快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353571
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-12766 |
Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of affected versions of BlackBerry AtHoc.
|
MEDIUM | 5.0 | 2025-11-19 |
BlackBerry BlackBerry® AtHoc® (OnPrem)
blackberry athoc
|
CVE NVD | |
| CVE-2025-65022 |
i-Educar Authenticated Time-based SQL Injection in `agenda.php`
|
HIGH | 7.2 | 2025-11-19 |
portabilis i-educar
portabilis i-educar
|
CVE NVD | |
| CVE-2025-65023 |
i-Educar Authenticated Time-based SQL Injection in `funcionario_vinculo_cad.php`
|
HIGH | 7.2 | 2025-11-19 |
portabilis i-educar
portabilis i-educar
|
CVE NVD | |
| CVE-2025-65024 |
i-Educar Authenticated Time-based SQL Injection in `agenda_admin_cad.php`
|
HIGH | 7.2 | 2025-11-19 |
portabilis i-educar
portabilis i-educar
|
CVE NVD | |
| CVE-2025-10703 |
Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Conne...
|
HIGH | 8.6 | 2025-11-19 |
Progress DataDirect Connect for JDBC for Amazon Redshift
Progress DataDirect Connect for JDBC for Apache Cassandra
+30个
|
CVE NVD | |
| CVE-2025-10702 |
Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Conne...
|
HIGH | 8.6 | 2025-11-19 |
Progress DataDirect Connect for JDBC for Amazon Redshift
Progress DataDirect Connect for JDBC for Apache Cassandra
+30个
|
CVE NVD | |
| CVE-2025-13397 |
mrubyc alloc.c mrbc_raw_realloc null pointer dereference
|
MEDIUM | 4.8 | 2025-11-19 |
s-itoc mruby\/c
|
CVE NVD | |
| CVE-2025-13396 |
code-projects Courier Management System add-office.php sql injection
|
MEDIUM | 5.3 | 2025-11-19 |
code-projects Courier Management System
carmelogarcia courier_management_system
|
CVE NVD | |
| CVE-2025-11963 |
Reflected XSS in Saysis's StarCities
|
MEDIUM | 5.4 | 2025-11-19 |
Saysis Computer Systems Trade Ltd. Co. StarCities
|
CVE NVD | |
| CVE-2025-0421 |
iFrame Injection in Mikrogrup's Shopside
|
MEDIUM | 4.7 | 2025-11-19 |
Shopside Software Technologies Inc. Shopside
|
CVE NVD | |
| CVE-2024-8528 |
ALC WebCTRL Carrier i-Vu Reflected XSS due to unsanitized parameter
|
MEDIUM | 5.4 | 2025-11-19 |
Automated Logic WebCtrl
Carrier i-Vu
|
CVE NVD | |
| CVE-2024-8527 |
ALC WebCTRL Carrier i-Vu Open Redirect via URL parameter
|
HIGH | 8.6 | 2025-11-19 |
Automated Logic WebCtrl
Carrier i-Vu
|
CVE NVD | |
| CVE-2025-12592 |
Use of default login credentials in Legacy Vivotek Devices
|
CRITICAL | 9.3 | 2025-11-19 |
Vivotek Affected device model numbers are FD7131-VVTK,FD7131-VVTK,FD7131-VVTK,FD7141-VVTK,IP7131-VVTK,IP7133-VVTK,IP7133-VVTK,IP7133-VVTK,IP7134-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7138-VVTK,IP7142-VVTK,IP7142-VVTK,IP7151-VVTK,IP7152-VVTK,IP7153-VVTK,IP7153-VVTK,IP7154-VVTK,IP7330-VVTK,IP7330-VVTK,IP7330-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131W-VVTK,PT7135-VVTK,PT7137-TCON,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PZ7131-VVTK,PZ7131-VVTK,PZ71X1-VVTK,PZ71X1-VVTK,PZ71X2-VVTK,SD73X3-VVTK,SD73X3-VVTK,SD73X3-VVTK,TC5330-VVTK,TC5332-TCVV,TC5333-TCVV,TC5633-TCVV,TC5633-VVTK,VS7100-VVTK,VS7100-VVTK,VS7100-VVTK
Vivotek Affected device model numbers are FD7131-VVTK,FD7131-VVTK,FD7131-VVTK,FD7141-VVTK,IP7131-VVTK,IP7133-VVTK,IP7133-VVTK,IP7133-VVTK,IP7134-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7138-VVTK,IP7142-VVTK,IP7142-VVTK,IP7151-VVTK,IP7152-VVTK,IP7153-VVTK,IP7153-VVTK,IP7154-VVTK,IP7330-VVTK,IP7330-VVTK,IP7330-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131W-VVTK,PT7135-VVTK,PT7137-TCON,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PZ7131-VVTK,PZ7131-VVTK,PZ71X1-VVTK,PZ71X1-VVTK,PZ71X2-VVTK,SD73X3-VVTK,SD73X3-VVTK,SD73X3-VVTK,TC5330-VVTK,TC5332-TCVV,TC5333-TCVV,TC5633-TCVV,TC5633-VVTK,VS7100-VVTK,VS7100-VVTK,VS7100-VVTK
+29个
|
CVE NVD | |
| CVE-2025-10437 |
SQLi in Exagate's Webpack Management System
|
CRITICAL | 9.8 | 2025-11-19 |
Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System
|
CVE NVD | |
| CVE-2025-13395 |
codehub666 94list function.php login sql injection
|
MEDIUM | 6.9 | 2025-11-19 |
codehub666 94list
|
CVE NVD | |
| CVE-2025-64408 |
Apache Causeway: Java deserialization vulnerability to authenticated attackers
|
MEDIUM | 6.3 | 2025-11-19 |
Apache Software Foundation Apache Causeway
apache causeway
+1个
|
CVE NVD | |
| CVE-2025-12472 |
Remote Code Execution in Looker due to Improperly Validated Directory Deletion
|
HIGH | 7.1 | 2025-11-19 |
Google Cloud Looker
|
CVE NVD | |
| CVE-2025-58412 |
A improper neutralization of script-related html tags in a web page (basic xss) vulnerability in For...
|
MEDIUM | 4.2 | 2025-11-19 |
Fortinet FortiADC
fortinet fortiadc
+1个
|
CVE NVD | |
| CVE-2025-11230 |
Denial of service vulnerability in HAProxy mjson library
|
HIGH | 7.5 | 2025-11-19 |
HAProxy Technologies HAProxy Community Edition
haproxy aloha_appliance
+7个
|
CVE NVD | |
| CVE-2025-11446 |
Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manage...
|
HIGH | 7.3 | 2025-11-19 |
upKeeper Solutions upKeeper Manager
upkeeper upkeeper_manager
|
CVE NVD |