快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353262
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-11963 |
Reflected XSS in Saysis's StarCities
|
MEDIUM | 5.4 | 2025-11-19 |
Saysis Computer Systems Trade Ltd. Co. StarCities
|
CVE NVD | |
| CVE-2025-0421 |
iFrame Injection in Mikrogrup's Shopside
|
MEDIUM | 4.7 | 2025-11-19 |
Shopside Software Technologies Inc. Shopside
|
CVE NVD | |
| CVE-2024-8528 |
ALC WebCTRL Carrier i-Vu Reflected XSS due to unsanitized parameter
|
MEDIUM | 5.4 | 2025-11-19 |
Automated Logic WebCtrl
Carrier i-Vu
|
CVE NVD | |
| CVE-2024-8527 |
ALC WebCTRL Carrier i-Vu Open Redirect via URL parameter
|
HIGH | 8.6 | 2025-11-19 |
Automated Logic WebCtrl
Carrier i-Vu
|
CVE NVD | |
| CVE-2025-12592 |
Use of default login credentials in Legacy Vivotek Devices
|
CRITICAL | 9.3 | 2025-11-19 |
Vivotek Affected device model numbers are FD7131-VVTK,FD7131-VVTK,FD7131-VVTK,FD7141-VVTK,IP7131-VVTK,IP7133-VVTK,IP7133-VVTK,IP7133-VVTK,IP7134-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7138-VVTK,IP7142-VVTK,IP7142-VVTK,IP7151-VVTK,IP7152-VVTK,IP7153-VVTK,IP7153-VVTK,IP7154-VVTK,IP7330-VVTK,IP7330-VVTK,IP7330-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131W-VVTK,PT7135-VVTK,PT7137-TCON,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PZ7131-VVTK,PZ7131-VVTK,PZ71X1-VVTK,PZ71X1-VVTK,PZ71X2-VVTK,SD73X3-VVTK,SD73X3-VVTK,SD73X3-VVTK,TC5330-VVTK,TC5332-TCVV,TC5333-TCVV,TC5633-TCVV,TC5633-VVTK,VS7100-VVTK,VS7100-VVTK,VS7100-VVTK
Vivotek Affected device model numbers are FD7131-VVTK,FD7131-VVTK,FD7131-VVTK,FD7141-VVTK,IP7131-VVTK,IP7133-VVTK,IP7133-VVTK,IP7133-VVTK,IP7134-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7138-VVTK,IP7142-VVTK,IP7142-VVTK,IP7151-VVTK,IP7152-VVTK,IP7153-VVTK,IP7153-VVTK,IP7154-VVTK,IP7330-VVTK,IP7330-VVTK,IP7330-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131W-VVTK,PT7135-VVTK,PT7137-TCON,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PZ7131-VVTK,PZ7131-VVTK,PZ71X1-VVTK,PZ71X1-VVTK,PZ71X2-VVTK,SD73X3-VVTK,SD73X3-VVTK,SD73X3-VVTK,TC5330-VVTK,TC5332-TCVV,TC5333-TCVV,TC5633-TCVV,TC5633-VVTK,VS7100-VVTK,VS7100-VVTK,VS7100-VVTK
+29个
|
CVE NVD | |
| CVE-2025-10437 |
SQLi in Exagate's Webpack Management System
|
CRITICAL | 9.8 | 2025-11-19 |
Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System
|
CVE NVD | |
| CVE-2025-13395 |
codehub666 94list function.php login sql injection
|
MEDIUM | 6.9 | 2025-11-19 |
codehub666 94list
|
CVE NVD | |
| CVE-2025-64408 |
Apache Causeway: Java deserialization vulnerability to authenticated attackers
|
MEDIUM | 6.3 | 2025-11-19 |
Apache Software Foundation Apache Causeway
apache causeway
+1个
|
CVE NVD | |
| CVE-2025-12472 |
Remote Code Execution in Looker due to Improperly Validated Directory Deletion
|
HIGH | 7.1 | 2025-11-19 |
Google Cloud Looker
|
CVE NVD | |
| CVE-2025-58412 |
A improper neutralization of script-related html tags in a web page (basic xss) vulnerability in For...
|
MEDIUM | 4.2 | 2025-11-19 |
Fortinet FortiADC
fortinet fortiadc
+1个
|
CVE NVD | |
| CVE-2025-11230 |
Denial of service vulnerability in HAProxy mjson library
|
HIGH | 7.5 | 2025-11-19 |
HAProxy Technologies HAProxy Community Edition
haproxy aloha_appliance
+7个
|
CVE NVD | |
| CVE-2025-11446 |
Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manage...
|
HIGH | 7.3 | 2025-11-19 |
upKeeper Solutions upKeeper Manager
upkeeper upkeeper_manager
|
CVE NVD | |
| CVE-2025-13035 |
Code Snippets <= 3.9.1 - Authenticated (Contributor+) PHP Code Injection via extract() and PHP Filter Chains
|
HIGH | 8.0 | 2025-11-19 |
codesnippetspro Code Snippets
|
CVE NVD | |
| CVE-2025-13206 |
GiveWP - Donation Plugin and Fundraising Platform <= 4.13.0 - Unauthenticated Stored Cross-Site Scripting via 'name'
|
HIGH | 7.2 | 2025-11-19 |
stellarwp GiveWP – Donation Plugin and Fundraising Platform
givewp givewp
|
CVE NVD | |
| CVE-2025-12484 |
Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers <= 1.12.19 - Unauthenticated Stored Cross-Site Scripting
|
HIGH | 7.2 | 2025-11-19 |
smub Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers
|
CVE NVD | |
| CVE-2025-11243 |
Allocation of Resources Without Limits or Throttling in Shelly Pro 4PM
|
HIGH | 8.3 | 2025-11-19 |
Shelly Pro 4PM
|
CVE NVD | |
| CVE-2025-12056 |
Out-of-bounds Read in Shelly Pro 3EM
|
HIGH | 8.3 | 2025-11-19 |
Shelly Pro 3EM
|
CVE NVD | |
| CVE-2025-12535 |
SureForms <= 1.13.1 - Cross-Site Request Forgery Protection Bypass via Improper Nonce Distribution
|
MEDIUM | 5.3 | 2025-11-19 |
brainstormforce SureForms – Contact Form, Custom Form Builder, Calculator & More
|
CVE NVD | |
| CVE-2025-13085 |
SiteSEO – SEO Simplified <= 1.3.2 - Insecure Direct Object Reference to Sensitive Post Meta Disclosure
|
MEDIUM | 4.3 | 2025-11-19 |
softaculous SiteSEO – SEO Simplified
|
CVE NVD | |
| CVE-2025-12057 |
WavePlayer < 3.8.0 - Unauthenticated Arbitrary File Upload
|
CRITICAL | 9.8 | 2025-11-19 |
Unknown WavePlayer
|
CVE NVD |