快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353262
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-64505 |
LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index
|
MEDIUM | 6.1 | 2025-11-24 |
pnggroup libpng
libpng libpng
|
CVE NVD | |
| CVE-2025-10144 |
Perfect Brands for WooCommerce <= 3.6.2 - Authenticated (Contributor+) SQL Injection
|
MEDIUM | 6.5 | 2025-11-24 |
quadlayers Perfect Brands for WooCommerce
|
CVE NVD | |
| CVE-2025-29933 |
Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potent...
|
MEDIUM | 5.5 | 2025-11-24 |
AMD AMD μProf
amd uprof
|
CVE NVD | |
| CVE-2025-48511 |
Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physi...
|
MEDIUM | 5.5 | 2025-11-24 |
AMD AMD μProf
amd uprof
|
CVE NVD | |
| CVE-2025-48510 |
Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially result...
|
HIGH | 7.1 | 2025-11-24 |
AMD AMD μProf
amd uprof
|
CVE NVD | |
| CVE-2025-52538 |
Improper input validation within the XOCL driver may allow a local attacker to generate an integer o...
|
HIGH | 8.0 | 2025-11-24 |
AMD Xilinx Run Time (XRT)
|
CVE NVD | |
| CVE-2025-0003 |
Inadequate lock protection within Xilinx Run time may allow a local attacker to trigger a Use-After-...
|
HIGH | 7.3 | 2025-11-24 |
AMD Xilinx Run Time (XRT)
|
CVE NVD | |
| CVE-2025-0007 |
Insufficient validation within Xilinx Run Time framework could allow a local attacker to escalate pr...
|
MEDIUM | 5.7 | 2025-11-24 |
AMD Xilinx Run Time (XRT)
|
CVE NVD | |
| CVE-2023-7330 |
Ruijie Networks NBR Routers Unauthenticated Arbitrary File Upload via fileupload.php
|
CRITICAL | 9.3 | 2025-11-24 |
Beijing Star-Net Ruijie Network Technology Co., Ltd. NBR Series Routers
|
CVE NVD | |
| CVE-2024-14007 |
TVT NVMS-9000 < 1.3.4 Unauthenticated Administrative Queries & Information Disclosure
|
HIGH | 8.7 | 2025-11-24 |
Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000
|
CVE NVD | |
| CVE-2018-25126 |
TVT NVMS-9000 Hard-coded API Credentials & Command Injection
|
CRITICAL | 9.3 | 2025-11-24 |
Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000
|
CVE NVD | |
| CVE-2025-36150 |
IBM Concert Information Disclosure
|
MEDIUM | 5.9 | 2025-11-24 |
IBM Concert
ibm concert
|
CVE NVD | |
| CVE-2025-0005 |
Improper input validation within the XOCL driver may allow a local attacker to generate an integer o...
|
HIGH | 7.3 | 2025-11-24 |
AMD Xilinx Run Time (XRT)
|
CVE NVD | |
| CVE-2025-52539 |
A buffer overflow with Xilinx Run Time Environment may allow a local attacker to read or corrupt dat...
|
HIGH | 7.3 | 2025-11-24 |
AMD Xilinx Run Time (XRT)
|
CVE NVD | |
| CVE-2025-13466 |
body-parser vulnerable to denial of service when url encoding is used
|
MEDIUM | 5.5 | 2025-11-24 |
body-parser body-parser
|
CVE NVD | |
| CVE-2025-36112 |
IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure
|
MEDIUM | 5.3 | 2025-11-24 |
IBM Sterling B2B Integrator
IBM Sterling File Gateway
+4个
|
CVE NVD | |
| CVE-2025-13609 |
Keylime: keylime: registrar allows identity takeover via duplicate uuid registration
|
HIGH | 8.2 | 2025-11-24 |
Keylime Project keylime
Red Hat Red Hat Enterprise Linux 10
+4个
|
CVE NVD | |
| CVE-2025-40213 |
Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete
|
MEDIUM | -1.0 | 2025-11-24 |
Linux Linux
Linux Linux
|
CVE NVD | |
| CVE-2025-10555 |
Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x
|
HIGH | 8.7 | 2025-11-24 |
Dassault Systèmes DELMIA Service Process Engineer
|
CVE NVD | |
| CVE-2025-10554 |
Stored Cross-site Scripting (XSS) vulnerability affecting Requirements in ENOVIA Product Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x
|
HIGH | 8.7 | 2025-11-24 |
Dassault Systèmes ENOVIA Product Manager
3ds 3dexperience_enovia
|
CVE NVD |