快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353262
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-11676 |
UPnP DOS in TL-WR940N V6
|
HIGH | 7.1 | 2025-11-20 |
TP-Link System Inc. TL-WR940N V6
|
CVE NVD | |
| CVE-2025-62346 |
HCL Glovius Cloud is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability
|
MEDIUM | 6.8 | 2025-11-20 |
HCL Software Glovius Cloud
|
CVE NVD | |
| CVE-2025-64984 |
Kaspersky has fixed a security issue in Kaspersky Endpoint Security for Linux (any version with anti...
|
MEDIUM | 5.1 | 2025-11-20 |
Kaspersky Kaspersky Endpoint Security
Kaspersky Kaspersky Endpoint Security
+2个
|
CVE NVD | |
| CVE-2025-5092 |
Multiple Plugins and Themes <= (Various Versions) - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via lightGallery JavaScript Library
|
MEDIUM | 6.4 | 2025-11-20 |
lightgalleryteam LightGallery WP
tplugins TP WooCommerce Product Gallery
+6个
|
CVE NVD | |
| CVE-2025-12502 |
Attention Bar <= 0.7.2.1 - Admin+ SQLi
|
MEDIUM | 6.8 | 2025-11-20 |
Unknown attention-bar
|
CVE NVD | |
| CVE-2025-12778 |
Ultimate Member Widgets for Elementor <= 2.3 - Missing Authorization to Unauthenticated Information Exposure
|
MEDIUM | 5.3 | 2025-11-20 |
userelements Ultimate Member Widgets for Elementor – WordPress User Directory
|
CVE NVD | |
| CVE-2025-13451 |
SourceCodester Online Shop Project action.php sql injection
|
MEDIUM | 6.9 | 2025-11-20 |
SourceCodester Online Shop Project
oretnom23 online_shop_project
|
CVE NVD | |
| CVE-2025-13450 |
SourceCodester Online Shop Project register.php cross site scripting
|
MEDIUM | 5.1 | 2025-11-20 |
SourceCodester Online Shop Project
oretnom23 online_shop_project
|
CVE NVD | |
| CVE-2025-13449 |
code-projects Online Shop Project login.php sql injection
|
MEDIUM | 6.9 | 2025-11-20 |
code-projects Online Shop Project
oretnom23 online_shop_project
|
CVE NVD | |
| CVE-2025-13446 |
Tenda AC21 SetSysTimeCfg stack-based overflow
|
HIGH | 8.7 | 2025-11-20 |
Tenda AC21
tenda ac21_firmware
|
CVE NVD | |
| CVE-2025-13445 |
Tenda AC21 SetIpMacBind stack-based overflow
|
HIGH | 8.7 | 2025-11-20 |
Tenda AC21
tenda ac21_firmware
|
CVE NVD | |
| CVE-2025-13443 |
macrozheng mall delete access control
|
MEDIUM | 5.3 | 2025-11-20 |
macrozheng mall
macrozheng mall
+3个
|
CVE NVD | |
| CVE-2025-13442 |
UTT 进取 750W formPdbUpConfig system command injection
|
MEDIUM | 6.9 | 2025-11-20 |
UTT 进取 750W
utt 750w_firmware
|
CVE NVD | |
| CVE-2025-13435 |
Dreampie Resty HttpClient HttpClient.java request path traversal
|
MEDIUM | 6.3 | 2025-11-20 |
Dreampie Resty
dreampie resty
|
CVE NVD | |
| CVE-2025-13434 |
jameschz Hush Framework HTTP Host Header Util.php http headers for scripting syntax
|
MEDIUM | 6.9 | 2025-11-20 |
jameschz Hush Framework
jameschz hush
|
CVE NVD | |
| CVE-2025-13433 |
Muse Group MuseHub Windows Service Muse.Updater.exe unquoted search path
|
HIGH | 7.3 | 2025-11-20 |
Muse Group MuseHub
|
CVE NVD | |
| CVE-2025-13424 |
Campcodes Supplier Management System add_product.php sql injection
|
MEDIUM | 5.1 | 2025-11-20 |
Campcodes Supplier Management System
campcodes supplier_management_system
|
CVE NVD | |
| CVE-2025-25613 |
FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless. A...
|
HIGH | 7.5 | 2025-11-20 |
fs s3150-8t2f_firmware
|
CVE NVD | |
| CVE-2025-52410 |
Institute-of-Current-Students v1.0 contains a time-based blind SQL injection vulnerability in the my...
|
CRITICAL | 9.8 | 2025-11-20 |
vishalmathur institute-of-current-students
|
CVE NVD | |
| CVE-2025-60737 |
Cross Site Scripting vulnerability in Ilevia EVE X1 Server Firmware Version<= 4.7.18.0.eden:Logic Ve...
|
MEDIUM | 6.1 | 2025-11-20 |
ilevia eve_x1_server_firmware
|
CVE NVD |