快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 340282
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-34299 |
Monsta FTP <= 2.11 Unauthenticated Arbitrary File Upload
|
CRITICAL | 9.3 | 2025-11-07 |
Monsta Limited of New Zealand Monsta FTP
|
CVE NVD | |
| CVE-2025-12856 |
code-projects Responsive Hotel Site reservation.php sql injection
|
MEDIUM | 5.1 | 2025-11-07 |
code-projects Responsive Hotel Site
|
CVE NVD | |
| CVE-2025-12855 |
code-projects Responsive Hotel Site newsletterdel.php sql injection
|
MEDIUM | 5.1 | 2025-11-07 |
code-projects Responsive Hotel Site
|
CVE NVD | |
| CVE-2025-10968 |
SQLi in GG Soft's PaperWork
|
HIGH | 8.8 | 2025-11-07 |
GG Soft Software Services Inc. PaperWork
|
CVE NVD | |
| CVE-2025-12854 |
newbee-mall-plus seckillExecution executeSeckill authorization
|
MEDIUM | 6.3 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-12853 |
SourceCodester Best House Rental Management System admin_class.php delete_house sql injection
|
MEDIUM | 5.1 | 2025-11-07 |
SourceCodester Best House Rental Management System
|
CVE NVD | |
| CVE-2025-10870 |
SQL injection in DIAL's CentrosNet
|
CRITICAL | 9.3 | 2025-11-07 |
DIAL CentrosNet
|
CVE NVD | |
| CVE-2025-46413 |
Use of password hash with insufficient computational effort issue exists in BUFFALO Wi-Fi router 'WS...
|
MEDIUM | 5.3 | 2025-11-07 |
BUFFALO INC. WSR-1800AX4
BUFFALO INC. WSR-1800AX4S
+2个
|
CVE NVD | |
| CVE-2025-10966 |
missing SFTP host verification with wolfSSH
|
MEDIUM | 4.3 | 2025-11-07 |
curl curl
|
CVE NVD | |
| CVE-2025-64346 |
archives: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
|
MEDIUM | 6.0 | 2025-11-07 |
jaredallard archives
|
CVE NVD | |
| CVE-2025-12527 |
Page & Post Notes <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Note Update/Deletion
|
MEDIUM | 4.3 | 2025-11-07 |
yydevelopment Page & Post Notes
|
CVE NVD | |
| CVE-2025-12520 |
WP Airbnb Review Slider <= 4.2 - Authenticated (Admin+) Stored Cross-Site Scripting
|
MEDIUM | 4.0 | 2025-11-07 |
jgwhite33 WP Airbnb Review Slider
|
CVE NVD | |
| CVE-2025-64343 |
(conda) Constructor: Excessive permissions during and after installation
|
HIGH | 7.8 | 2025-11-07 |
conda constructor
|
CVE NVD | |
| CVE-2025-64339 |
ClipBucket v5: Stored XSS Vulnerability in Manage Playlists
|
HIGH | 7.2 | 2025-11-07 |
MacWarrior clipbucket-v5
|
CVE NVD | |
| CVE-2025-64336 |
ClipBucket v5's Manage Photo Feature is Vulnerable to Stored XSS Attack via Photo Title
|
HIGH | 7.2 | 2025-11-07 |
MacWarrior clipbucket-v5
|
CVE NVD | |
| CVE-2025-4522 |
IDonate 2.0.0 - 2.1.9 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion via admin_post_donor_delete Function
|
MEDIUM | 6.5 | 2025-11-07 |
themeatelier IDonate – Blood Donation, Request And Donor Management System
|
CVE NVD | |
| CVE-2025-4519 |
IDonate 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_password Function
|
HIGH | 8.8 | 2025-11-07 |
themeatelier IDonate – Blood Donation, Request And Donor Management System
|
CVE NVD | |
| CVE-2025-12352 |
Gravity Forms <= 2.9.20 - Unauthenticated Arbitrary File Upload via 'copy_post_image'
|
CRITICAL | 9.8 | 2025-11-07 |
Gravity Forms Gravity Forms
|
CVE NVD | |
| CVE-2025-64329 |
containerd CRI server: Host memory exhaustion through Attach goroutine leak
|
MEDIUM | 6.9 | 2025-11-07 |
containerd containerd
containerd containerd
+2个
|
CVE NVD | |
| CVE-2025-64328 |
FreePBX Administration GUI is Vulnerable to Authenticated Command Injection
|
HIGH | 8.6 | 2025-11-07 |
FreePBX security-reporting
|
CVE NVD |