快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353571
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-63533 |
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the...
|
HIGH | 8.5 | 2025-12-01 |
shridharshukl blood_bank_management_system
|
CVE NVD | |
| CVE-2025-63534 |
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the...
|
HIGH | 8.5 | 2025-12-01 |
shridharshukl blood_bank_management_system
|
CVE NVD | |
| CVE-2025-63535 |
A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php comp...
|
CRITICAL | 9.6 | 2025-12-01 |
shridharshukl blood_bank_management_system
|
CVE NVD | |
| CVE-2025-64030 |
Eximbills Enterprise 4.1.5 (Built on 2020-10-30) is vulnerable to authenticated stored cross-site sc...
|
MEDIUM | 5.4 | 2025-12-01 |
chinasystems eximbills_enterprise
|
CVE NVD | |
| CVE-2025-65403 |
A buffer overflow in the g_cfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denia...
|
MEDIUM | 6.5 | 2025-12-01 |
hfiref0x lightftp
|
CVE NVD | |
| CVE-2025-65404 |
A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attac...
|
MEDIUM | 6.5 | 2025-12-01 |
live555 streaming_media
|
CVE NVD | |
| CVE-2025-65405 |
A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media...
|
MEDIUM | 6.5 | 2025-12-01 |
live555 streaming_media
|
CVE NVD | |
| CVE-2025-65406 |
A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Med...
|
MEDIUM | 6.5 | 2025-12-01 |
live555 streaming_media
|
CVE NVD | |
| CVE-2025-65407 |
A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v20...
|
MEDIUM | 6.5 | 2025-12-01 |
live555 streaming_media
|
CVE NVD | |
| CVE-2025-65408 |
A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of...
|
MEDIUM | 6.5 | 2025-12-01 |
live555 streaming_media
|
CVE NVD | |
| CVE-2025-65621 |
Snipe-IT before 8.3.4 allows stored XSS, allowing a low-privileged authenticated user to inject Java...
|
MEDIUM | 5.4 | 2025-12-01 |
snipeitapp snipe-it
|
CVE NVD | |
| CVE-2025-65622 |
Snipe-IT before 8.3.4 allows stored XSS via the Locations "Country" field, enabling a low-privileged...
|
MEDIUM | 5.4 | 2025-12-01 |
snipeitapp snipe-it
|
CVE NVD | |
| CVE-2025-65836 |
PublicCMS V5.202506.b is vulnerable to SSRF. in the chat interface of SimpleAiAdminController.
|
CRITICAL | 9.1 | 2025-12-01 |
publiccms publiccms
|
CVE NVD | |
| CVE-2025-65838 |
PublicCMS V5.202506.b is vulnerable to path traversal via the doUploadSitefile method.
|
HIGH | 7.5 | 2025-12-01 |
publiccms publiccms
|
CVE NVD | |
| CVE-2025-65840 |
PublicCMS V5.202506.b is vulnerable to Cross Site Request Forgery (CSRF) in the CkEditorAdminControl...
|
HIGH | 8.8 | 2025-12-01 |
publiccms publiccms
|
CVE NVD | |
| CVE-2025-13796 |
deco-cx apps Parameter analyticsScript.ts AnalyticsScript server-side request forgery
|
MEDIUM | 5.3 | 2025-11-30 |
deco-cx apps
deco-cx apps
|
CVE NVD | |
| CVE-2025-13795 |
codingWithElias School Management System Edit Student Info student-view.php cross site scripting
|
MEDIUM | 4.8 | 2025-11-30 |
codingWithElias School Management System
|
CVE NVD | |
| CVE-2025-35028 |
HexStrike AI MCP Server Command Injection
|
CRITICAL | 9.1 | 2025-11-30 |
0x4m4 HexStrike AI
|
CVE NVD | |
| CVE-2025-13793 |
winston-dsouza Ecommerce-Website GET Parameter header_menu.php cross site scripting
|
MEDIUM | 5.3 | 2025-11-30 |
winston-dsouza Ecommerce-Website
|
CVE NVD | |
| CVE-2025-13792 |
Qualitor getResumo.php eval code injection
|
MEDIUM | 6.9 | 2025-11-30 |
未知
|
CVE NVD |