快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352999
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-14467 |
WP Job Portal <= 2.3.9 - Authenticated (Editor+) Stored Cross-Site Scripting via Job Description Field
|
MEDIUM | 4.4 | 2025-12-12 |
wpjobportal WP Job Portal – AI-Powered Recruitment System for Company or Job Board website
|
CVE NVD | |
| CVE-2025-13889 |
Simple Nivo Slider <= 0.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
|
MEDIUM | 6.4 | 2025-12-12 |
tmus Simple Nivo Slider
|
CVE NVD | |
| CVE-2025-14170 |
Vimeo SimpleGallery <= 0.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Modification
|
MEDIUM | 5.3 | 2025-12-12 |
stiand Vimeo SimpleGallery
|
CVE NVD | |
| CVE-2025-13866 |
Flow-Flow Social Feed Stream 3.0.0 - 4.7.5 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via flow_flow_social_auth AJAX action
|
MEDIUM | 6.4 | 2025-12-12 |
looks_awesome Flow-Flow Social Feed Stream
|
CVE NVD | |
| CVE-2025-14162 |
BMLT WordPress Plugin <= 3.11.4 - Cross-Site Request Forgery to Settings Creation and Deletion
|
MEDIUM | 4.3 | 2025-12-12 |
magblogapi BMLT WordPress Plugin
|
CVE NVD | |
| CVE-2025-13053 |
A missing encryption of sensitive data vulnerability was found in the UPS settings of ADM
|
HIGH | 7.0 | 2025-12-12 |
ASUSTOR ADM
asustor data_master
|
CVE NVD | |
| CVE-2025-13670 |
High Level Synthesis Compiler Security Advisory
|
MEDIUM | 5.4 | 2025-12-12 |
Altera High Level Synthesis Compiler
intel high_level_synthesis_compiler
|
CVE NVD | |
| CVE-2025-13052 |
ASUSTOR ADM 安全漏洞
|
HIGH | 7.0 | 2025-12-12 |
ASUSTOR ADM
asustor data_master
|
CVE NVD +1 | |
| CVE-2025-13669 |
High Level Synthesis Compiler Security Advisory
|
MEDIUM | 5.4 | 2025-12-12 |
Altera High Level Synthesis Compiler
intel high_level_synthesis_compiler
|
CVE NVD | |
| CVE-2025-13886 |
LT Unleashed <= 1.1.1 - Authenticated (Contributor+) Local File Inclusion via 'template' Parameter
|
HIGH | 7.5 | 2025-12-12 |
cvedovini LT Unleashed
|
CVE NVD | |
| CVE-2025-13839 |
LJUsers <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'name' Shortcode Attribute
|
MEDIUM | 6.4 | 2025-12-12 |
jenyay LJUsers
|
CVE NVD | |
| CVE-2025-13665 |
Quartus Prime Standard Security Advisory
|
MEDIUM | 5.4 | 2025-12-12 |
Altera Quartus Prime Standard
intel quartus_prime
|
CVE NVD | |
| CVE-2025-10451 |
H19Int15CallbackSmm: SMM memory corruption vulnerability in combined DXE/SMM (SMRAM write)
|
HIGH | 8.2 | 2025-12-12 |
Insyde Software InsydeH2O
|
CVE NVD | |
| CVE-2023-29144 |
Malwarebytes 1.0.14 for Linux doesn't properly compute signatures in some scenarios. This allows a b...
|
LOW | 3.3 | 2025-12-12 |
malwarebytes malwarebytes
|
CVE NVD | |
| CVE-2025-64011 |
Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference (IDOR) in the /core/pre...
|
MEDIUM | 4.3 | 2025-12-12 |
nextcloud nextcloud_server
|
CVE NVD | |
| CVE-2025-65530 |
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allow...
|
HIGH | 8.8 | 2025-12-12 |
cloudlinux ai-bolit
|
CVE NVD | |
| CVE-2025-65854 |
Insecure permissions in the scheduled tasks feature of MineAdmin v3.x allows attackers to execute ar...
|
CRITICAL | 9.8 | 2025-12-12 |
mineadmin mineadmin
|
CVE NVD | |
| CVE-2025-66430 |
Plesk 18.0 has Incorrect Access Control.
|
CRITICAL | 9.1 | 2025-12-12 |
plesk plesk
|
CVE NVD | |
| CVE-2025-67341 |
jshERP versions 3.5 and earlier are affected by a stored XSS vulnerability. This vulnerability allow...
|
MEDIUM | 4.6 | 2025-12-12 |
jishenghua jsherp
|
CVE NVD | |
| CVE-2025-67342 |
RuoYi versions 4.8.1 and earlier is affected by a stored XSS vulnerability in the /system/menu/edit ...
|
MEDIUM | 4.6 | 2025-12-12 |
ruoyi ruoyi
|
CVE NVD |