快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353571
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-63889 |
The fetch function in file thinkphp\library\think\Template.php in ThinkPHP 5.0.24 allows attackers t...
|
HIGH | 7.5 | 2025-11-20 |
thinkphp thinkphp
|
CVE NVD | |
| CVE-2025-64027 |
Snipe-IT v8.3.4 (build 20218) contains a reflected cross-site scripting (XSS) vulnerability in the C...
|
MEDIUM | 6.1 | 2025-11-20 |
snipeitapp snipe-it
|
CVE NVD | |
| CVE-2025-65220 |
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow in: /goform/SetVirtualServerCfg via the lis...
|
MEDIUM | 4.3 | 2025-11-20 |
tenda ac21_firmware
|
CVE NVD | |
| CVE-2025-65221 |
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the list parameter of /goform/setPptpUs...
|
MEDIUM | 4.3 | 2025-11-20 |
tenda ac21_firmware
|
CVE NVD | |
| CVE-2025-65222 |
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the rebootTime parameter of /goform/Set...
|
MEDIUM | 4.3 | 2025-11-20 |
tenda ac21_firmware
|
CVE NVD | |
| CVE-2025-65223 |
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls parameter of /goform/saveParen...
|
MEDIUM | 4.3 | 2025-11-20 |
tenda ac21_firmware
|
CVE NVD | |
| CVE-2025-65226 |
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the deviceId parameter in /goform/saveP...
|
MEDIUM | 4.3 | 2025-11-20 |
tenda ac21_firmware
|
CVE NVD | |
| CVE-2025-62349 |
SaltStack Salt 安全漏洞
|
UNKNOWN | N/A | 2025-11-20 |
Salt Project Salt
|
CNNVD CVE +1 | |
| CVE-2025-13423 |
Campcodes Retro Basketball Shoes Online Store admin_product.php unrestricted upload
|
MEDIUM | 5.1 | 2025-11-19 |
Campcodes Retro Basketball Shoes Online Store
campcodes retro_basketball_shoes_online_store
|
CVE NVD | |
| CVE-2025-13422 |
freeprojectscodes Sports Club Management System change_s_pwd.php sql injection
|
MEDIUM | 6.9 | 2025-11-19 |
freeprojectscodes Sports Club Management System
darkseid sports_club_management_system
|
CVE NVD | |
| CVE-2025-13421 |
itsourcecode Human Resource Management System NoticeStore.php sql injection
|
MEDIUM | 6.9 | 2025-11-19 |
itsourcecode Human Resource Management System
angeljudesuarez human_resource_management_system
|
CVE NVD | |
| CVE-2025-13420 |
itsourcecode Human Resource Management System EventStore.php sql injection
|
MEDIUM | 6.9 | 2025-11-19 |
itsourcecode Human Resource Management System
angeljudesuarez human_resource_management_system
|
CVE NVD | |
| CVE-2025-13415 |
icret EasyImages SVG Image upload.php cross site scripting
|
MEDIUM | 5.1 | 2025-11-19 |
icret EasyImages
icret EasyImages
+6个
|
CVE NVD | |
| CVE-2025-11001 |
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability
|
HIGH | 7.0 | 2025-11-19 |
7-Zip 7-Zip
7-zip 7-zip
|
CVE NVD | |
| CVE-2025-11884 |
Cross-site Scripting vulnerability discovered in OpenText™ Universal Discovery and CMDB
|
LOW | 2.3 | 2025-11-19 |
OpenText™ uCMDB
|
CVE NVD | |
| CVE-2025-13412 |
Campcodes Retro Basketball Shoes Online Store admin_running.php cross site scripting
|
MEDIUM | 4.8 | 2025-11-19 |
Campcodes Retro Basketball Shoes Online Store
campcodes retro_basketball_shoes_online_store
|
CVE NVD | |
| CVE-2025-13147 |
External Service Interaction (DNS)
|
MEDIUM | 5.3 | 2025-11-19 |
Progress MOVEit Transfer
progress moveit_transfer
|
CVE NVD | |
| CVE-2025-47914 |
Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent
|
MEDIUM | 5.3 | 2025-11-19 |
golang.org/x/crypto golang.org/x/crypto/ssh/agent
golang crypto
|
CVE NVD | |
| CVE-2025-58181 |
Unbounded memory consumption in golang.org/x/crypto/ssh
|
MEDIUM | 5.3 | 2025-11-19 |
golang.org/x/crypto golang.org/x/crypto/ssh
golang crypto
|
CVE NVD | |
| CVE-2025-13411 |
Campcodes Retro Basketball Shoes Online Store admin_football.php unrestricted upload
|
MEDIUM | 5.1 | 2025-11-19 |
Campcodes Retro Basketball Shoes Online Store
campcodes retro_basketball_shoes_online_store
|
CVE NVD |