漏洞列表 - 漏洞数据展示平台

快速搜索提示： 按厂商查询（如：microsoft）| 按产品查询（如：microsoft sql_server）

搜索关键词支持模糊搜索，但速度较慢

严重程度

数据源

排序

常用厂商： microsoft cisco google apple oracle

示例： microsoft sql_server cisco ios apache http_server

漏洞列表 354145

CVE ID	标题	严重程度	CVSS	发布时间	受影响产品	数据源
CVE-2025-34328	AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated File Upload RCE via ajaxScript.php	CRITICAL	9.3	2025-11-19	AudioCodes Limited AudioCodes Fax/IVR Appliance audiocodes fax_server +1个	CVE NVD
CVE-2025-34330	AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated Prompt File Upload via ajaxPromptUploadFile.php	MEDIUM	6.9	2025-11-19	AudioCodes Limited AudioCodes Fax/IVR Appliance audiocodes fax_server +1个	CVE NVD
CVE-2025-34333	AudioCodes Fax/IVR Appliance <= 2.6.23 World-Writable Webroot LPE	HIGH	8.5	2025-11-19	AudioCodes Limited AudioCodes Fax/IVR Appliance audiocodes fax_server +1个	CVE NVD
CVE-2025-34336	eGovFramework <= 4.3.1 Unauthenticated File Upload via Web Editor Image Upload Endpoints	MEDIUM	6.9	2025-11-19	eGovFramework/egovframe-common-components eGovFramework/egovframe-common-components	CVE NVD
CVE-2025-34337	eGovFramework <= 4.3.1 Unauthenticated Encryption Oracle via Web Editor Image Upload Endpoints	HIGH	8.7	2025-11-19	eGovFramework/egovframe-common-components eGovFramework/egovframe-common-components	CVE NVD
CVE-2025-12766	Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of affected versions of BlackBerry AtHoc.	MEDIUM	5.0	2025-11-19	BlackBerry BlackBerry® AtHoc® (OnPrem) blackberry athoc	CVE NVD
CVE-2025-65022	i-Educar Authenticated Time-based SQL Injection in `agenda.php`	HIGH	7.2	2025-11-19	portabilis i-educar portabilis i-educar	CVE NVD
CVE-2025-65023	i-Educar Authenticated Time-based SQL Injection in `funcionario_vinculo_cad.php`	HIGH	7.2	2025-11-19	portabilis i-educar portabilis i-educar	CVE NVD
CVE-2025-65024	i-Educar Authenticated Time-based SQL Injection in `agenda_admin_cad.php`	HIGH	7.2	2025-11-19	portabilis i-educar portabilis i-educar	CVE NVD
CVE-2025-10703	Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Conne...	HIGH	8.6	2025-11-19	Progress DataDirect Connect for JDBC for Amazon Redshift Progress DataDirect Connect for JDBC for Apache Cassandra +30个	CVE NVD
CVE-2025-10702	Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Conne...	HIGH	8.6	2025-11-19	Progress DataDirect Connect for JDBC for Amazon Redshift Progress DataDirect Connect for JDBC for Apache Cassandra +30个	CVE NVD
CVE-2025-13397	mrubyc alloc.c mrbc_raw_realloc null pointer dereference	MEDIUM	4.8	2025-11-19	s-itoc mruby\/c	CVE NVD
CVE-2025-13396	code-projects Courier Management System add-office.php sql injection	MEDIUM	5.3	2025-11-19	code-projects Courier Management System carmelogarcia courier_management_system	CVE NVD
CVE-2025-11963	Reflected XSS in Saysis's StarCities	MEDIUM	5.4	2025-11-19	Saysis Computer Systems Trade Ltd. Co. StarCities	CVE NVD
CVE-2025-0421	iFrame Injection in Mikrogrup's Shopside	MEDIUM	4.7	2025-11-19	Shopside Software Technologies Inc. Shopside	CVE NVD
CVE-2024-8528	ALC WebCTRL Carrier i-Vu Reflected XSS due to unsanitized parameter	MEDIUM	5.4	2025-11-19	Automated Logic WebCtrl Carrier i-Vu	CVE NVD
CVE-2024-8527	ALC WebCTRL Carrier i-Vu Open Redirect via URL parameter	HIGH	8.6	2025-11-19	Automated Logic WebCtrl Carrier i-Vu	CVE NVD
CVE-2025-12592	Use of default login credentials in Legacy Vivotek Devices	CRITICAL	9.3	2025-11-19	Vivotek Affected device model numbers are FD7131-VVTK,FD7131-VVTK,FD7131-VVTK,FD7141-VVTK,IP7131-VVTK,IP7133-VVTK,IP7133-VVTK,IP7133-VVTK,IP7134-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7138-VVTK,IP7142-VVTK,IP7142-VVTK,IP7151-VVTK,IP7152-VVTK,IP7153-VVTK,IP7153-VVTK,IP7154-VVTK,IP7330-VVTK,IP7330-VVTK,IP7330-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131W-VVTK,PT7135-VVTK,PT7137-TCON,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PZ7131-VVTK,PZ7131-VVTK,PZ71X1-VVTK,PZ71X1-VVTK,PZ71X2-VVTK,SD73X3-VVTK,SD73X3-VVTK,SD73X3-VVTK,TC5330-VVTK,TC5332-TCVV,TC5333-TCVV,TC5633-TCVV,TC5633-VVTK,VS7100-VVTK,VS7100-VVTK,VS7100-VVTK Vivotek Affected device model numbers are FD7131-VVTK,FD7131-VVTK,FD7131-VVTK,FD7141-VVTK,IP7131-VVTK,IP7133-VVTK,IP7133-VVTK,IP7133-VVTK,IP7134-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7135-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7137-VVTK,IP7138-VVTK,IP7142-VVTK,IP7142-VVTK,IP7151-VVTK,IP7152-VVTK,IP7153-VVTK,IP7153-VVTK,IP7154-VVTK,IP7330-VVTK,IP7330-VVTK,IP7330-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131-VVTK,IP8131W-VVTK,PT7135-VVTK,PT7137-TCON,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PT7137-VVTK,PZ7131-VVTK,PZ7131-VVTK,PZ71X1-VVTK,PZ71X1-VVTK,PZ71X2-VVTK,SD73X3-VVTK,SD73X3-VVTK,SD73X3-VVTK,TC5330-VVTK,TC5332-TCVV,TC5333-TCVV,TC5633-TCVV,TC5633-VVTK,VS7100-VVTK,VS7100-VVTK,VS7100-VVTK +29个	CVE NVD
CVE-2025-10437	SQLi in Exagate's Webpack Management System	CRITICAL	9.8	2025-11-19	Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System	CVE NVD
CVE-2025-13395	codehub666 94list function.php login sql injection	MEDIUM	6.9	2025-11-19	codehub666 94list	CVE NVD

耗时统计

总耗时:	253.59 ms
构建查询耗时:	0.0 ms
统计耗时:	244.15 ms
获取数据耗时:	8.69 ms
数据转换耗时:	0.75 ms

数据统计

匹配文档数:	354145
返回文档数:	20
当前页码:	589
每页数量:	20
跳过记录数:	11760

查询详情

查询集合:	`uni_vulnerabilities`
使用过滤器:	否
搜索关键词:	-
严重程度:	-
数据源:	-
效率分析:	良好查询速度正常

优化建议：

匹配文档数量很大（354145），建议使用更精确的搜索条件
当前未使用任何过滤条件，查询全部数据可能较慢

漏洞列表 354145

参考链接