快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353571
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-56427 |
Directory Traversal vulnerability in ComposioHQ v.0.7.20 allows a remote attacker to obtain sensitiv...
|
HIGH | 7.5 | 2025-12-04 |
composio composio
|
CVE NVD | |
| CVE-2025-57210 |
Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers ...
|
HIGH | 7.5 | 2025-12-04 |
fuyang_lipengjun platform
|
CVE NVD | |
| CVE-2025-57212 |
Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows attackers t...
|
HIGH | 7.5 | 2025-12-04 |
fuyang_lipengjun platform
|
CVE NVD | |
| CVE-2025-57213 |
Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attacke...
|
HIGH | 7.5 | 2025-12-04 |
fuyang_lipengjun platform
|
CVE NVD | |
| CVE-2025-59788 |
Cross-site scripting (XSS) vulnerability in a reachable files_pdfviewer example directory in Nextclo...
|
MEDIUM | 6.4 | 2025-12-04 |
Nextcloud Nextcloud
|
CVE NVD | |
| CVE-2025-61148 |
An Insecure Direct Object Reference (IDOR) vulnerability in the EduplusCampus 3.0.1 Student Payment ...
|
MEDIUM | 6.5 | 2025-12-04 |
edupluscampus edupluscampus
|
CVE NVD | |
| CVE-2025-63361 |
Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: ...
|
MEDIUM | 5.7 | 2025-12-04 |
waveshare rs232\/485_to_wifi_eth_\(b\)_firmware
|
CVE NVD | |
| CVE-2025-63362 |
Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: ...
|
CRITICAL | 9.8 | 2025-12-04 |
waveshare rs232\/485_to_wifi_eth_\(b\)_firmware
|
CVE NVD | |
| CVE-2025-63363 |
A lack of Management Frame Protection in Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-F...
|
HIGH | 7.5 | 2025-12-04 |
waveshare rs232\/485_to_wifi_eth_\(b\)_firmware
|
CVE NVD | |
| CVE-2025-63364 |
Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: ...
|
HIGH | 7.5 | 2025-12-04 |
waveshare rs232\/485_to_wifi_eth_\(b\)_firmware
|
CVE NVD | |
| CVE-2025-63499 |
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the theme parameter.
|
MEDIUM | 6.1 | 2025-12-04 |
alinto sogo
|
CVE NVD | |
| CVE-2025-63681 |
open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API /api/tasks/stop/ directly acce...
|
MEDIUM | 4.3 | 2025-12-04 |
openwebui open_webui
|
CVE NVD | |
| CVE-2025-63896 |
An issue in the Bluetooth Human Interface Device (HID) of JXL 9 Inch Car Android Double Din Player A...
|
LOW | 3.5 | 2025-12-04 |
jxlindia jxl_9_inch_car_android_double_din_player_firmware
|
CVE NVD | |
| CVE-2025-65346 |
alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extra...
|
CRITICAL | 9.1 | 2025-12-04 |
alexusmai laravel_file_manager
|
CVE NVD | |
| CVE-2025-65516 |
A stored cross-site scripting (XSS) vulnerability was discovered in Seafile Community Edition prior ...
|
MEDIUM | 6.1 | 2025-12-04 |
seafile seafile_server
|
CVE NVD | |
| CVE-2025-65637 |
A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to ...
|
HIGH | 7.5 | 2025-12-04 |
turbopuffer logrus
turbopuffer logrus
+1个
|
CVE NVD | |
| CVE-2025-65806 |
The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An at...
|
HIGH | 8.0 | 2025-12-04 |
e-point e-point_cms
|
CVE NVD | |
| CVE-2025-65883 |
A vulnerability has been identified in Genexis Platinum P4410 router (Firmware P4410-V2–1.41) that a...
|
HIGH | 8.4 | 2025-12-04 |
genexis platinum_4410_firmware
|
CVE NVD | |
| CVE-2025-65899 |
Kalmia CMS version 0.2.0 contains a user enumeration vulnerability in its authentication mechanism. ...
|
MEDIUM | 5.3 | 2025-12-04 |
difuse kalmia
|
CVE NVD | |
| CVE-2025-65900 |
Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/use...
|
MEDIUM | 6.5 | 2025-12-04 |
difuse kalmia
|
CVE NVD |