快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353571
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-65187 |
A Stored Cross Site Scripting vulnerability exists in CiviCRM before v6.7 in the Accounting Batches ...
|
MEDIUM | 6.1 | 2025-12-02 |
civicrm civicrm
|
CVE NVD | |
| CVE-2025-65215 |
Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripti...
|
MEDIUM | 6.1 | 2025-12-02 |
senior-walter web-based_pharmacy_product_management_system
|
CVE NVD | |
| CVE-2025-65358 |
Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via the ...
|
CRITICAL | 9.8 | 2025-12-02 |
hashenudara edoc-doctor-appointment-system
|
CVE NVD | |
| CVE-2025-65379 |
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the /admin/password-recovery.php end...
|
MEDIUM | 6.5 | 2025-12-02 |
phpgurukul billing_system
|
CVE NVD | |
| CVE-2025-65380 |
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint. Specif...
|
MEDIUM | 6.5 | 2025-12-02 |
phpgurukul billing_system
|
CVE NVD | |
| CVE-2025-65656 |
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager...
|
CRITICAL | 9.8 | 2025-12-02 |
dcatadmin dcat_admin
|
CVE NVD | |
| CVE-2025-65657 |
FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. Fe...
|
MEDIUM | 6.5 | 2025-12-02 |
feehi feehicms
|
CVE NVD | |
| CVE-2025-65844 |
EverShop 2.0.1 allows a remote unauthenticated attacker to upload arbitrary files and create directo...
|
HIGH | 7.5 | 2025-12-02 |
evershop evershop
|
CVE NVD | |
| CVE-2025-65858 |
A Stored Cross-Site Scripting (XSS) vulnerability in Calibre-Web v0.6.25 allows attackers to inject ...
|
LOW | 3.5 | 2025-12-02 |
janeczku calibre-web
|
CVE NVD | |
| CVE-2025-65877 |
Lvzhou CMS before commit c4ea0eb9cab5f6739b2c87e77d9ef304017ed615 (2025-09-22) is vulnerable to SQL ...
|
HIGH | 7.5 | 2025-12-02 |
wanliofficial lvzhou_cms
|
CVE NVD | |
| CVE-2025-65881 |
Sourcecodester Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /classes/Lo...
|
MEDIUM | 6.1 | 2025-12-02 |
oretnom23 zoo_management_system
|
CVE NVD | |
| CVE-2025-65896 |
SQL injection vulnerability in long2ice assyncmy thru 0.2.10 allows attackers to execute arbitrary S...
|
CRITICAL | 9.8 | 2025-12-02 |
long2ice asyncmy
|
CVE NVD | |
| CVE-2025-66448 |
vLLM vulnerable to remote code execution via transformers_utils/get_config
|
HIGH | 7.1 | 2025-12-01 |
vllm-project vllm
vllm vllm
|
CVE NVD | |
| CVE-2025-66401 |
MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL
|
CRITICAL | 9.8 | 2025-12-01 |
kapilduraphe mcp-watch
|
CVE NVD | |
| CVE-2025-66415 |
fastify-reply-from bypass of reply forwarding
|
MEDIUM | 6.9 | 2025-12-01 |
fastify fastify-reply-from
|
CVE NVD | |
| CVE-2025-66412 |
Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes
|
HIGH | 8.5 | 2025-12-01 |
angular angular
angular angular
+2个
|
CVE NVD | |
| CVE-2025-66410 |
Gin-vue-admin has an arbitrary file deletion vulnerability
|
HIGH | 8.7 | 2025-12-01 |
flipped-aurora gin-vue-admin
|
CVE NVD | |
| CVE-2025-66405 |
Portkey.ai Gateway: Server-Side Request Forgery (SSRF) in Custom Host
|
MEDIUM | 6.9 | 2025-12-01 |
Portkey-AI gateway
|
CVE NVD | |
| CVE-2025-66403 |
FileRise Vulnerable to Stored XSS via SVG Upload
|
MEDIUM | 4.6 | 2025-12-01 |
error311 FileRise
filerise filerise
|
CVE NVD | |
| CVE-2025-66400 |
mdast-util-to-hast unsanitized class attribute
|
MEDIUM | 6.9 | 2025-12-01 |
syntax-tree mdast-util-to-hast
|
CVE NVD |