快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353571
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-65020 |
Rallly Has Unauthorized Poll Duplication via Insecure Direct Object Reference (IDOR)
|
MEDIUM | 6.5 | 2025-11-19 |
lukevella rallly
rallly rallly
|
CVE NVD | |
| CVE-2025-65028 |
Rallly Has an IDOR Vulnerability in Vote Update Endpoint Allows Unauthorized Manipulation of Participant Votes
|
MEDIUM | 6.5 | 2025-11-19 |
lukevella rallly
rallly rallly
|
CVE NVD | |
| CVE-2025-64708 |
authentik invitation expiry is delayed by at least 5 minutes
|
MEDIUM | 5.8 | 2025-11-19 |
goauthentik authentik
goauthentik authentik
+1个
|
CVE NVD | |
| CVE-2025-64521 |
authentik deactivated service accounts can authenticate to OAuth
|
MEDIUM | 4.8 | 2025-11-19 |
goauthentik authentik
goauthentik authentik
+1个
|
CVE NVD | |
| CVE-2025-13400 |
Tenda CH22 WrlExtraGet formWrlExtraGet buffer overflow
|
HIGH | 8.7 | 2025-11-19 |
Tenda CH22
tenda ch22_firmware
|
CVE NVD | |
| CVE-2025-12743 |
SQL Injection in Looker Project Generation Endpoint Allows Access to Internal MySQL Database
|
MEDIUM | 6.0 | 2025-11-19 |
Google Cloud Looker
|
CVE NVD | |
| CVE-2025-64765 |
Astro middleware authentication checks based on url.pathname can be bypassed via url encoded values
|
MEDIUM | 6.9 | 2025-11-19 |
withastro astro
astro astro
|
CVE NVD | |
| CVE-2025-64764 |
Astro is vulnerable to Reflected XSS via the server islands feature
|
HIGH | 7.1 | 2025-11-19 |
withastro astro
astro astro
|
CVE NVD | |
| CVE-2025-65019 |
Astro Cloudflare adapter has a Stored Cross Site Scripting vulnerability in /_image endpoint
|
MEDIUM | 5.4 | 2025-11-19 |
withastro astro
astro astro
|
CVE NVD | |
| CVE-2025-64757 |
Astro Development Server is Vulnerable to Arbitrary Local File Read
|
LOW | 3.5 | 2025-11-19 |
withastro astro
astro astro
|
CVE NVD | |
| CVE-2025-34335 |
AudioCodes Fax/IVR Appliance <= 2.6.23 Authenticated Command Injection via ActivateLicense.php
|
HIGH | 8.7 | 2025-11-19 |
AudioCodes Limited AudioCodes Fax/IVR Appliance
audiocodes fax_server
+1个
|
CVE NVD | |
| CVE-2025-34334 |
AudioCodes Fax/IVR Appliance <= 2.6.23 Authenticated Command Injection via TestFax.php & LPE
|
HIGH | 8.7 | 2025-11-19 |
AudioCodes Limited AudioCodes Fax/IVR Appliance
audiocodes fax_server
+1个
|
CVE NVD | |
| CVE-2025-34332 |
AudioCodes Fax/IVR Appliance <= 2.6.23 Insecure Service Control Scripts LPE
|
HIGH | 8.5 | 2025-11-19 |
AudioCodes Limited AudioCodes Fax/IVR Appliance
audiocodes fax_server
+1个
|
CVE NVD | |
| CVE-2025-34329 |
AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated Backup Upload RCE via ajaxBackupUploadFile.php
|
CRITICAL | 9.3 | 2025-11-19 |
AudioCodes Limited AudioCodes Fax/IVR Appliance
audiocodes fax_server
+1个
|
CVE NVD | |
| CVE-2025-34331 |
AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated File Read via download.php
|
HIGH | 8.7 | 2025-11-19 |
AudioCodes Limited AudioCodes Fax/IVR Appliance
audiocodes fax_server
+1个
|
CVE NVD | |
| CVE-2025-34328 |
AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated File Upload RCE via ajaxScript.php
|
CRITICAL | 9.3 | 2025-11-19 |
AudioCodes Limited AudioCodes Fax/IVR Appliance
audiocodes fax_server
+1个
|
CVE NVD | |
| CVE-2025-34330 |
AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated Prompt File Upload via ajaxPromptUploadFile.php
|
MEDIUM | 6.9 | 2025-11-19 |
AudioCodes Limited AudioCodes Fax/IVR Appliance
audiocodes fax_server
+1个
|
CVE NVD | |
| CVE-2025-34333 |
AudioCodes Fax/IVR Appliance <= 2.6.23 World-Writable Webroot LPE
|
HIGH | 8.5 | 2025-11-19 |
AudioCodes Limited AudioCodes Fax/IVR Appliance
audiocodes fax_server
+1个
|
CVE NVD | |
| CVE-2025-34336 |
eGovFramework <= 4.3.1 Unauthenticated File Upload via Web Editor Image Upload Endpoints
|
MEDIUM | 6.9 | 2025-11-19 |
eGovFramework/egovframe-common-components eGovFramework/egovframe-common-components
|
CVE NVD | |
| CVE-2025-34337 |
eGovFramework <= 4.3.1 Unauthenticated Encryption Oracle via Web Editor Image Upload Endpoints
|
HIGH | 8.7 | 2025-11-19 |
eGovFramework/egovframe-common-components eGovFramework/egovframe-common-components
|
CVE NVD |