快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 340282
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-5483 |
LC Wizard 1.2.10 - 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation
|
HIGH | 8.1 | 2025-11-07 |
niaj Connector Wizard (formerly LC Wizard)
|
CVE NVD | |
| CVE-2025-64323 |
kgateway is missing xDS authorization
|
MEDIUM | 5.3 | 2025-11-07 |
kgateway-dev kgateway
kgateway-dev kgateway
|
CVE NVD | |
| CVE-2025-64187 |
OctoPrint is vulnerable to XSS through Action Command Notifications and Prompts
|
MEDIUM | 4.6 | 2025-11-07 |
OctoPrint OctoPrint
|
CVE NVD | |
| CVE-2025-64184 |
Dosage vulnerable to Directory Traversal through crafted HTTP responses
|
HIGH | 8.8 | 2025-11-07 |
webcomics dosage
|
CVE NVD | |
| CVE-2025-64180 |
Manager-io/Manager: Complete Bypass of SSRF Protection via Time-of-Check Time-of-Use (TOCTOU)
|
CRITICAL | 10.0 | 2025-11-07 |
Manager-io Manager
|
CVE NVD | |
| CVE-2025-11546 |
CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2,...
|
CRITICAL | 9.3 | 2025-11-07 |
NEC Corporation CLUSTERPRO X for Linux (EXPRESSCLUSTER X for Linux)
NEC Corporation CLUSTERPRO X SingleServerSafe for Linux (EXPRESSCLUSTER X SingleServerSafe for Linux)
|
CVE NVD | |
| CVE-2025-48985 |
A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta. ...
|
LOW | 3.7 | 2025-11-07 |
Vercel AI SDK
|
CVE NVD | |
| CVE-2025-52662 |
A vulnerability in Nuxt DevTools has been fixed in version **2.6.4***. This issue may have allowed N...
|
MEDIUM | 6.9 | 2025-11-07 |
Vercel Nuxt Devtools
|
CVE NVD | |
| CVE-2025-57697 |
AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function _encode_image_bs64. Sin...
|
MEDIUM | -1.0 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-57698 |
AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function install_p...
|
MEDIUM | -1.0 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-60574 |
A Local File Inclusion (LFI) vulnerability has been identified in tQuadra CMS 4.2.1117. The issue ex...
|
HIGH | 7.5 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-61261 |
A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows at...
|
MEDIUM | 5.4 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-63420 |
CrushFTP11 before 11.3.7_57 is vulnerable to stored HTML injection in the CrushFTP Admin Panel (Repo...
|
MEDIUM | 4.1 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-63543 |
TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in the /search_results endpoint via the q ...
|
MEDIUM | -1.0 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-63544 |
TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in /order_notes via the id parameter.
|
MEDIUM | -1.0 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-63638 |
Sourcecodester AI-Powered To-Do List App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Ta...
|
MEDIUM | -1.0 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-63639 |
The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to C...
|
MEDIUM | -1.0 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-63640 |
Sourcecodester Medicine Reminder App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Medici...
|
MEDIUM | -1.0 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-63686 |
There is an arbitrary file download vulnerability in GuoMinJim PersonManage thru commit 5a02b1ab208f...
|
MEDIUM | -1.0 | 2025-11-07 |
未知
|
CVE NVD | |
| CVE-2025-63687 |
An issue was discovered in rymcu forest thru commit f782e85 (2025-09-04) in function doBefore in fil...
|
MEDIUM | -1.0 | 2025-11-07 |
未知
|
CVE NVD |