快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353043
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-64527 |
Envoy crashes when JWT authentication is configured with the remote JWKS fetching
|
MEDIUM | 6.5 | 2025-12-03 |
envoyproxy envoy
envoyproxy envoy
+3个
|
CVE NVD | |
| CVE-2025-64443 |
DNS Rebinding vulnerability present when running MCP Gateway in sse or streaming mode
|
HIGH | 7.3 | 2025-12-03 |
docker mcp-gateway
|
CVE NVD | |
| CVE-2025-54065 |
GZDoom engine allows arbitrary code execution via ZScript actor states
|
HIGH | 7.8 | 2025-12-03 |
ZDoom gzdoom
|
CVE NVD | |
| CVE-2025-20388 |
Blind Server Side Request Forgery (SSRF) through Distributed Search Peers in Splunk Enterprise
|
LOW | 2.7 | 2025-12-03 |
Splunk Splunk Enterprise
Splunk Splunk Cloud Platform
+3个
|
CVE NVD | |
| CVE-2025-20389 |
Improper Input Validation in "label" column field in Splunk Secure Gateway App
|
MEDIUM | 4.3 | 2025-12-03 |
Splunk Splunk Enterprise
Splunk Splunk Cloud Platform
+4个
|
CVE NVD | |
| CVE-2025-20387 |
Incorrect permissions assignment on Splunk Universal Forwarder for Windows during new installation or upgrade
|
HIGH | 8.0 | 2025-12-03 |
Splunk Splunk Enterprise
splunk splunk
|
CVE NVD | |
| CVE-2025-20383 |
Improper access control through push notifications for reports and alerts in Splunk Secure Gateway app
|
MEDIUM | 4.3 | 2025-12-03 |
Splunk Splunk Enterprise
Splunk Splunk Cloud Platform
+4个
|
CVE NVD | |
| CVE-2025-20384 |
Unauthenticated Log Injection in Splunk Enterprise
|
MEDIUM | 5.3 | 2025-12-03 |
Splunk Splunk Enterprise
Splunk Splunk Cloud Platform
+3个
|
CVE NVD | |
| CVE-2025-20386 |
Incorrect permission assignment on Splunk Enterprise for Windows during new installation or upgrade
|
HIGH | 8.0 | 2025-12-03 |
Splunk Splunk Enterprise
splunk splunk
|
CVE NVD | |
| CVE-2025-20385 |
Stored Cross-Site scripting (XSS) through Anchor Tag "href" in Navigation Bar Collections in Splunk Enterprise
|
LOW | 2.4 | 2025-12-03 |
Splunk Splunk Enterprise
Splunk Splunk Cloud Platform
+2个
|
CVE NVD | |
| CVE-2025-20381 |
SPL commands allowlist controls bypass in Splunk MCP Server app through "run_splunk_query" MCP tool
|
MEDIUM | 5.4 | 2025-12-03 |
Splunk Splunk MCP Server
|
CVE NVD | |
| CVE-2025-20382 |
URL validation bypass through Views Dashboard in Splunk Enterprise
|
LOW | 3.5 | 2025-12-03 |
Splunk Splunk Enterprise
Splunk Splunk Cloud Platform
+2个
|
CVE NVD | |
| CVE-2025-34319 |
TOTOLINK N300RT <= V2.1.8-B20201030.1539 Boa formWsc RCE
|
CRITICAL | 9.3 | 2025-12-03 |
TOTOLINK N300RT
|
CVE NVD | |
| CVE-2024-32643 |
Masa CMS vulnerable to authentication bypass with /tag/
|
HIGH | 7.5 | 2025-12-03 |
MasaCMS MasaCMS
MasaCMS MasaCMS
+2个
|
CVE NVD | |
| CVE-2024-32642 |
Host header poisoning allows account takeover via password reset email
|
HIGH | 8.8 | 2025-12-03 |
MasaCMS MasaCMS
MasaCMS MasaCMS
+2个
|
CVE NVD | |
| CVE-2025-13492 |
HP Image Assistant - Potential Escalation of Privilege
|
MEDIUM | 5.4 | 2025-12-03 |
HP Inc HP Image Assistant
hp image_assistant
|
CVE NVD | |
| CVE-2024-32641 |
Masa CMS Vulnerable to Pre-Auth RCE via JSON API
|
CRITICAL | 9.8 | 2025-12-03 |
MasaCMS MasaCMS
MasaCMS MasaCMS
+2个
|
CVE NVD | |
| CVE-2025-13751 |
Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on ...
|
LOW | 1.3 | 2025-12-03 |
OpenVPN OpenVPN
openvpn openvpn
+1个
|
CVE NVD | |
| CVE-2025-7044 |
Privilege Escalation in MAAS via Websocket Request Manipulation
|
HIGH | 7.7 | 2025-12-03 |
Ubuntu MAAS
canonical maas
|
CVE NVD | |
| CVE-2025-55182 |
A pre-authentication remote code execution vulnerability exists in React Server Components versions ...
|
CRITICAL | 10.0 | 2025-12-03 |
Meta react-server-dom-webpack
Meta react-server-dom-turbopack
+9个
|
CVE NVD |