快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353043
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-66572 |
Loaded Commerce 6.6 Client-Side Template Injection(CSTI)
|
MEDIUM | 6.9 | 2025-12-04 |
loadedcommerce Loaded Commerce
|
CVE NVD | |
| CVE-2025-66571 |
UNA CMS 9.0.0-RC1 - 14.0.0-RC4 PHP Object Injection
|
CRITICAL | 9.3 | 2025-12-04 |
Unknown UNA CMS
|
CVE NVD | |
| CVE-2025-66555 |
AirKeyboard iOS App 1.0.5 - Remote Input Injection
|
HIGH | 8.8 | 2025-12-04 |
airkeyboardapp AirKeyboard iOS App
|
CVE NVD | |
| CVE-2024-58278 |
IndigoSTAR Software - perl2exe <= V30.10C - Arbitrary Code Execution
|
HIGH | 8.5 | 2025-12-04 |
IndigoSTAR Software perl2exe
|
CVE NVD | |
| CVE-2024-58277 |
R Radio Network FM Transmitter 1.07 System Settings Disclosure
|
HIGH | 8.7 | 2025-12-04 |
R Radio Network Radio Network FM Transmitter
|
CVE NVD | |
| CVE-2024-58276 |
Obi08-Enrollment System 1.0 login.php SQL Injection
|
HIGH | 8.7 | 2025-12-04 |
Obi08/Enrollment System Obi08/Enrollment System
|
CVE NVD | |
| CVE-2024-58275 |
Easywall 0.3.1 - Authentication Bypass via Command Injection in /ports-save Endpoint
|
HIGH | 8.7 | 2025-12-04 |
jpylypiw Easywall
|
CVE NVD | |
| CVE-2023-53735 |
WEBIGniter 28.7.23 Cross-Site Scripting (XSS) in User Creation Process
|
MEDIUM | 5.3 | 2025-12-04 |
WEBIGniter WEBIGniter
|
CVE NVD | |
| CVE-2023-53734 |
dawa-pharma-1.0 - SQL Injection via Email Parameter
|
HIGH | 8.7 | 2025-12-04 |
mayurik dawa-pharma
|
CVE NVD | |
| CVE-2025-27935 |
Authentication Bypass in OTP (One-time Passcode) IdP Adapter Integration Kit
|
HIGH | 8.6 | 2025-12-04 |
Ping Identity One-Time Passcode Integration Kit for PingFederate
|
CVE NVD | |
| CVE-2025-13543 |
PostGallery <= 1.12.5 - Authenticated (Subscriber+) Arbitrary File Upload
|
HIGH | 8.8 | 2025-12-04 |
rtowebsites PostGallery
|
CVE NVD | |
| CVE-2025-12997 |
Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authent...
|
LOW | 2.2 | 2025-12-04 |
Medtronic CareLink Network
medtronic carelink_network
|
CVE NVD | |
| CVE-2025-12996 |
Medtronic CareLink Network allows a local attacker with access to log files on an internal API serve...
|
MEDIUM | 4.1 | 2025-12-04 |
Medtronic CareLink Network
medtronic carelink_network
|
CVE NVD | |
| CVE-2025-12995 |
Medtronic CareLink Network allows an unauthenticated remote attacker to perform a brute force attack...
|
HIGH | 8.1 | 2025-12-04 |
Medtronic CareLink Network
medtronic carelink_network
|
CVE NVD | |
| CVE-2025-12994 |
Medtronic CareLink Network allows an unauthenticated remote attacker to initiate a request for secur...
|
MEDIUM | 5.3 | 2025-12-04 |
Medtronic CareLink Network
medtronic carelink_network
|
CVE NVD | |
| CVE-2025-65958 |
Open WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in /api/v1/retrieval/process/web
|
HIGH | 8.5 | 2025-12-04 |
open-webui open-webui
openwebui open_webui
|
CVE NVD | |
| CVE-2025-12097 |
There is a relative path traversal vulnerability in the NI System Web Server that may result in info...
|
HIGH | 8.7 | 2025-12-04 |
NI LabVIEW
|
CVE NVD | |
| CVE-2025-65945 |
auth0/node-jws improper HMAC signature verification vulnerability
|
HIGH | 7.5 | 2025-12-04 |
auth0 node-jws
auth0 node-jws
|
CVE NVD | |
| CVE-2025-14016 |
macrozheng mall-swarm delete improper authorization
|
MEDIUM | 5.3 | 2025-12-04 |
macrozheng mall-swarm
macrozheng mall-swarm
+3个
|
CVE NVD | |
| CVE-2025-14015 |
H3C Magic B0 aspForm EditWlanMacList buffer overflow
|
HIGH | 8.7 | 2025-12-04 |
H3C Magic B0
h3c magic_b0_firmware
|
CVE NVD |