快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353043
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-65097 |
Insecure Direct Object Reference (IDOR) Allows Unauthorized Deletion of User Collections
|
HIGH | 7.1 | 2025-12-03 |
rommapp romm
|
CVE NVD | |
| CVE-2025-65096 |
RomM Insecure Direct Object Reference (IDOR) Allows Unauthorized Access to Private Collections
|
MEDIUM | 5.3 | 2025-12-03 |
rommapp romm
|
CVE NVD | |
| CVE-2025-12385 |
Improper validation of <img> tag size in Text component parser
|
HIGH | 8.7 | 2025-12-03 |
The Qt Company Qt
|
CVE NVD | |
| CVE-2025-61727 |
Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
|
MEDIUM | 6.5 | 2025-12-03 |
Go standard library crypto/x509
golang go
|
CVE NVD | |
| CVE-2025-65027 |
RomM Chained XSS and CSRF Vulnerabilities Enable Admin Account Takeover
|
HIGH | 7.6 | 2025-12-03 |
rommapp romm
|
CVE NVD | |
| CVE-2025-66453 |
Rhino vulnerable high CPU usage and potential DoS when passing specific numbers to toFixed() function
|
MEDIUM | 5.5 | 2025-12-03 |
mozilla rhino
mozilla rhino
+1个
|
CVE NVD | |
| CVE-2025-66411 |
Coder logged sensitive objects unsanitized
|
HIGH | 7.8 | 2025-12-03 |
coder coder
coder coder
+1个
|
CVE NVD | |
| CVE-2025-66406 |
Improper Authorization Check for SSH Certificate Revocation
|
MEDIUM | 5.0 | 2025-12-03 |
smallstep certificates
|
CVE NVD | |
| CVE-2025-13992 |
Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 a...
|
MEDIUM | 4.7 | 2025-12-03 |
Google Chrome
google chrome
|
CVE NVD | |
| CVE-2025-12819 |
Untrusted search path in auth_query connection in PgBouncer
|
HIGH | 7.5 | 2025-12-03 |
pgbouncer pgbouncer
|
CVE NVD | |
| CVE-2025-12084 |
Quadratic complexity in node ID cache clearing
|
MEDIUM | 6.3 | 2025-12-03 |
Python Software Foundation CPython
python python
+1个
|
CVE NVD | |
| CVE-2024-3884 |
Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded
|
HIGH | 7.5 | 2025-12-03 |
Red Hat Red Hat JBoss Enterprise Application Platform 8
Red Hat Red Hat JBoss Enterprise Application Platform 8.0
+22个
|
CVE NVD | |
| CVE-2025-66222 |
DeepChat Cross-Site Scripting(XSS) escalate to Remote Code Execution(RCE)
|
CRITICAL | 9.7 | 2025-12-03 |
ThinkInAIXYZ deepchat
thinkinai deepchat
|
CVE NVD | |
| CVE-2025-66220 |
Envoy’s TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byte
|
MEDIUM | 5.0 | 2025-12-03 |
envoyproxy envoy
envoyproxy envoy
+3个
|
CVE NVD | |
| CVE-2025-66208 |
Configuration-Dependent RCE (OS Command Injection) in richdocumentscode proxy
|
HIGH | 7.2 | 2025-12-03 |
CollaboraOnline online
collabora online
|
CVE NVD | |
| CVE-2025-33208 |
NVIDIA TAO contains a vulnerability where an attacker may cause a resource to be loaded via an uncon...
|
HIGH | 8.8 | 2025-12-03 |
NVIDIA TAO
nvidia tao_toolkit
|
CVE NVD | |
| CVE-2025-66032 |
Claude Code Command Validation Bypass Allows Arbitrary Code Execution
|
HIGH | 8.7 | 2025-12-03 |
anthropics claude-code
anthropic claude_code
|
CVE NVD | |
| CVE-2025-33211 |
NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper vali...
|
HIGH | 7.5 | 2025-12-03 |
NVIDIA Triton Inference Server
nvidia triton_inference_server
|
CVE NVD | |
| CVE-2025-33201 |
NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause an improper chec...
|
HIGH | 7.5 | 2025-12-03 |
NVIDIA Triton Inference Server
nvidia triton_inference_server
|
CVE NVD | |
| CVE-2025-64763 |
Envoy forwards early CONNECT data in TCP proxy mode
|
LOW | 3.7 | 2025-12-03 |
envoyproxy envoy
envoyproxy envoy
+3个
|
CVE NVD |