快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 354228
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-63725 |
Reflected Cross-Site Scripting (XSS) vulnerability in SVX Portal 2.7A via the id parameter to Recive...
|
MEDIUM | 6.1 | 2025-11-14 |
radioinorr svx_portal
|
CVE NVD | |
| CVE-2025-63744 |
A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load...
|
MEDIUM | 4.3 | 2025-11-14 |
radare radare2
|
CVE NVD | |
| CVE-2025-63745 |
A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info...
|
MEDIUM | 5.5 | 2025-11-14 |
radare radare2
|
CVE NVD | |
| CVE-2025-63830 |
CKFinder 1.4.3 is vulnerable to Cross Site Scripting (XSS) in the File Upload function. An attacker ...
|
MEDIUM | 6.1 | 2025-11-14 |
cksource ckfinder
|
CVE NVD | |
| CVE-2025-63891 |
Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store Syst...
|
HIGH | 7.5 | 2025-11-14 |
oretnom23 simple_online_book_store_system
|
CVE NVD | |
| CVE-2025-64084 |
An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vucc_details_...
|
MEDIUM | 5.4 | 2025-11-14 |
magicbug cloudlog
|
CVE NVD | |
| CVE-2025-62769 |
Django 安全漏洞
|
UNKNOWN | N/A | 2025-11-14 |
未知
|
CNNVD | |
| CVE-2025-13167 |
Synology Contacts for DSM 安全漏洞
|
UNKNOWN | N/A | 2025-11-14 |
未知
|
CNNVD | |
| CVE-2025-64530 |
@apollo/composition has Improper Enforcement of Access Control on Interface Types and Fields
|
HIGH | 7.5 | 2025-11-13 |
apollographql federation
apollographql federation
+2个
|
CVE NVD | |
| CVE-2025-13131 |
Sonarr Service Sonarr.Console.exe default permission
|
HIGH | 8.5 | 2025-11-13 |
未知
|
CVE NVD | |
| CVE-2025-13130 |
Radarr Service Radarr.Console.exe default permission
|
HIGH | 8.5 | 2025-11-13 |
未知
|
CVE NVD | |
| CVE-2025-36236 |
AIX Path Traversal
|
HIGH | 8.2 | 2025-11-13 |
IBM AIX
IBM AIX
+6个
|
CVE NVD | |
| CVE-2025-36250 |
AIX Code Execution
|
CRITICAL | 10.0 | 2025-11-13 |
IBM AIX
IBM AIX
+6个
|
CVE NVD | |
| CVE-2025-36096 |
AIX Insufficiently Protected Credentials
|
CRITICAL | 9.0 | 2025-11-13 |
IBM AIX
IBM AIX
+6个
|
CVE NVD | |
| CVE-2025-36251 |
AIX Command Execution
|
CRITICAL | 9.6 | 2025-11-13 |
IBM AIX
IBM AIX
+6个
|
CVE NVD | |
| CVE-2025-64754 |
Jitsi Meet has DOM Redirect on Microsoft OAuth Flow
|
LOW | 2.7 | 2025-11-13 |
jitsi jitsi-meet
|
CVE NVD | |
| CVE-2025-64753 |
grist-core has insufficient access control in endpoints for comparisons between documents and versions
|
MEDIUM | 5.3 | 2025-11-13 |
gristlabs grist-core
getgrist grist-core
|
CVE NVD | |
| CVE-2025-64752 |
grist-core has path to server-side requests via websocket
|
MEDIUM | 6.8 | 2025-11-13 |
gristlabs grist-core
getgrist grist-core
|
CVE NVD | |
| CVE-2025-64749 |
Directus Vulnerable to Information Leakage in Existing Collections
|
MEDIUM | 4.3 | 2025-11-13 |
directus directus
monospace directus
|
CVE NVD | |
| CVE-2025-64748 |
Directus's conceal fields are searchable if read permissions enabled
|
MEDIUM | 6.5 | 2025-11-13 |
directus directus
monospace directus
|
CVE NVD |