快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 350844
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-1108 |
cijliu librtsp rtsp_rely_dumps buffer overflow
|
MEDIUM | 4.8 | 2026-01-18 |
cijliu librtsp
|
CVE | |
| CVE-2026-1107 |
EyouCMS Member Avatar Diyajax.php check_userinfo unrestricted upload
|
MEDIUM | 5.3 | 2026-01-18 |
未知
|
CVE | |
| CVE-2026-1106 |
Chamilo LMS Legal Consent SocialController.php deleteLegal improper authorization
|
MEDIUM | 5.3 | 2026-01-18 |
Chamilo LMS
|
CVE | |
| CVE-2026-1105 |
EasyCMS UserAction.class.php sql injection
|
MEDIUM | 6.9 | 2026-01-17 |
未知
|
CVE NVD | |
| CVE-2026-1066 |
kalcaddle kodbox Compression zip command injection
|
MEDIUM | 5.3 | 2026-01-17 |
kalcaddle kodbox
kalcaddle kodbox
+9个
|
CVE NVD | |
| CVE-2026-1064 |
bastillion-io Bastillion System Management SystemKtrl.java command injection
|
MEDIUM | 5.1 | 2026-01-17 |
bastillion-io Bastillion
bastillion-io Bastillion
|
CVE NVD | |
| CVE-2026-1063 |
bastillion-io Bastillion Public Key Management System AuthKeysKtrl.java command injection
|
MEDIUM | 5.1 | 2026-01-17 |
bastillion-io Bastillion
bastillion-io Bastillion
|
CVE NVD | |
| CVE-2026-1062 |
xiweicheng TMS HtmlUtil.java summary server-side request forgery
|
MEDIUM | 5.3 | 2026-01-17 |
xiweicheng TMS
xiweicheng TMS
+27个
|
CVE NVD | |
| CVE-2026-1061 |
xiweicheng TMS FileController.java upload unrestricted upload
|
MEDIUM | 5.3 | 2026-01-17 |
xiweicheng TMS
xiweicheng TMS
+27个
|
CVE NVD | |
| CVE-2026-1059 |
FeMiner wms chkuser.php sql injection
|
MEDIUM | 6.9 | 2026-01-17 |
FeMiner wms
|
CVE NVD | |
| CVE-2026-1050 |
risesoft-y9 Digital-Infrastructure REST Authenticate Endpoint Y9PlatformUtil.java sql injection
|
MEDIUM | 6.9 | 2026-01-17 |
risesoft-y9 Digital-Infrastructure
risesoft-y9 Digital-Infrastructure
+6个
|
CVE NVD | |
| CVE-2026-1049 |
LigeroSmart index.pl cross site scripting
|
MEDIUM | 5.1 | 2026-01-17 |
未知
|
CVE NVD | |
| CVE-2026-1048 |
LigeroSmart index.pl cross site scripting
|
MEDIUM | 5.1 | 2026-01-17 |
未知
|
CVE NVD | |
| CVE-2025-15532 |
Open5GS Timer resource consumption
|
MEDIUM | 6.9 | 2026-01-17 |
未知
|
CVE NVD | |
| CVE-2025-15531 |
Open5GS context.c sgwc_bearer_add assertion
|
MEDIUM | 6.9 | 2026-01-17 |
未知
|
CVE NVD | |
| CVE-2025-15530 |
Open5GS s11-handler.c assertion
|
MEDIUM | 6.9 | 2026-01-17 |
未知
|
CVE NVD | |
| CVE-2025-8615 |
CubeWP <= 1.1.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via cubewp_shortcode_taxonomy Shortcode
|
MEDIUM | 6.4 | 2026-01-17 |
cubewp1211 CubeWP Framework
|
CVE NVD | |
| CVE-2025-14078 |
PAYGENT for WooCommerce <= 2.4.6 - Missing Authorization to Unauthenticated Payment Callback Manipulation
|
MEDIUM | 5.3 | 2026-01-17 |
shoheitanaka PAYGENT for WooCommerce
|
CVE NVD | |
| CVE-2026-0725 |
Integrate Dynamics 365 CRM <= 1.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping Configuration
|
MEDIUM | 4.4 | 2026-01-17 |
cyberlord92 Integrate Dynamics 365 CRM
|
CVE NVD | |
| CVE-2025-10484 |
Registration & Login with Mobile Phone Number for WooCommerce <= 1.3.1 - Authentication Bypass
|
CRITICAL | 9.8 | 2026-01-17 |
FmeAddons Registration & Login with Mobile Phone Number for WooCommerce
|
CVE NVD |