快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353084
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-13809 |
orionsec orion-ops SSH Connection MachineInfoController.java server-side request forgery
|
MEDIUM | 5.3 | 2025-12-01 |
orionsec orion-ops
orionsec orion-ops
|
CVE NVD | |
| CVE-2025-13808 |
orionsec orion-ops User Profile UserController.java update improper authorization
|
MEDIUM | 6.9 | 2025-12-01 |
orionsec orion-ops
orionsec orion-ops
|
CVE NVD | |
| CVE-2025-13807 |
orionsec orion-ops API MachineKeyController.java MachineKeyController improper authorization
|
MEDIUM | 5.3 | 2025-12-01 |
orionsec orion-ops
orionsec orion-ops
|
CVE NVD | |
| CVE-2025-13806 |
nutzam NutzBoot Transaction API EthModule.java improper authorization
|
MEDIUM | 6.9 | 2025-12-01 |
nutzam NutzBoot
nutzam nutzboot
|
CVE NVD | |
| CVE-2025-13805 |
nutzam NutzBoot LiteRpc-Serializer HttpServletRpcEndpoint.java getInputStream deserialization
|
MEDIUM | 6.3 | 2025-12-01 |
nutzam NutzBoot
|
CVE NVD | |
| CVE-2025-13804 |
nutzam NutzBoot Ethereum Wallet EthModule.java information disclosure
|
MEDIUM | 5.3 | 2025-12-01 |
nutzam NutzBoot
|
CVE NVD | |
| CVE-2025-13803 |
MediaCrush Header paths.py http headers for scripting syntax
|
MEDIUM | 6.9 | 2025-12-01 |
未知
|
CVE NVD | |
| CVE-2025-13802 |
jairiidriss RestaurantWebsite Make a Reservation cross site scripting
|
MEDIUM | 5.3 | 2025-12-01 |
jairiidriss RestaurantWebsite
|
CVE NVD | |
| CVE-2025-13800 |
ADSLR NBR1005GPEV2 send_order.cgi set_mesh_disconnect command injection
|
MEDIUM | 5.3 | 2025-12-01 |
ADSLR NBR1005GPEV2
adslr b-qe2w401_firmware
|
CVE NVD | |
| CVE-2025-13799 |
ADSLR NBR1005GPEV2 send_order.cgi ap_macfilter_del command injection
|
MEDIUM | 5.3 | 2025-12-01 |
ADSLR NBR1005GPEV2
adslr b-qe2w401_firmware
|
CVE NVD | |
| CVE-2025-13798 |
ADSLR NBR1005GPEV2 send_order.cgi ap_macfilter_add command injection
|
MEDIUM | 5.3 | 2025-12-01 |
ADSLR NBR1005GPEV2
adslr b-qe2w401_firmware
|
CVE NVD | |
| CVE-2025-64772 |
The installer of INZONE Hub 1.0.10.3 to 1.0.17.0 contains an issue with the DLL search path, which m...
|
HIGH | 8.4 | 2025-12-01 |
Sony Corporation INZONE Hub
|
CVE NVD | |
| CVE-2025-13797 |
ADSLR B-QE2W401 send_order.cgi parameterdel_swifimac command injection
|
MEDIUM | 5.3 | 2025-12-01 |
ADSLR B-QE2W401
adslr b-qe2w401_firmware
|
CVE NVD | |
| CVE-2024-32384 |
Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTT...
|
MEDIUM | 6.8 | 2025-12-01 |
kerlink keros
|
CVE NVD | |
| CVE-2024-32388 |
Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept s...
|
MEDIUM | 5.3 | 2025-12-01 |
kerlink keros
|
CVE NVD | |
| CVE-2024-39148 |
The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing...
|
HIGH | 8.1 | 2025-12-01 |
kerlink keros
|
CVE NVD | |
| CVE-2024-56089 |
An issue in Technitium through v13.2.2 enables attackers to conduct a DNS cache poisoning attack and...
|
HIGH | 7.5 | 2025-12-01 |
technitium dnsserver
|
CVE NVD | |
| CVE-2025-51682 |
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the cli...
|
CRITICAL | 9.8 | 2025-12-01 |
mjobtime mjobtime
|
CVE NVD | |
| CVE-2025-51683 |
A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to e...
|
CRITICAL | 9.8 | 2025-12-01 |
mjobtime mjobtime
|
CVE NVD | |
| CVE-2025-57489 |
Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers...
|
HIGH | 8.1 | 2025-12-01 |
shirt-pocket superduper\!
|
CVE NVD |