快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352749
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2023-53904 |
Xenforo 2.2.13 Authenticated Stored Cross-Site Scripting via Smilie Categories
|
MEDIUM | 5.1 | 2025-12-17 |
Xenforo Xenforo
|
CVE NVD | |
| CVE-2025-66029 |
Open OnDemand affected by Apache proxy passing sensitive headers
|
HIGH | 7.6 | 2025-12-17 |
OSC ondemand
|
CVE NVD | |
| CVE-2025-14833 |
code-projects Online Appointment Booking System deletemanagerclinic.php sql injection
|
MEDIUM | 6.9 | 2025-12-17 |
code-projects Online Appointment Booking System
anisha online_appointment_booking_system
|
CVE NVD | |
| CVE-2025-68429 |
Storybook manager bundle may expose environment variables during build
|
HIGH | 7.3 | 2025-12-17 |
storybookjs storybook
storybookjs storybook
+2个
|
CVE NVD | |
| CVE-2025-68434 |
opensourcepos has Cross-Site Request Forgery vulnerability that leads to Unauthorized Administrator Creation
|
HIGH | 8.8 | 2025-12-17 |
opensourcepos opensourcepos
opensourcepos open_source_point_of_sale
|
CVE NVD | |
| CVE-2025-68147 |
opensourcepos has a Cross-site Scripting vulnerability
|
HIGH | 8.1 | 2025-12-17 |
opensourcepos opensourcepos
opensourcepos open_source_point_of_sale
|
CVE NVD | |
| CVE-2025-68145 |
Model Context Protocol Servers 路径遍历漏洞
|
MEDIUM | 6.4 | 2025-12-17 |
modelcontextprotocol servers
|
CVE NVD +1 | |
| CVE-2025-68144 |
Model Context Protocol Servers 参数注入漏洞
|
MEDIUM | 6.3 | 2025-12-17 |
modelcontextprotocol servers
|
CVE NVD +1 | |
| CVE-2025-68143 |
Model Context Protocol Servers 路径遍历漏洞
|
MEDIUM | 6.5 | 2025-12-17 |
modelcontextprotocol servers
|
CVE NVD +1 | |
| CVE-2025-68129 |
Auth0-PHP SDK has Improper Audience Validation
|
MEDIUM | 6.8 | 2025-12-17 |
auth0 auth0-PHP
|
CVE NVD | |
| CVE-2025-14832 |
itsourcecode Online Cake Ordering System updateproduct.php sql injection
|
MEDIUM | 6.9 | 2025-12-17 |
itsourcecode Online Cake Ordering System
admerc online_cake_ordering_system
|
CVE NVD | |
| CVE-2025-68118 |
FreeRDP 缓冲区错误漏洞
|
MEDIUM | 6.6 | 2025-12-17 |
FreeRDP FreeRDP
freerdp freerdp
|
CVE NVD +1 | |
| CVE-2025-68275 |
ChurchCRM 跨站脚本漏洞
|
CRITICAL | 9.2 | 2025-12-17 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD +1 | |
| CVE-2025-68401 |
ChurchCRM 跨站脚本漏洞
|
MEDIUM | 6.2 | 2025-12-17 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD +1 | |
| CVE-2025-68400 |
ChurchCRM SQL注入漏洞
|
CRITICAL | 9.3 | 2025-12-17 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD +1 | |
| CVE-2025-68399 |
ChurchCRM 跨站脚本漏洞
|
LOW | 2.0 | 2025-12-17 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD +1 | |
| CVE-2025-68112 |
ChurchCRM has SQL injection in EditEventAttendees.php
|
CRITICAL | 9.6 | 2025-12-17 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD | |
| CVE-2025-68111 |
ChurchCRM has SQL Injection in eGive Import Feature
|
HIGH | 7.2 | 2025-12-17 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD | |
| CVE-2025-68110 |
ChurchCRM discloses database information on error message
|
CRITICAL | 10.0 | 2025-12-17 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD | |
| CVE-2025-68109 |
ChurchCRM vulnerable to RCE with database restore functionality
|
CRITICAL | 9.1 | 2025-12-17 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD |