快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353084
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-13538 |
FindAll Listing <= 1.0.5 - Unauthenticated Privilege Escalation
|
CRITICAL | 9.8 | 2025-11-27 |
Elated Themes FindAll Listing
|
CVE NVD | |
| CVE-2025-3784 |
Information Disclosure Vulnerability in GX Works2
|
MEDIUM | 5.5 | 2025-11-27 |
Mitsubishi Electric Corporation GX Works2
|
CVE NVD | |
| CVE-2025-13762 |
Client-Side Denial of Service Condition in SWS Extension prior to version 2.2.30305
|
MEDIUM | 4.8 | 2025-11-27 |
CyberArk CyberArk Secure Web Sessions Extension
|
CVE NVD | |
| CVE-2025-34351 |
NOT_EXTRACTED
|
LOW | -1.0 | 2025-11-27 |
未知
|
CVE NVD | |
| CVE-2025-12713 |
Soundslides <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundslides Shortcode
|
MEDIUM | 6.4 | 2025-11-27 |
wpoets Soundslides
|
CVE NVD | |
| CVE-2025-12670 |
wp-twitpic <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-27 |
realin wp-twitpic
|
CVE NVD | |
| CVE-2025-12649 |
SortTable Post <= 4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-27 |
sscovil SortTable Post
|
CVE NVD | |
| CVE-2025-12579 |
Reuters Direct <= 3.0.0 - Missing Authorization to Unauthenticated Settings Reset
|
MEDIUM | 5.3 | 2025-11-27 |
rnags Reuters Direct
|
CVE NVD | |
| CVE-2025-12712 |
Shouty <= 0.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via shouty Shortcode Attributes
|
MEDIUM | 6.4 | 2025-11-27 |
gungorbudak Shouty
|
CVE NVD | |
| CVE-2025-12666 |
Google Drive upload and download link <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-27 |
oscaruh Google Drive upload and download link
|
CVE NVD | |
| CVE-2025-12578 |
Reuters Direct <= 3.0.0 - Cross-Site Request Forgery to Settings Reset
|
MEDIUM | 4.3 | 2025-11-27 |
rnags Reuters Direct
|
CVE NVD | |
| CVE-2025-66314 |
Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Func...
|
HIGH | 7.5 | 2025-11-27 |
ZTE ElasticNet UME R32
|
CVE NVD | |
| CVE-2024-5540 |
ALC WebCTRL Carrier i-Vu Reflected Cross-Site Scripting
|
MEDIUM | 6.9 | 2025-11-27 |
Automated Logic WebCTRL
Carrier i-Vu
|
CVE NVD | |
| CVE-2024-5539 |
ALC WebCTRL Carrier i-Vu Access Control Bypass
|
CRITICAL | 9.2 | 2025-11-27 |
Automated Logic WebCTRL
Carrier i-Vu
|
CVE NVD | |
| CVE-2025-0657 |
ALC WebCTRL Carrier i-Vu and Gen5 Controllers Array Index out-of-range
|
HIGH | 8.8 | 2025-11-27 |
Automated Logic WebCtrl
Automated Logic Gen5 Controllers
+1个
|
CVE NVD | |
| CVE-2025-0658 |
Automated Logic and Carrier Zone Controllers malformed packets denial of service
|
HIGH | 8.7 | 2025-11-27 |
Automated Logic Zone Controllers
Carrier Zone Controllers
|
CVE NVD | |
| CVE-2025-66359 |
An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output...
|
HIGH | 8.5 | 2025-11-27 |
Logpoint SIEM
logpoint siem
|
CVE NVD | |
| CVE-2025-66360 |
An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exp...
|
MEDIUM | 6.9 | 2025-11-27 |
Logpoint SIEM
logpoint siem
|
CVE NVD | |
| CVE-2025-66361 |
An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Process...
|
MEDIUM | 6.9 | 2025-11-27 |
Logpoint SIEM
logpoint siem
|
CVE NVD | |
| CVE-2025-66040 |
Spotipy has a XSS vulnerability in OAuth callback server
|
LOW | 3.6 | 2025-11-26 |
spotipy-dev spotipy
|
CVE NVD |