快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353262
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-51746 |
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /serialNumber/addSerialNumber endpoint is v...
|
CRITICAL | 9.8 | 2025-11-25 |
jishenghua jsherp
|
CVE NVD | |
| CVE-2025-60739 |
Cross Site Request Forgery (CSRF) vulnerability in Ilevia EVE X1 Server Firmware Version v4.7.18.0.e...
|
CRITICAL | 9.6 | 2025-11-25 |
ilevia eve_x1_server_firmware
|
CVE NVD | |
| CVE-2025-61167 |
SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opac_css...
|
MEDIUM | 6.5 | 2025-11-25 |
sigb pmb
|
CVE NVD | |
| CVE-2025-61168 |
An issue in the cms_rest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary c...
|
CRITICAL | 9.8 | 2025-11-25 |
sigb pmb
|
CVE NVD | |
| CVE-2025-63729 |
An issue was discovered in Syrotech SY-GPON-1110-WDONT SYRO_3.7L_3.1.02-240517 allowing attackers to...
|
CRITICAL | 9.0 | 2025-11-25 |
syrotech sy-gpon-1110-wdont_firmware
|
CVE NVD | |
| CVE-2025-63735 |
A reflected Cross site scripting (XSS) vulnerability in Ruckus Unleashed 200.13.6.1.319 via the name...
|
MEDIUM | 6.1 | 2025-11-25 |
ruckuswireless ruckus_unleashed
|
CVE NVD | |
| CVE-2025-64049 |
A stored cross-site scripting (XSS) vulnerability in the module management component in REDAXO CMS 5...
|
MEDIUM | 4.8 | 2025-11-25 |
redaxo redaxo
|
CVE NVD | |
| CVE-2025-64050 |
A Remote Code Execution (RCE) vulnerability in the template management component in REDAXO CMS 5.20....
|
HIGH | 7.2 | 2025-11-25 |
redaxo redaxo
|
CVE NVD | |
| CVE-2025-64061 |
Primakon Pi Portal 1.0.18 /api/v2/users endpoint is vulnerable to unauthorized data exposure due to ...
|
MEDIUM | 4.3 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-64062 |
The Primakon Pi Portal 1.0.18 /api/V2/pp_users?email endpoint is used for user data filtering but la...
|
HIGH | 8.8 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-64063 |
Primakon Pi Portal 1.0.18 API endpoints fail to enforce sufficient authorization checks when process...
|
CRITICAL | 9.8 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-64064 |
Primakon Pi Portal 1.0.18 /api/v2/pp_users endpoint fails to adequately check user permissions befor...
|
HIGH | 8.8 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-64065 |
The Primakon Pi Portal 1.0.18 API /api/V2/pp_udfv_admin endpoint, fails to perform necessary server-...
|
HIGH | 8.8 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-64066 |
Primakon Pi Portal 1.0.18 REST /api/v2/user/register endpoint suffers from a Broken Access Control v...
|
HIGH | 8.6 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-64067 |
Primakon Pi Portal 1.0.18 API endpoints responsible for retrieving object-specific or filtered data ...
|
MEDIUM | 5.3 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-65647 |
Insecure Direct Object Reference (IDOR) in the Track order function in PHPGURUKUL Online Shopping Po...
|
MEDIUM | 4.3 | 2025-11-25 |
phpgurukul online_shopping_portal
|
CVE NVD | |
| CVE-2025-62155 |
QuantumNous New API Has SSRF Bypass
|
HIGH | 8.5 | 2025-11-24 |
QuantumNous new-api
|
CVE NVD | |
| CVE-2025-65018 |
libpng 缓冲区错误漏洞
|
HIGH | 7.1 | 2025-11-24 |
pnggroup libpng
libpng libpng
|
CVE NVD +1 | |
| CVE-2025-64720 |
LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication
|
HIGH | 7.1 | 2025-11-24 |
pnggroup libpng
libpng libpng
|
CVE NVD | |
| CVE-2025-64506 |
LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images
|
MEDIUM | 6.1 | 2025-11-24 |
pnggroup libpng
libpng libpng
|
CVE NVD |