快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353262
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-13551 |
D-Link DIR-822K/DWR-M920 formWanConfigSetup buffer overflow
|
HIGH | 8.7 | 2025-11-23 |
D-Link DIR-822K
D-Link DIR-822K
+4个
|
CVE NVD | |
| CVE-2025-13550 |
D-Link DIR-822K/DWR-M920 formVpnConfigSetup buffer overflow
|
HIGH | 8.7 | 2025-11-23 |
D-Link DIR-822K
D-Link DIR-822K
+4个
|
CVE NVD | |
| CVE-2025-13549 |
D-Link DIR-822K formNtp sub_455524 buffer overflow
|
HIGH | 8.7 | 2025-11-23 |
D-Link DIR-822K
dlink dir-822k_firmware
|
CVE NVD | |
| CVE-2025-13548 |
D-Link DIR-822K/DWR-M920 formFirewallAdv buffer overflow
|
HIGH | 8.7 | 2025-11-23 |
D-Link DIR-822K
D-Link DIR-822K
+4个
|
CVE NVD | |
| CVE-2025-13547 |
D-Link DIR-822K/DWR-M920 formDdns memory corruption
|
HIGH | 8.7 | 2025-11-23 |
D-Link DIR-822K
D-Link DIR-822K
+4个
|
CVE NVD | |
| CVE-2025-13546 |
ashraf-kabir travel-agency Search results.php sql injection
|
MEDIUM | 5.3 | 2025-11-23 |
ashraf-kabir travel-agency
ashraf-kabir travel-agency
|
CVE NVD | |
| CVE-2025-13545 |
ashraf-kabir travel-agency index.php sql injection
|
MEDIUM | 5.1 | 2025-11-23 |
ashraf-kabir travel-agency
ashraf-kabir travel-agency
|
CVE NVD | |
| CVE-2025-13544 |
ashraf-kabir travel-agency customer_register.php unrestricted upload
|
MEDIUM | 5.3 | 2025-11-23 |
ashraf-kabir travel-agency
ashraf-kabir travel-agency
|
CVE NVD | |
| CVE-2025-13526 |
OneClick Chat to Order <= 1.0.8 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure
|
HIGH | 7.5 | 2025-11-22 |
walterpinem OneClick Chat to Order
|
CVE NVD | |
| CVE-2025-13318 |
Booking Calendar Contact Form <= 1.2.60 - Missing Authorization to Unauthenticated Arbitrary Booking Confirmation via 'dex_bccf_ipn' Parameter
|
MEDIUM | 5.3 | 2025-11-22 |
codepeople Booking Calendar Contact Form
|
CVE NVD | |
| CVE-2025-13136 |
GSheetConnector For Ninja Forms <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) System Information Exposure
|
MEDIUM | 4.3 | 2025-11-22 |
westerndeal GSheetConnector For Ninja Forms
|
CVE NVD | |
| CVE-2025-12877 |
IDonate – Blood Donation, Request And Donor Management System <= 2.1.15 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
|
MEDIUM | 5.3 | 2025-11-22 |
themeatelier IDonate – Blood Donation, Request And Donor Management System
themeatelier idonate
|
CVE NVD | |
| CVE-2025-12752 |
Subscriptions & Memberships for PayPal <= 1.1.7 - Unauthenticated Fake Payment Creation
|
MEDIUM | 5.3 | 2025-11-22 |
scottpaterson Subscriptions & Memberships for PayPal
|
CVE NVD | |
| CVE-2025-13384 |
CP Contact Form with PayPal <= 1.3.56 - Missing Authorization to Unauthenticated Arbitrary Payment Confirmation
|
HIGH | 7.5 | 2025-11-22 |
codepeople CP Contact Form with PayPal
|
CVE NVD | |
| CVE-2025-13317 |
Appointment Booking Calendar <= 1.3.96 - Missing Authorization to Arbitrary Booking Confirmation via 'cpabc_ipncheck' Parameter
|
MEDIUM | 5.3 | 2025-11-22 |
codepeople Appointment Booking Calendar
|
CVE NVD | |
| CVE-2025-11186 |
Cookie Notice & Compliance for GDPR / CCPA <= 2.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-22 |
humanityco Cookie Notice & Compliance for GDPR / CCPA
|
CVE NVD | |
| CVE-2025-12889 |
TLS 1.2 Client Can Downgrade Digest Used
|
LOW | 2.3 | 2025-11-21 |
wolfSSL wolfSSL
wolfssl wolfssl
|
CVE NVD | |
| CVE-2025-11932 |
Timing Side-Channel in PSK Binder Verification
|
LOW | 2.3 | 2025-11-21 |
wolfSSL wolfSSL
wolfssl wolfssl
|
CVE NVD | |
| CVE-2025-11931 |
Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt
|
LOW | 2.1 | 2025-11-21 |
wolfSSL wolfSSL
wolfssl wolfssl
|
CVE NVD | |
| CVE-2025-12888 |
Constant Time Issue with Xtensa-based ESP32 and X22519
|
LOW | 1.0 | 2025-11-21 |
wolfSSL wolfSSL
wolfssl wolfssl
|
CVE NVD |