快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352871
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-14503 |
Overly Permissive Trust Policy in Harmonix on AWS EKS
|
HIGH | 8.6 | 2025-12-15 |
AWS Harmonix on AWS
|
CVE NVD | |
| CVE-2025-14148 |
IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability
|
MEDIUM | 6.5 | 2025-12-15 |
IBM UCD - IBM DevOps Deploy
ibm devops_deploy
|
CVE NVD | |
| CVE-2025-12035 |
Bluetooth: Integer Overflow in Bluetooth Classic (BR/EDR) L2CAP
|
MEDIUM | 6.5 | 2025-12-15 |
zephyrproject-rtos Zephyr
|
CVE NVD | |
| CVE-2025-36360 |
IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Insufficient Session Expiration vulnerability
|
MEDIUM | 5.0 | 2025-12-15 |
IBM UCD - IBM UrbanCode Deploy
IBM UCD - IBM DevOps Deploy
+2个
|
CVE NVD | |
| CVE-2025-14038 |
EnterpriseDB Hybrid Manager - LTS 安全漏洞
|
HIGH | 7.0 | 2025-12-15 |
EnterpriseDB Hybrid Manager - LTS
EnterpriseDB Hybrid Manager - Innovation
|
CVE NVD +1 | |
| CVE-2025-11393 |
Insights-runtimes-tech-preview/runtimes-inventory-rhel8-operator: improper proxy configuration allows unauthorized administrative commands
|
HIGH | 8.7 | 2025-12-15 |
Red Hat Red Hat Lightspeed (formerly Insights) for Runtimes 1.0
Red Hat Red Hat Runtimes Inventory Operator
|
CVE NVD | |
| CVE-2025-13888 |
Openshift-gitops-operator: openshift gitops: namespace admin cluster takeover via privileged jobs
|
CRITICAL | 9.1 | 2025-12-15 |
redhat-developer gitops-operator
Red Hat Red Hat OpenShift GitOps 1.16
+3个
|
CVE NVD | |
| CVE-2025-14387 |
LearnPress – WordPress LMS Plugin <= 4.3.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via get_profile_social
|
MEDIUM | 6.4 | 2025-12-15 |
thimpress LearnPress – WordPress LMS Plugin
|
CVE NVD | |
| CVE-2025-13824 |
Rockwell Automation多款产品 安全漏洞
|
HIGH | 8.7 | 2025-12-15 |
Rockwell Automation Micro820®, Micro850®, Micro870®
Rockwell Automation Micro820®, Micro850®, Micro870®
+1个
|
CVE NVD +1 | |
| CVE-2025-13823 |
Micro820®, Micro850®, Micro870® – Specialized Fuzzing Vulnerabilities
|
HIGH | 7.1 | 2025-12-15 |
Rockwell Automation Micro820®, Micro850®, Micro870®
|
CVE NVD | |
| CVE-2025-34412 |
NOT_EXTRACTED
|
LOW | -1.0 | 2025-12-15 |
未知
|
CVE NVD | |
| CVE-2025-34411 |
编号撤回
|
UNKNOWN | N/A | 2025-12-15 |
未知
|
CVE NVD +1 | |
| CVE-2025-34181 |
NetSupport Manager < 14.12.0001 Authenticated Path Traversal Arbitrary File Write RCE
|
HIGH | 8.7 | 2025-12-15 |
NetSupport Software Manager
|
CVE NVD | |
| CVE-2025-34180 |
NetSupport Manager < 14.12.0001 Gateway Key Reversible Encoding Credential Recovery
|
HIGH | 8.4 | 2025-12-15 |
NetSupport Software Manager
|
CVE NVD | |
| CVE-2025-34179 |
NetSupport Manager < 14.12.0001 Unauthenticated SQLi Local File Disclosure
|
HIGH | 8.7 | 2025-12-15 |
NetSupport Software Manager
|
CVE NVD | |
| CVE-2025-14156 |
Fox LMS – WordPress LMS Plugin 1.0.4.7 - 1.0.5.1 - Unauthenticated Privilege Escalation via 'createOrder'
|
CRITICAL | 9.8 | 2025-12-15 |
ays-pro Fox LMS – WordPress LMS Plugin
|
CVE NVD | |
| CVE-2025-13950 |
OneSignal – Web Push Notifications <= 3.6.1 - Missing Authorization to Unauthenticated Plugin Settings Update
|
MEDIUM | 5.3 | 2025-12-15 |
onesignal OneSignal – Web Push Notifications
|
CVE NVD | |
| CVE-2025-13728 |
FluentAuth - Auth Security Plugin <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'fluent_auth_reset_password' Shortcode
|
MEDIUM | 6.4 | 2025-12-15 |
techjewel FluentAuth – The Ultimate Authorization & Security Plugin for WordPress
|
CVE NVD | |
| CVE-2025-14383 |
Booking Calendar <= 10.14.8 - Unauthenticated SQL Injection via dates_to_check
|
HIGH | 7.5 | 2025-12-15 |
wpdevelop Booking Calendar
|
CVE NVD | |
| CVE-2025-12900 |
FileBird – WordPress Media Library Folders & File Manager <= 6.5.1 - Missing Authorization to Authenticated (Author+) Global Folders Tampering
|
MEDIUM | 4.3 | 2025-12-15 |
ninjateam FileBird – WordPress Media Library Folders & File Manager
|
CVE NVD |