快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 340282
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-63710 |
The send_message.php endpoint in SourceCodester Simple Public Chat Room 1.0 is vulnerable to Cross-S...
|
MEDIUM | -1.0 | 2025-11-10 |
未知
|
CVE NVD | |
| CVE-2025-63711 |
A Cross-Site Request Forgery (CSRF) vulnerability in the SourceCodester Client Database Management S...
|
HIGH | 7.1 | 2025-11-10 |
未知
|
CVE NVD | |
| CVE-2025-63712 |
Cross-Site Request Forgery (CSRF) in SourceCodester Product Expiry Management System. The User Manag...
|
MEDIUM | -1.0 | 2025-11-10 |
未知
|
CVE NVD | |
| CVE-2025-63834 |
A stored cross-site scripting (XSS) vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. T...
|
MEDIUM | -1.0 | 2025-11-10 |
未知
|
CVE NVD | |
| CVE-2025-63835 |
A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vul...
|
MEDIUM | -1.0 | 2025-11-10 |
未知
|
CVE NVD | |
| CVE-2025-12921 |
OpenClinica Community Edition CRF Data Import ImportCRFData xml injection
|
MEDIUM | 5.3 | 2025-11-09 |
OpenClinica Community Edition
OpenClinica Community Edition
+15个
|
CVE NVD | |
| CVE-2025-12920 |
qianfox FoxCMS Product.php edit cross site scripting
|
MEDIUM | 4.8 | 2025-11-09 |
qianfox FoxCMS
qianfox FoxCMS
+15个
|
CVE NVD | |
| CVE-2025-12919 |
EverShop Order Order.resolvers.js resource injection
|
MEDIUM | 6.3 | 2025-11-09 |
未知
|
CVE NVD | |
| CVE-2025-12918 |
yungifez Skuul School Management System View Fee Invoice fee-invoices resource injection
|
LOW | 2.3 | 2025-11-09 |
yungifez Skuul School Management System
yungifez Skuul School Management System
+4个
|
CVE NVD | |
| CVE-2025-12917 |
TOZED ZLT T10 Reboot proc_post denial of service
|
MEDIUM | 5.3 | 2025-11-09 |
TOZED ZLT T10
|
CVE NVD | |
| CVE-2025-40109 |
crypto: rng - Ensure set_ent is always present
|
MEDIUM | -1.0 | 2025-11-09 |
Linux Linux
Linux Linux
|
CVE NVD | |
| CVE-2025-40108 |
serial: qcom-geni: Fix blocked task
|
MEDIUM | -1.0 | 2025-11-09 |
Linux Linux
Linux Linux
|
CVE NVD | |
| CVE-2025-12916 |
Sangfor Operation and Maintenance Security Management System Frontend portal_login command injection
|
MEDIUM | 5.3 | 2025-11-08 |
Sangfor Operation and Maintenance Security Management System
|
CVE NVD | |
| CVE-2025-12915 |
70mai X200 Init Script file inclusion
|
HIGH | 7.1 | 2025-11-08 |
70mai X200
|
CVE NVD | |
| CVE-2025-12914 |
aaPanel BaoTa Backend database sql injection
|
MEDIUM | 5.1 | 2025-11-08 |
aaPanel BaoTa
aaPanel BaoTa
|
CVE NVD | |
| CVE-2025-12913 |
code-projects Responsive Hotel Site roomdel.php sql injection
|
MEDIUM | 5.1 | 2025-11-08 |
code-projects Responsive Hotel Site
|
CVE NVD | |
| CVE-2025-12399 |
Alex Reservations: Smart Restaurant Booking <= 2.2.3 - Authenticated (Admin+) Arbitrary File Upload
|
HIGH | 7.2 | 2025-11-08 |
alexreservations Alex Reservations: Smart Restaurant Booking
|
CVE NVD | |
| CVE-2025-11967 |
Mail Mint <= 1.18.10 - Authenticated (Admin+) Arbitrary File Upload
|
HIGH | 7.2 | 2025-11-08 |
getwpfunnels Mail Mint – Newsletters, Email Marketing, Automation, WooCommerce Emails, Post Notification, and more
|
CVE NVD | |
| CVE-2025-11448 |
Gallery Plugin for WordPress – Envira Photo Gallery <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery Conversion
|
MEDIUM | 4.3 | 2025-11-08 |
smub Gallery Plugin for WordPress – Envira Photo Gallery
|
CVE NVD | |
| CVE-2025-12837 |
aThemes Addons for Elementor <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call To Action Widget
|
MEDIUM | 6.4 | 2025-11-08 |
smub aThemes Addons for Elementor
|
CVE NVD |