漏洞列表 - 漏洞数据展示平台

快速搜索提示： 按厂商查询（如：microsoft）| 按产品查询（如：microsoft sql_server）

搜索关键词支持模糊搜索，但速度较慢

严重程度

数据源

排序

常用厂商： microsoft cisco google apple oracle

示例： microsoft sql_server cisco ios apache http_server

漏洞列表 352547

CVE ID	标题	严重程度	CVSS	发布时间	受影响产品	数据源
CVE-2025-14761	Missing cryptographic key commitment in the AWS SDK for PHP may allow a user with write access to th...	MEDIUM	6.0	2025-12-17	AWS AWS SDK for PHP	CVE NVD
CVE-2025-14760	Missing cryptographic key commitment in the AWS SDK for C++ may allow a user with write access to th...	MEDIUM	6.0	2025-12-17	AWS AWS SDK for C++	CVE NVD
CVE-2025-14759	Missing cryptographic key commitment in the Amazon S3 Encryption Client for .NET may allow a user wi...	MEDIUM	6.0	2025-12-17	AWS S3 Encryption Client for .NET	CVE NVD
CVE-2025-34438	AVideo < 20.1 IDOR Arbitrary Video Rotation	MEDIUM	5.3	2025-12-17	World Wide Broadcast Network AVideo wwbn avideo	CVE NVD
CVE-2025-34437	AVideo < 20.1 IDOR Arbitrary Comment Image Upload	HIGH	8.7	2025-12-17	World Wide Broadcast Network AVideo wwbn avideo	CVE NVD
CVE-2025-34435	AVideo < 20.1 IDOR Arbitrary File Deletion	HIGH	8.7	2025-12-17	World Wide Broadcast Network AVideo wwbn avideo	CVE NVD
CVE-2025-34436	AVideo < 20.1 IDOR Arbitrary File Upload	HIGH	8.7	2025-12-17	World Wide Broadcast Network AVideo wwbn avideo	CVE NVD
CVE-2025-34434	AVideo < 20.1 ImageGallery Plugin Unauthenticated File Upload and Deletion	CRITICAL	9.3	2025-12-17	World Wide Broadcast Network AVideo wwbn avideo	CVE NVD
CVE-2025-34439	AVideo < 20.1 Open Redirect via cancelUri Parameter	MEDIUM	4.8	2025-12-17	World Wide Broadcast Network AVideo wwbn avideo	CVE NVD
CVE-2025-34440	AVideo < 20.1 Open Redirect via siteRedirectUri Parameter	MEDIUM	4.8	2025-12-17	World Wide Broadcast Network AVideo wwbn avideo	CVE NVD
CVE-2025-34442	AVideo < 20.1 System Path Disclosure via Public API	MEDIUM	6.9	2025-12-17	World Wide Broadcast Network AVideo wwbn avideo	CVE NVD
CVE-2025-34441	AVideo < 20.1 User Information Disclosure via Public API	MEDIUM	6.9	2025-12-17	World Wide Broadcast Network AVideo wwbn avideo	CVE NVD
CVE-2025-66646	RIOT-OS has NULL pointer dereference in gnrc_ipv6_ext_frag_reass	LOW	1.7	2025-12-17	RIOT-OS RIOT riot-os riot +1个	CVE NVD
CVE-2025-66397	ChurchCRM's Kiosk Manager Functions are vulnerable to Broken Access Control	HIGH	8.3	2025-12-17	ChurchCRM CRM churchcrm churchcrm	CVE NVD
CVE-2025-66396	ChurchCRM has SQL Injection in User Editor via `type` Parameter Key	HIGH	7.2	2025-12-17	ChurchCRM CRM churchcrm churchcrm	CVE NVD
CVE-2025-66395	SQL Injection in Event List via `WhichType` Parameter	HIGH	8.8	2025-12-17	ChurchCRM CRM churchcrm churchcrm	CVE NVD
CVE-2025-62521	ChurchCRM has unauthenticated RCE in its Install Wizard	CRITICAL	10.0	2025-12-17	ChurchCRM CRM churchcrm churchcrm	CVE NVD
CVE-2025-14081	Ultimate Member <= 2.11.0 - Authenticated (Subscriber+) Profile Privacy Setting Bypass	MEDIUM	4.3	2025-12-17	ultimatemember Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin	CVE NVD
CVE-2025-13537	Live Composer – Free WordPress Website Builder <= 2.0.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting	MEDIUM	6.4	2025-12-17	livecomposer Live Composer – Free WordPress Website Builder	CVE NVD
CVE-2025-13217	Ultimate Member <= 2.11.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'value'	MEDIUM	6.4	2025-12-17	ultimatemember Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin	CVE NVD

耗时统计

总耗时:	240.35 ms
构建查询耗时:	0.0 ms
统计耗时:	233.54 ms
获取数据耗时:	5.92 ms
数据转换耗时:	0.88 ms

数据统计

匹配文档数:	352547
返回文档数:	20
当前页码:	311
每页数量:	20
跳过记录数:	6200

查询详情

查询集合:	`uni_vulnerabilities`
使用过滤器:	否
搜索关键词:	-
严重程度:	-
数据源:	-
效率分析:	良好查询速度正常

优化建议：

匹配文档数量很大（352547），建议使用更精确的搜索条件
当前未使用任何过滤条件，查询全部数据可能较慢

漏洞列表 352547

参考链接