快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 354228
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-4616 |
Prisma Browser: Insufficient Validation of Untrusted Input Vulnerability in Prisma Browser
|
LOW | 1.1 | 2025-11-14 |
Palo Alto Networks Prisma Browser
|
CVE NVD | |
| CVE-2025-13171 |
ZZCMS wangkan_list.php sql injection
|
MEDIUM | 5.3 | 2025-11-14 |
zzcms zzcms
|
CVE NVD | |
| CVE-2025-13204 |
CVE-2025-13204
|
HIGH | 7.3 | 2025-11-14 |
silentmatt expr-eval
silentmatt javascript_expression_evaluator
|
CVE NVD | |
| CVE-2025-13170 |
code-projects Simple Online Hotel Reservation System edit_account.php sql injection
|
MEDIUM | 6.9 | 2025-11-14 |
code-projects Simple Online Hotel Reservation System
fabian simple_online_hotel_reservation_system
|
CVE NVD | |
| CVE-2025-8870 |
On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.
|
MEDIUM | 5.6 | 2025-11-14 |
Arista Networks EOS
|
CVE NVD | |
| CVE-2025-64446 |
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 thr...
|
CRITICAL | 9.4 | 2025-11-14 |
Fortinet FortiWeb
fortinet fortiweb
|
CVE NVD | |
| CVE-2025-13169 |
code-projects Simple Online Hotel Reservation System add_query_reserve.php sql injection
|
MEDIUM | 6.9 | 2025-11-14 |
code-projects Simple Online Hotel Reservation System
fabian simple_online_hotel_reservation_system
|
CVE NVD | |
| CVE-2025-13168 |
ury-erp ury pos_extend.py overrided_past_order_list sql injection
|
MEDIUM | 5.3 | 2025-11-14 |
ury-erp ury
ury-erp ury
+1个
|
CVE NVD | |
| CVE-2024-21635 |
Memos Access Tokens Stay Valid after User Password Change
|
HIGH | 7.1 | 2025-11-14 |
usememos memos
usememos memos
|
CVE NVD | |
| CVE-2025-12149 |
Unauthorized access to documents protected by Document-Level Security (DLS), when Signals watches include a search query involving protected documents
|
MEDIUM | 6.0 | 2025-11-14 |
floragunn Search Guard FLX
|
CVE NVD | |
| CVE-2025-11918 |
Rockwell Automation Arena® Simulation Stack-Based Buffer Overflow Vulnerability
|
HIGH | 7.1 | 2025-11-14 |
Rockwell Automation Arena® Simulation
rockwellautomation arena
|
CVE NVD | |
| CVE-2025-10018 |
Multiple Stored XSS in QuickCMS
|
MEDIUM | 4.8 | 2025-11-14 |
OpenSolution QuickCMS
opensolution quick.cms
|
CVE NVD | |
| CVE-2025-9982 |
Hard-coded admin credentials in Quick.CMS
|
MEDIUM | 6.9 | 2025-11-14 |
OpenSolution QuickCMS
opensolution quick.cms
|
CVE NVD | |
| CVE-2025-8855 |
2FA Expiry Bypass in Optimus Software's Brokerage Automation
|
HIGH | 8.1 | 2025-11-14 |
Optimus Software Brokerage Automation
|
CVE NVD | |
| CVE-2025-11981 |
School Management System – WPSchoolPress <= 2.2.23 - Authenticated (Administrator+) SQL Injection
|
MEDIUM | 4.9 | 2025-11-14 |
jdsofttech School Management System – WPSchoolPress
|
CVE NVD | |
| CVE-2025-11794 |
Password hash and MFA secret returned in user email verification endpoint
|
MEDIUM | 4.9 | 2025-11-14 |
Mattermost Mattermost
mattermost mattermost_server
|
CVE NVD | |
| CVE-2025-55073 |
MS Teams plugin OAuth allows editing arbitrary posts
|
MEDIUM | 5.4 | 2025-11-14 |
Mattermost Mattermost
mattermost mattermost_server
|
CVE NVD | |
| CVE-2025-55070 |
Lack of MFA enforcement in WebSocket connections
|
MEDIUM | 6.5 | 2025-11-14 |
Mattermost Mattermost
mattermost mattermost_server
|
CVE NVD | |
| CVE-2025-41436 |
Unauthorized access to archived channel content via threads interface
|
LOW | 3.1 | 2025-11-14 |
Mattermost Mattermost
mattermost mattermost_server
|
CVE NVD | |
| CVE-2025-11776 |
Guest user can discover archived public channels
|
MEDIUM | 4.3 | 2025-11-14 |
Mattermost Mattermost
mattermost mattermost_server
|
CVE NVD |