快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353084
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-65084 |
Out-of-bounds Write in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share
|
HIGH | 8.4 | 2025-11-25 |
Ashlar-Vellum Cobalt
Ashlar-Vellum Xenon
+8个
|
CVE NVD | |
| CVE-2025-13483 |
Missing Authentication for Critical Function in SiRcom SMART Alert (SiSA)
|
HIGH | 8.8 | 2025-11-25 |
SiRcom SMART Alert (SiSA
|
CVE NVD | |
| CVE-2025-13467 |
Org.keycloak.storage.ldap: keycloak: deserialization of untrusted data in ldap user federation
|
MEDIUM | 5.5 | 2025-11-25 |
Keycloak Keycloak
Red Hat Red Hat build of Keycloak 26.2
+3个
|
CVE NVD | |
| CVE-2025-40890 |
Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0
|
MEDIUM | 5.8 | 2025-11-25 |
Nozomi Networks Guardian
Nozomi Networks CMC
|
CVE NVD | |
| CVE-2025-0248 |
HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability,
|
HIGH | 8.1 | 2025-11-25 |
HCL Software iNotes
|
CVE NVD | |
| CVE-2025-36134 |
IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure
|
LOW | 3.7 | 2025-11-25 |
IBM Sterling B2B Integrator
IBM Sterling File Gateway
+4个
|
CVE NVD | |
| CVE-2025-13502 |
Webkit: webkitgtk / wpe webkit: out-of-bounds read and integer underflow vulnerability leading to dos
|
HIGH | 7.5 | 2025-11-25 |
The WebKitGTK Team webkitgtk
Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support
+16个
|
CVE NVD | |
| CVE-2025-59372 |
A path traversal vulnerability has been identified in certain router models. A remote, authenticated...
|
MEDIUM | 6.9 | 2025-11-25 |
ASUS Router
ASUS Router
+1个
|
CVE NVD | |
| CVE-2025-59371 |
An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remot...
|
HIGH | 7.5 | 2025-11-25 |
ASUS Router
ASUS Router
+1个
|
CVE NVD | |
| CVE-2025-59370 |
A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker cou...
|
HIGH | 7.5 | 2025-11-25 |
ASUS Router
ASUS Router
+1个
|
CVE NVD | |
| CVE-2025-59369 |
A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could l...
|
MEDIUM | 5.9 | 2025-11-25 |
ASUS Router
ASUS Router
+1个
|
CVE NVD | |
| CVE-2025-59368 |
An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may tri...
|
MEDIUM | 6.0 | 2025-11-25 |
ASUS Router
ASUS Router
+1个
|
CVE NVD | |
| CVE-2025-12003 |
A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote...
|
HIGH | 8.2 | 2025-11-25 |
ASUS Router
ASUS Router
+1个
|
CVE NVD | |
| CVE-2025-12587 |
Peer Publish <= 1.0 - Cross-Site Request Forgery
|
MEDIUM | 4.3 | 2025-11-25 |
webgarh Peer Publish
|
CVE NVD | |
| CVE-2025-13385 |
Bookme <= 4.2 - Authenticated (Admin+) SQL Injection via 'filter[status]' Parameter
|
MEDIUM | 4.9 | 2025-11-25 |
bylancer Bookme – Free Online Appointment Booking and Scheduling Plugin
|
CVE NVD | |
| CVE-2025-12634 |
Refund Request for WooCommerce <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Refund Status Update
|
MEDIUM | 4.3 | 2025-11-25 |
sunarc Refund Request for WooCommerce
|
CVE NVD | |
| CVE-2025-13370 |
ProjectList <= 0.3.0 - Authenticated (Editor+) SQL Injection via 'id' Parameter
|
MEDIUM | 4.9 | 2025-11-25 |
ov3rkll ProjectList
|
CVE NVD | |
| CVE-2025-13311 |
Just Highlight <= 1.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Highlight Color' Setting
|
MEDIUM | 4.4 | 2025-11-25 |
sigalitam Just Highlight
|
CVE NVD | |
| CVE-2025-12645 |
Inline frame – Iframe <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-25 |
karthiksg Inline frame – Iframe
|
CVE NVD | |
| CVE-2025-13405 |
Ace Post Type Builder <= 1.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Custom Taxonomy Deletion via 'taxonomy' Parameter
|
MEDIUM | 5.3 | 2025-11-25 |
buywptemplates Ace Post Type Builder
|
CVE NVD |