快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352749
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-14727 |
NGINX Ingress Controller vulnerability
|
HIGH | 8.7 | 2025-12-17 |
F5 NGINX Ingress Controller
f5 nginx_ingress_controller
|
CVE NVD | |
| CVE-2025-44005 |
An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create c...
|
CRITICAL | 10.0 | 2025-12-17 |
smallstep Step-CA
smallstep Step-CA
|
CVE NVD | |
| CVE-2025-14266 |
Ercom Cryptobox 安全漏洞
|
LOW | 0.6 | 2025-12-17 |
Ercom Cryptobox
|
CVE NVD +1 | |
| CVE-2025-61736 |
iSTAR- Improper Validation of Certificate Expiration
|
HIGH | 7.1 | 2025-12-17 |
Johnson Controls iSTAReX, iSTAR Edge, iSTAR Ultra LT, iSTAR Ultra , iSTAR Ultra SE
|
CVE NVD | |
| CVE-2025-14097 |
Remote Code Execution Vulnerability in Radiometer Products
|
HIGH | 7.2 | 2025-12-17 |
Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers
Radiometer Medical Aps ABL800 BASIC and ABL800 FLEX Analyzers
+1个
|
CVE NVD | |
| CVE-2025-14096 |
Credential Disclosure vulnerability in Radiometer Products
|
HIGH | 8.4 | 2025-12-17 |
Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers
Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers
+4个
|
CVE NVD | |
| CVE-2025-62690 |
Open redirect in error page when link opened in new tab
|
LOW | 3.1 | 2025-12-17 |
Mattermost Mattermost
mattermost mattermost_server
|
CVE NVD | |
| CVE-2025-13352 |
Mattermost GitHub Plugin allows unauthorized GitHub reactions via reaction forwarding hijacking
|
LOW | 3.0 | 2025-12-17 |
Mattermost Mattermost
mattermost mattermost_server
|
CVE NVD | |
| CVE-2025-62190 |
CSRF Allows Call Initiation and Message Delivery
|
MEDIUM | 4.3 | 2025-12-17 |
Mattermost Mattermost
mattermost mattermost_server
|
CVE NVD | |
| CVE-2025-67895 |
Apache Airflow Providers Edge3: Edge3 Worker RPC RCE on Airflow 2
|
CRITICAL | 9.8 | 2025-12-17 |
Apache Software Foundation Apache Airflow Providers Edge3
apache apache-airflow-providers-edge3
|
CVE NVD | |
| CVE-2025-14095 |
Privilege boundary violation in Radiometer Products
|
MEDIUM | 6.8 | 2025-12-17 |
Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers
Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers
+4个
|
CVE NVD | |
| CVE-2025-14101 |
IDOR in GG Soft's PaperWork
|
HIGH | 7.1 | 2025-12-17 |
GG Soft Software Services Inc. PaperWork
|
CVE NVD | |
| CVE-2025-14347 |
Reflected XSS in Proliz's OBS
|
MEDIUM | 6.3 | 2025-12-17 |
Proliz Software Ltd. OBS (Student Affairs Information System)0
|
CVE NVD | |
| CVE-2025-14399 |
Download Plugins and Themes from Dashboard <= 1.9.6 - Cross-Site Request Forgery to Bulk Plugin/Theme Archival
|
MEDIUM | 4.3 | 2025-12-17 |
wpcodefactory Download Plugins and Themes in ZIP from Dashboard
|
CVE NVD | |
| CVE-2025-12496 |
Zephyr Project Manager <= 3.3.203 - Authenticated (Custom+) Arbitrary File Read And Server-Side Request Forgery
|
MEDIUM | 4.9 | 2025-12-17 |
dylanjkotze Zephyr Project Manager
|
CVE NVD | |
| CVE-2025-11924 |
Ninja Forms – The Contact Form Builder That Grows With You <= 3.13.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via Unscoped Bearer Token
|
HIGH | 7.5 | 2025-12-17 |
kstover Ninja Forms – The Contact Form Builder That Grows With You
ninjaforms ninja_forms
|
CVE NVD | |
| CVE-2025-13750 |
Converter for Media <= 6.3.2 - Missing Authorization to Authenticated (Subscriber+) Optimized Image Deletion via regenerate-attachment REST Endpoint
|
MEDIUM | 4.3 | 2025-12-17 |
mateuszgbiorczyk Converter for Media – Optimize images | Convert WebP & AVIF
|
CVE NVD | |
| CVE-2025-14061 |
Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.0.7 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
|
MEDIUM | 5.3 | 2025-12-17 |
wplegalpages Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent
|
CVE NVD | |
| CVE-2025-14817 |
TECNO Pova6 Pro 5G 安全漏洞
|
MEDIUM | 6.5 | 2025-12-17 |
TECNO Tecno Pova6 Pro 5G
transsion hios
|
CVE NVD +1 | |
| CVE-2025-14154 |
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.10.2 - Unauthenticated Stored Cross-Site Scripting
|
MEDIUM | 6.1 | 2025-12-17 |
wordplus Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss
|
CVE NVD |