快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352749
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-59385 |
QNAP Systems Hero和QNAP Systems QTS 安全漏洞
|
HIGH | 8.1 | 2025-12-16 |
QNAP Systems Inc. QTS
QNAP Systems Inc. QuTS hero
+37个
|
CVE NVD +1 | |
| CVE-2025-62847 |
QNAP Systems Hero和QNAP Systems QTS 参数注入漏洞
|
MEDIUM | 6.6 | 2025-12-16 |
QNAP Systems Inc. QTS
QNAP Systems Inc. QuTS hero
+37个
|
CVE NVD +1 | |
| CVE-2025-62848 |
QNAP Systems Hero和QNAP Systems QTS 代码问题漏洞
|
HIGH | 8.1 | 2025-12-16 |
QNAP Systems Inc. QTS
QNAP Systems Inc. QuTS hero
+37个
|
CVE NVD +1 | |
| CVE-2025-62849 |
QNAP Systems Hero和QNAP Systems QTS SQL注入漏洞
|
MEDIUM | 5.2 | 2025-12-16 |
QNAP Systems Inc. QTS
QNAP Systems Inc. QuTS hero
+37个
|
CVE NVD +1 | |
| CVE-2025-14747 |
Ningyuanda TC155 RTSP Service denial of service
|
MEDIUM | 5.3 | 2025-12-16 |
Ningyuanda TC155
shenzhenningyuandatechnology tc155_firmware
|
CVE NVD | |
| CVE-2025-14746 |
Ningyuanda TC155 RTSP Live Video Stream Endpoint improper authentication
|
MEDIUM | 5.3 | 2025-12-16 |
Ningyuanda TC155
shenzhenningyuandatechnology tc155_firmware
|
CVE NVD | |
| CVE-2025-68115 |
Parse Server vulnerable to Cross-Site Scripting (XSS) via Unescaped Mustache Template Variables
|
MEDIUM | 5.3 | 2025-12-16 |
parse-community parse-server
parse-community parse-server
+3个
|
CVE NVD | |
| CVE-2025-68113 |
ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay
|
MEDIUM | 6.5 | 2025-12-16 |
altcha-org altcha-lib
|
CVE NVD | |
| CVE-2025-67751 |
ChurchCRM has SQL Injection in Event Editor via `EN_tyid` Parameter caused by an Incomplete Fix
|
HIGH | 7.2 | 2025-12-16 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD | |
| CVE-2025-67874 |
ChurchCRM 安全漏洞
|
MEDIUM | 6.9 | 2025-12-16 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD +1 | |
| CVE-2025-67744 |
Mermaid XSS vulnerability leads to Remote Code Execution
|
CRITICAL | 9.7 | 2025-12-16 |
ThinkInAIXYZ deepchat
thinkinai deepchat
|
CVE NVD | |
| CVE-2025-67748 |
Fickling 代码问题漏洞
|
HIGH | 7.1 | 2025-12-16 |
trailofbits fickling
trailofbits fickling
|
CVE NVD +1 | |
| CVE-2025-14758 |
Initialization of a Resource with an Insecure Default in YAOOK
|
MEDIUM | 6.5 | 2025-12-16 |
ALASCA YAOOK
|
CVE NVD | |
| CVE-2025-67747 |
Fickling 代码问题漏洞
|
HIGH | 7.1 | 2025-12-16 |
trailofbits fickling
trailofbits fickling
|
CVE NVD +1 | |
| CVE-2025-67736 |
FreePBX tts SQL注入漏洞
|
HIGH | 8.6 | 2025-12-16 |
FreePBX security-reporting
FreePBX security-reporting
+1个
|
CVE NVD +1 | |
| CVE-2025-67735 |
Netty 注入漏洞
|
MEDIUM | 6.5 | 2025-12-16 |
netty netty
netty netty
+1个
|
CVE NVD +1 | |
| CVE-2025-67722 |
FreePBX 代码问题漏洞
|
MEDIUM | 5.7 | 2025-12-16 |
FreePBX security-reporting
FreePBX security-reporting
+1个
|
CVE NVD +1 | |
| CVE-2025-66449 |
ConvertX has Path Traversal that leads to Arbitrary File Write and Arbitrary Code Execution
|
HIGH | 8.8 | 2025-12-16 |
C4illin ConvertX
c4illin convertx
|
CVE NVD | |
| CVE-2025-67715 |
Weblate has Systematic User and Project Enumeration via Broken Authorization in REST API (IDOR)
|
MEDIUM | 4.3 | 2025-12-16 |
WeblateOrg weblate
weblate weblate
|
CVE NVD | |
| CVE-2025-67492 |
Weblate's over‑permissive webhook endpoint enables mass repository updates and component enumeration
|
MEDIUM | 5.3 | 2025-12-16 |
WeblateOrg weblate
weblate weblate
|
CVE NVD |