快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353084
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-65404 |
A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attac...
|
MEDIUM | 6.5 | 2025-12-01 |
live555 streaming_media
|
CVE NVD | |
| CVE-2025-65405 |
A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media...
|
MEDIUM | 6.5 | 2025-12-01 |
live555 streaming_media
|
CVE NVD | |
| CVE-2025-65406 |
A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Med...
|
MEDIUM | 6.5 | 2025-12-01 |
live555 streaming_media
|
CVE NVD | |
| CVE-2025-65407 |
A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v20...
|
MEDIUM | 6.5 | 2025-12-01 |
live555 streaming_media
|
CVE NVD | |
| CVE-2025-65408 |
A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of...
|
MEDIUM | 6.5 | 2025-12-01 |
live555 streaming_media
|
CVE NVD | |
| CVE-2025-65621 |
Snipe-IT before 8.3.4 allows stored XSS, allowing a low-privileged authenticated user to inject Java...
|
MEDIUM | 5.4 | 2025-12-01 |
snipeitapp snipe-it
|
CVE NVD | |
| CVE-2025-65622 |
Snipe-IT before 8.3.4 allows stored XSS via the Locations "Country" field, enabling a low-privileged...
|
MEDIUM | 5.4 | 2025-12-01 |
snipeitapp snipe-it
|
CVE NVD | |
| CVE-2025-65836 |
PublicCMS V5.202506.b is vulnerable to SSRF. in the chat interface of SimpleAiAdminController.
|
CRITICAL | 9.1 | 2025-12-01 |
publiccms publiccms
|
CVE NVD | |
| CVE-2025-65838 |
PublicCMS V5.202506.b is vulnerable to path traversal via the doUploadSitefile method.
|
HIGH | 7.5 | 2025-12-01 |
publiccms publiccms
|
CVE NVD | |
| CVE-2025-65840 |
PublicCMS V5.202506.b is vulnerable to Cross Site Request Forgery (CSRF) in the CkEditorAdminControl...
|
HIGH | 8.8 | 2025-12-01 |
publiccms publiccms
|
CVE NVD | |
| CVE-2025-13796 |
deco-cx apps Parameter analyticsScript.ts AnalyticsScript server-side request forgery
|
MEDIUM | 5.3 | 2025-11-30 |
deco-cx apps
deco-cx apps
|
CVE NVD | |
| CVE-2025-13795 |
codingWithElias School Management System Edit Student Info student-view.php cross site scripting
|
MEDIUM | 4.8 | 2025-11-30 |
codingWithElias School Management System
|
CVE NVD | |
| CVE-2025-35028 |
HexStrike AI MCP Server Command Injection
|
CRITICAL | 9.1 | 2025-11-30 |
0x4m4 HexStrike AI
|
CVE NVD | |
| CVE-2025-13793 |
winston-dsouza Ecommerce-Website GET Parameter header_menu.php cross site scripting
|
MEDIUM | 5.3 | 2025-11-30 |
winston-dsouza Ecommerce-Website
|
CVE NVD | |
| CVE-2025-13792 |
Qualitor getResumo.php eval code injection
|
MEDIUM | 6.9 | 2025-11-30 |
未知
|
CVE NVD | |
| CVE-2025-13791 |
Scada-LTS Project Import ZIPProjectManager.java Common.getHomeDir path traversal
|
MEDIUM | 5.3 | 2025-11-30 |
scada-lts scada-lts
|
CVE NVD | |
| CVE-2025-13790 |
Scada-LTS cross-site request forgery
|
MEDIUM | 5.3 | 2025-11-30 |
scada-lts scada-lts
|
CVE NVD | |
| CVE-2025-13789 |
ZenTao model.php makeRequest server-side request forgery
|
MEDIUM | 5.3 | 2025-11-30 |
zentao zentao
|
CVE NVD | |
| CVE-2025-13788 |
Chanjet CRM upgradeattribute.php sql injection
|
MEDIUM | 6.9 | 2025-11-30 |
Chanjet CRM
chanjet chanjet_crm
|
CVE NVD | |
| CVE-2025-13787 |
ZenTao File control.php delete privileges management
|
MEDIUM | 5.3 | 2025-11-30 |
zentao zentao
|
CVE NVD |