快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 350655
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-22803 |
SvelteKit has a memory amplification DoS in Remote Functions binary form deserializer
|
HIGH | 8.2 | 2026-01-15 |
sveltejs kit
|
CVE NVD | |
| CVE-2025-67647 |
SvelteKit Denial of service and possible SSRF when using prerendering
|
HIGH | 8.4 | 2026-01-15 |
sveltejs kit
|
CVE NVD | |
| CVE-2025-13845 |
CWE-416: Use After Free vulnerability that could cause remote code execution when the end user impor...
|
HIGH | 8.4 | 2026-01-15 |
Schneider Electric EcoStruxure Power Build Rapsody
Schneider Electric EcoStruxure Power Build Rapsody
+5个
|
CVE NVD | |
| CVE-2025-13844 |
CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user ...
|
HIGH | 8.4 | 2026-01-15 |
Schneider Electric EcoStruxure Power Build Rapsody
Schneider Electric EcoStruxure Power Build Rapsody
+3个
|
CVE NVD | |
| CVE-2025-36911 |
In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to re...
|
HIGH | 7.1 | 2026-01-15 |
Google Android
|
CVE NVD | |
| CVE-2025-9014 |
Null Pointer Dereference Vulnerability on TL-WR841N
|
MEDIUM | 6.3 | 2026-01-15 |
TP-Link Systems Inc. TL-WR841N v14
|
CVE NVD | |
| CVE-2026-23496 |
Pimcore Web2Print Tools Bundle "Favourite Output Channel Configuration" Missing Function Level Authorization
|
MEDIUM | 5.4 | 2026-01-15 |
pimcore pimcore
pimcore pimcore
|
CVE NVD | |
| CVE-2026-23494 |
Pimcore is Missing Function Level Authorization on "Static Routes" Listing
|
MEDIUM | 4.3 | 2026-01-15 |
pimcore pimcore
pimcore pimcore
|
CVE NVD | |
| CVE-2026-23495 |
Pimcore's Admin Classic Bundle is Missing Function Level Authorization on "Predefined Properties" Listing
|
MEDIUM | 4.3 | 2026-01-15 |
pimcore pimcore
pimcore pimcore
|
CVE NVD | |
| CVE-2025-62193 |
NOAA PMEL Live Access Server (LAS) PyFerret command injection
|
CRITICAL | 9.3 | 2026-01-15 |
National Oceanic and Atmospheric Administration (NOAA) Live Access Server (LAS)
|
CVE NVD | |
| CVE-2026-23493 |
Pimcore ENV Variables and Cookie Informations are exposed in http_error_log
|
HIGH | 8.6 | 2026-01-15 |
pimcore pimcore
pimcore pimcore
|
CVE NVD | |
| CVE-2026-20075 |
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability
|
MEDIUM | 4.8 | 2026-01-15 |
Cisco Cisco Evolved Programmable Network Manager (EPNM)
Cisco Cisco Evolved Programmable Network Manager (EPNM)
+263个
|
CVE NVD | |
| CVE-2026-20047 |
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
|
MEDIUM | 4.8 | 2026-01-15 |
Cisco Cisco Identity Services Engine Software
Cisco Cisco Identity Services Engine Software
+29个
|
CVE NVD | |
| CVE-2026-20076 |
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability
|
MEDIUM | 4.8 | 2026-01-15 |
Cisco Cisco Identity Services Engine Software
Cisco Cisco Identity Services Engine Software
+23个
|
CVE NVD | |
| CVE-2026-22867 |
LaSuite Doc affected by Stored XSS via Interlinking Block
|
HIGH | 8.7 | 2026-01-15 |
suitenumerique docs
|
CVE NVD | |
| CVE-2026-22265 |
Roxy-WI has a Command Injection via grep parameter in logs.py allows authenticated RCE
|
HIGH | 7.5 | 2026-01-15 |
roxy-wi roxy-wi
|
CVE NVD | |
| CVE-2025-66417 |
GLPI has an unauthenticated SQL injection through the inventory endpoint
|
HIGH | 7.5 | 2026-01-15 |
glpi-project glpi
|
CVE NVD | |
| CVE-2025-66292 |
DPanel has an arbitrary file deletion vulnerability in /api/common/attach/delete interface
|
HIGH | 8.1 | 2026-01-15 |
donknap dpanel
|
CVE NVD | |
| CVE-2025-64516 |
GLPI incorrectly authorizes access to documents
|
HIGH | 7.5 | 2026-01-15 |
glpi-project glpi
glpi-project glpi
|
CVE NVD | |
| CVE-2021-47843 |
Tagstoo 2.0.1 - Stored XSS to RCE
|
MEDIUM | 5.1 | 2026-01-15 |
Tagstoo Tagstoo
|
CVE NVD |