	ZSPACE Q2C NAS zspace q2c_nas_firmware	CVE NVD
CVE-2025-14107	ZSPACE Q2C NAS HTTP POST Request status zfilev2_api.SafeStatus command injection	HIGH	8.7	2025-12-05	ZSPACE Q2C NAS zspace q2c_nas_firmware	CVE NVD
CVE-2025-14106	ZSPACE Q2C NAS HTTP POST Request close zfilev2_api.CloseSafe command injection	HIGH	8.7	2025-12-05	ZSPACE Q2C NAS zspace q2c_nas_firmware	CVE NVD
CVE-2025-13426	Improper Sandboxing in Google Apigee's JavaCallout Policy Allows for Remote Code Execution	HIGH	8.7	2025-12-05	Google Cloud Apigee hybrid Javacallout policy	CVE NVD
CVE-2025-14105	TOZED ZLT M30S/ZLT M30S PRO Web proc_post denial of service	MEDIUM	5.3	2025-12-05	TOZED ZLT M30S TOZED ZLT M30S +2个	CVE NVD
CVE-2025-8148	CVE-2025-8148 Improper Access Control in SFTP service of GoAnywhere MFT	MEDIUM	4.2	2025-12-05	Fortra GoAnywhere MFT fortra goanywhere_managed_file_transfer	CVE NVD
CVE-2025-46603	Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction of...	HIGH	7.0	2025-12-05	Dell CloudBoost Virtual Appliance dell cloudboost_virtual_appliance	CVE NVD
CVE-2025-66624	BACnet Stack 缓冲区错误漏洞	HIGH	7.5	2025-12-05	bacnet-stack bacnet-stack	CVE NVD +1
CVE-2025-66623	Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands	HIGH	7.4	2025-12-05	strimzi strimzi-kafka-operator	CVE NVD
CVE-2025-66581	Frappe LMS is Missing Server-Side Authorization in Business Logic	LOW	1.3	2025-12-05	frappe lms frappe learning	CVE NVD
CVE-2025-66577	cpp-httplib Untrusted HTTP Header Handling: X-Forwarded-For/X-Real-IP Trust	MEDIUM	5.3	2025-12-05	yhirose cpp-httplib yhirose cpp-httplib	CVE NVD
CVE-2025-66570	cpp-httplib Untrusted HTTP Header Handling: Internal Header Shadowing (REMOTE/LOCAL)	CRITICAL	10.0	2025-12-05	yhirose cpp-httplib yhirose cpp-httplib	CVE NVD
CVE-2025-66566	LZ4 Java 安全漏洞	HIGH	8.2	2025-12-05	yawkat lz4-java	CVE NVD +1
CVE-2025-66562	TUUI vulnerable to Remote Code Execution (RCE) via XSS in Markdown ECharts Rendering	HIGH	8.9	2025-12-05	AI-QL tuui	CVE NVD
CVE-2025-66558	Nextcloud Twofactor WebAuthn app was updated based on public key	LOW	3.1	2025-12-05	nextcloud security-advisories nextcloud security-advisories +1个	CVE NVD
CVE-2025-66556	Nextcloud talk allows participants to blindly delete poll drafts of other users by ID	LOW	3.5	2025-12-05	nextcloud security-advisories nextcloud security-advisories +1个	CVE NVD
CVE-2025-66554	Nextcloud Contacts vulnerable to Stored XSS in contacts app via organisation and title field	LOW	3.5	2025-12-05	nextcloud security-advisories nextcloud security-advisories +2个	CVE NVD
CVE-2025-66549	Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory	LOW	2.4	2025-12-05	nextcloud security-advisories nextcloud desktop	CVE NVD

耗时统计

总耗时:	234.31 ms
构建查询耗时:	0.0 ms
统计耗时:	226.18 ms
获取数据耗时:	7.48 ms
数据转换耗时:	0.65 ms

数据统计

匹配文档数:	352999
返回文档数:	20
当前页码:	455
每页数量:	20
跳过记录数:	9080

查询详情

查询集合:	`uni_vulnerabilities`
使用过滤器:	否
搜索关键词:	-
严重程度:	-
数据源:	-
效率分析:	良好查询速度正常

优化建议：

匹配文档数量很大（352999），建议使用更精确的搜索条件
当前未使用任何过滤条件，查询全部数据可能较慢

漏洞列表 352999

参考链接