快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 354145
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-13412 |
Campcodes Retro Basketball Shoes Online Store admin_running.php cross site scripting
|
MEDIUM | 4.8 | 2025-11-19 |
Campcodes Retro Basketball Shoes Online Store
campcodes retro_basketball_shoes_online_store
|
CVE NVD | |
| CVE-2025-13147 |
External Service Interaction (DNS)
|
MEDIUM | 5.3 | 2025-11-19 |
Progress MOVEit Transfer
progress moveit_transfer
|
CVE NVD | |
| CVE-2025-47914 |
Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent
|
MEDIUM | 5.3 | 2025-11-19 |
golang.org/x/crypto golang.org/x/crypto/ssh/agent
golang crypto
|
CVE NVD | |
| CVE-2025-58181 |
Unbounded memory consumption in golang.org/x/crypto/ssh
|
MEDIUM | 5.3 | 2025-11-19 |
golang.org/x/crypto golang.org/x/crypto/ssh
golang crypto
|
CVE NVD | |
| CVE-2025-13411 |
Campcodes Retro Basketball Shoes Online Store admin_football.php unrestricted upload
|
MEDIUM | 5.1 | 2025-11-19 |
Campcodes Retro Basketball Shoes Online Store
campcodes retro_basketball_shoes_online_store
|
CVE NVD | |
| CVE-2025-13410 |
Campcodes Retro Basketball Shoes Online Store receipt.php sql injection
|
MEDIUM | 6.9 | 2025-11-19 |
Campcodes Retro Basketball Shoes Online Store
campcodes retro_basketball_shoes_online_store
|
CVE NVD | |
| CVE-2025-36371 |
IBM i 安全漏洞
|
MEDIUM | 6.5 | 2025-11-19 |
IBM i
IBM i
+8个
|
CVE NVD +1 | |
| CVE-2025-65103 |
OpenSTAManager has an authenticated SQL Injection vulnerability in API via 'display' parameter
|
HIGH | 8.8 | 2025-11-19 |
devcode-it openstamanager
|
CVE NVD | |
| CVE-2025-65094 |
WBCE CMS is Vulnerable to Privilege Escalation via Group ID Manipulation (IDOR)
|
HIGH | 8.7 | 2025-11-19 |
WBCE WBCE_CMS
wbce wbce_cms
|
CVE NVD | |
| CVE-2025-65100 |
Security Snapshot May Use Unintended Timestamp When Only ISAR_APT_SNAPSHOT_DATE Is Set
|
MEDIUM | 6.9 | 2025-11-19 |
ilbers isar
|
CVE NVD | |
| CVE-2025-64759 |
Homarr is Vulnerable to Stored Cross-Site Scripting (XSS) and Possible Privilege Escalation via Malicious SVG Upload
|
HIGH | 8.1 | 2025-11-19 |
homarr-labs homarr
|
CVE NVD | |
| CVE-2025-13316 |
Hard-coded encryption keys in Twonky Server
|
HIGH | 8.2 | 2025-11-19 |
Lynxtechnology Twonky Server
lynxtechnology twonky_server
|
CVE NVD | |
| CVE-2025-13315 |
Unauthenticated log access in Twonky Server
|
CRITICAL | 9.3 | 2025-11-19 |
Lynxtechnology Twonky Server
lynxtechnology twonky_server
|
CVE NVD | |
| CVE-2025-65089 |
XWiki view file macro: User can view content of office file without view rights on the attachment
|
MEDIUM | 6.8 | 2025-11-19 |
xwikisas xwiki-pro-macros
xwiki pro_macros
|
CVE NVD | |
| CVE-2025-65095 |
Lookyloo is vulnerable due to improper user input sanitization
|
CRITICAL | 9.4 | 2025-11-19 |
Lookyloo lookyloo
|
CVE NVD | |
| CVE-2025-65099 |
Claude Code vulnerable to command execution prior to startup trust dialog
|
HIGH | 7.7 | 2025-11-19 |
anthropics claude-code
anthropic claude_code
|
CVE NVD | |
| CVE-2025-65026 |
esm.sh CDN service has JS Template Literal Injection in CSS-to-JavaScript
|
MEDIUM | 6.1 | 2025-11-19 |
esm-dev esm.sh
esm esm.sh
|
CVE NVD | |
| CVE-2025-65025 |
esm.sh CDN service has arbitrary file write via tarslip
|
HIGH | 8.2 | 2025-11-19 |
esm-dev esm.sh
esm esm.sh
|
CVE NVD | |
| CVE-2025-65034 |
Rallly Improper Authorization Allows Reopening of Any Finalized Poll via Public pollId
|
HIGH | 8.1 | 2025-11-19 |
lukevella rallly
rallly rallly
|
CVE NVD | |
| CVE-2025-65033 |
Rallly Broken Authorization: Any User Can Pause or Resume Any Poll via Poll ID Manipulation
|
HIGH | 8.1 | 2025-11-19 |
lukevella rallly
rallly rallly
|
CVE NVD |