快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353571
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-54320 |
In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, ...
|
MEDIUM | 4.3 | 2025-11-18 |
ascertia signinghub
|
CVE NVD | |
| CVE-2025-54321 |
In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the reset password functio...
|
CRITICAL | 9.8 | 2025-11-18 |
ascertia signinghub
|
CVE NVD | |
| CVE-2025-55796 |
The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for cr...
|
HIGH | 7.5 | 2025-11-18 |
openml openml.org
|
CVE NVD | |
| CVE-2025-56499 |
Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level privileges...
|
MEDIUM | 6.5 | 2025-11-18 |
metacubex mihomo
|
CVE NVD | |
| CVE-2025-56526 |
Cross site scripting (XSS) vulnerability in Kotaemon 0.11.0 allowing attackers to execute arbitrary ...
|
MEDIUM | 6.1 | 2025-11-18 |
cinnamon kotaemon
|
CVE NVD | |
| CVE-2025-56527 |
Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.
|
HIGH | 7.5 | 2025-11-18 |
cinnamon kotaemon
|
CVE NVD | |
| CVE-2025-56643 |
Requarks Wiki.js 2.5.307 does not properly revoke or invalidate active JWT tokens when a user logs o...
|
CRITICAL | 9.1 | 2025-11-18 |
requarks wiki.js
|
CVE NVD | |
| CVE-2025-60455 |
Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--expe...
|
HIGH | 8.4 | 2025-11-18 |
modular max
|
CVE NVD | |
| CVE-2025-63215 |
The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution (RCE) via a ...
|
HIGH | 7.2 | 2025-11-18 |
sound4 impact_firmware
|
CVE NVD | |
| CVE-2025-63216 |
The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper J...
|
CRITICAL | 10.0 | 2025-11-18 |
itel idgateway_firmware
|
CVE NVD | |
| CVE-2025-63217 |
The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT v...
|
CRITICAL | 9.8 | 2025-11-18 |
itel id_mux_firmware
|
CVE NVD | |
| CVE-2025-63225 |
The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access Contr...
|
CRITICAL | 9.8 | 2025-11-18 |
未知
|
CVE NVD | |
| CVE-2025-63226 |
The Sencore SMP100 SMP Media Platform (firmware versions V4.2.160, V60.1.4, V60.1.29) is vulnerable ...
|
MEDIUM | 5.7 | 2025-11-18 |
未知
|
CVE NVD | |
| CVE-2025-63227 |
The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unrestrict...
|
HIGH | 7.2 | 2025-11-18 |
dbbroadcast mozart_next_100_firmware
dbbroadcast mozart_next_1000_firmware
+20个
|
CVE NVD | |
| CVE-2025-63228 |
The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unauthenti...
|
CRITICAL | 9.8 | 2025-11-18 |
dbbroadcast mozart_next_100_firmware
dbbroadcast mozart_next_1000_firmware
+20个
|
CVE NVD | |
| CVE-2025-63229 |
The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected C...
|
MEDIUM | 5.4 | 2025-11-18 |
dbbroadcast mozart_next_100_firmware
dbbroadcast mozart_next_1000_firmware
+20个
|
CVE NVD | |
| CVE-2025-63258 |
A remote command execution (RCE) vulnerability was discovered in all H3C ERG3/ERG5 series routers an...
|
MEDIUM | 6.5 | 2025-11-18 |
未知
|
CVE NVD | |
| CVE-2025-63408 |
Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthent...
|
MEDIUM | 5.1 | 2025-11-18 |
ispyconnect agent_dvr
|
CVE NVD | |
| CVE-2025-63512 |
kishan0725 Hospital Management System/ v4 is vulnerable to SQL Injection in admin-panel1.php, specif...
|
MEDIUM | 6.5 | 2025-11-18 |
kishan0725 hospital_management_system
|
CVE NVD | |
| CVE-2025-63513 |
kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerabilit...
|
MEDIUM | 6.5 | 2025-11-18 |
kishan0725 hospital_management_system
|
CVE NVD |