快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353043
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-67500 |
Mastodon Error Handling Discrepancy Enables Private Status Existence Enumeration
|
LOW | 3.7 | 2025-12-09 |
mastodon mastodon
mastodon mastodon
+3个
|
CVE NVD | |
| CVE-2025-61808 |
ColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434)
|
CRITICAL | 9.1 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-61813 |
ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)
|
HIGH | 8.2 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-61812 |
ColdFusion | Improper Input Validation (CWE-20)
|
HIGH | 8.4 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-61821 |
ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)
|
MEDIUM | 6.8 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-64898 |
ColdFusion | Insufficiently Protected Credentials (CWE-522)
|
MEDIUM | 4.3 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-61810 |
ColdFusion | Deserialization of Untrusted Data (CWE-502)
|
HIGH | 8.4 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-61809 |
ColdFusion | Improper Input Validation (CWE-20)
|
CRITICAL | 9.1 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-61822 |
ColdFusion | Improper Input Validation (CWE-20)
|
MEDIUM | 6.2 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-64897 |
ColdFusion | Improper Access Control (CWE-284)
|
MEDIUM | 5.6 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-61823 |
ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)
|
MEDIUM | 6.2 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-61811 |
ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
|
CRITICAL | 9.1 | 2025-12-09 |
Adobe ColdFusion
adobe coldfusion
+2个
|
CVE NVD | |
| CVE-2025-67499 |
Plugins 信息泄露漏洞
|
MEDIUM | 6.6 | 2025-12-09 |
containernetworking plugins
|
CVE NVD +1 | |
| CVE-2025-67496 |
WeGia is Vulnerable to XSS through id_pessoa Parameter on Password Configuration Page
|
MEDIUM | 4.3 | 2025-12-09 |
LabRedesCefetRJ WeGIA
wegia wegia
|
CVE NVD | |
| CVE-2025-67495 |
ZITADEL Vulnerable to Account Takeover via DOM-Based XSS in Zitadel V2 Login
|
HIGH | 8.0 | 2025-12-09 |
zitadel zitadel
zitadel zitadel
+2个
|
CVE NVD | |
| CVE-2025-67494 |
ZITADEL Vulnerable to Unauthenticated Full-Read SSRF via V2 Login
|
CRITICAL | 9.3 | 2025-12-09 |
zitadel zitadel
zitadel zitadel
+2个
|
CVE NVD | |
| CVE-2025-36437 |
IBM Planning Analytics Local is vulnerable to disclosing sensitive information
|
MEDIUM | 4.3 | 2025-12-09 |
IBM IBM Planning Analytics Local
ibm planning_analytics_local
|
CVE NVD | |
| CVE-2025-66645 |
NiceGUI Path Traversal Vulnerability in app.add_media_files() Allows Arbitrary File Reading
|
HIGH | 7.5 | 2025-12-09 |
zauberzeug nicegui
zauberzeug nicegui
|
CVE NVD | |
| CVE-2025-66039 |
FreePBX Endpoint Manager Allows Unauthenticated Logins to Administrator Control Panel via Forged Basic Auth Header
|
CRITICAL | 9.3 | 2025-12-09 |
FreePBX security-reporting
FreePBX security-reporting
|
CVE NVD | |
| CVE-2025-34425 |
MailEnable < 10.54 Reflected XSS in WindowContext Parameter of MAI/compose.aspx
|
MEDIUM | 5.3 | 2025-12-09 |
MailEnable MailEnable
mailenable mailenable
|
CVE NVD |