快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353946
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-11087 |
Zegen Core <= 2.0.1 - Cross-Site Request Forgery to Arbitrary File Upload
|
HIGH | 8.8 | 2025-11-21 |
zozothemes Zegen Core
|
CVE NVD | |
| CVE-2025-13524 |
Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Win...
|
MEDIUM | 6.8 | 2025-11-21 |
AWS Wickr
AWS Wickr Gov
+1个
|
CVE NVD | |
| CVE-2025-36149 |
IBM Concert Software clickjacking
|
MEDIUM | 6.3 | 2025-11-21 |
IBM IBM Concert Software
ibm concert
|
CVE NVD | |
| CVE-2025-48502 |
Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, po...
|
MEDIUM | 5.5 | 2025-11-21 |
AMD AMD μProf
amd uprof
|
CVE NVD | |
| CVE-2025-62609 |
MLX has Wild Pointer Dereference in load_gguf()
|
MEDIUM | 5.5 | 2025-11-21 |
ml-explore mlx
ml-explore mlx
|
CVE NVD | |
| CVE-2025-62608 |
MLX has heap-buffer-overflow in load()
|
MEDIUM | 5.5 | 2025-11-21 |
ml-explore mlx
ml-explore mlx
|
CVE NVD | |
| CVE-2025-62626 |
Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence ...
|
HIGH | 7.2 | 2025-11-21 |
AMD AMD Ryzen™ 9000HX Series Processors
AMD AMD EPYC™ 9005 Series Processors
|
CVE NVD | |
| CVE-2025-64767 |
hpke-js reuses AEAD nonces
|
CRITICAL | 9.1 | 2025-11-21 |
dajiaji hpke-js
|
CVE NVD | |
| CVE-2025-29934 |
A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest usin...
|
MEDIUM | 5.3 | 2025-11-21 |
AMD AMD EPYC™ 9004 Series Processors
AMD AMD EPYC™ 9005 Series Processors
+6个
|
CVE NVD | |
| CVE-2025-64169 |
Wazuh NULL pointer dereference in fim_alert line 666
|
MEDIUM | 5.1 | 2025-11-21 |
wazuh wazuh
wazuh wazuh
|
CVE NVD | |
| CVE-2025-54866 |
Wazuh installation fails to protected authd.pass on Windows
|
LOW | 1.8 | 2025-11-21 |
wazuh wazuh
wazuh wazuh
|
CVE NVD | |
| CVE-2025-30201 |
Wazuh NetNTLMv2 Hash Theft In Multiple Centralized Configuration Capabilities
|
HIGH | 7.7 | 2025-11-21 |
wazuh wazuh
wazuh wazuh
|
CVE NVD | |
| CVE-2025-13132 |
Dia: Increased Spoof Risk; Missing full screen toast
|
HIGH | 7.4 | 2025-11-21 |
The Browser Company of New York Dia
|
CVE NVD | |
| CVE-2025-64483 |
Wazuh API – Agent Configuration Has Improper Access Control in Agent Enrollment Endpoint
|
MEDIUM | 5.3 | 2025-11-21 |
wazuh wazuh-dashboard-plugins
|
CVE NVD | |
| CVE-2025-13470 |
RNP 0.18.0 Vulnerable PKESK session keys
|
HIGH | 7.7 | 2025-11-21 |
Ribose RNP
|
CVE NVD | |
| CVE-2025-12747 |
Tainacan <= 1.0.0 - Unauthenticated Information Exposure
|
MEDIUM | 5.3 | 2025-11-21 |
tainacan Tainacan
|
CVE NVD | |
| CVE-2025-12973 |
S2B AI Assistant – ChatBot, ChatGPT, OpenAI, Content & Image Generator <= 1.7.8 - Authenticated (Editor+) Arbitrary File Upload
|
HIGH | 7.2 | 2025-11-21 |
oc3dots S2B AI Assistant – ChatBot, ChatGPT, OpenAI, Content & Image Generator
|
CVE NVD | |
| CVE-2025-13357 |
Vault Terraform Provider Applied Incorrect Defaults for LDAP Auth Method
|
HIGH | 7.4 | 2025-11-21 |
HashiCorp Tooling
hashicorp terraform_provider
|
CVE NVD | |
| CVE-2025-41115 |
Incorrect privilege assignment
|
CRITICAL | 10.0 | 2025-11-21 |
Grafana Grafana Enterprise
grafana grafana
|
CVE NVD | |
| CVE-2025-13432 |
Terraform Enterprise state versions can be created by users with specific permissions without sufficient write access
|
MEDIUM | 4.3 | 2025-11-21 |
HashiCorp Terraform Enterprise
hashicorp terraform
+1个
|
CVE NVD |