精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 354299
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-4522
IDonate 2.0.0 - 2.1.9 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion via admin_post_donor_delete Function
MEDIUM 6.5 2025-11-07
themeatelier IDonate – Blood Donation, Request And Donor Management System themeatelier idonate
CVE NVD
CVE-2025-4519
IDonate 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_password Function
HIGH 8.8 2025-11-07
themeatelier IDonate – Blood Donation, Request And Donor Management System themeatelier idonate
CVE NVD
CVE-2025-12352
Gravity Forms <= 2.9.20 - Unauthenticated Arbitrary File Upload via 'copy_post_image'
CRITICAL 9.8 2025-11-07
Gravity Forms Gravity Forms
CVE NVD
CVE-2025-64329
containerd CRI server: Host memory exhaustion through Attach goroutine leak
MEDIUM 6.9 2025-11-07
containerd containerd containerd containerd +4个
CVE NVD
CVE-2025-64328
FreePBX Administration GUI is Vulnerable to Authenticated Command Injection
HIGH 8.6 2025-11-07
FreePBX security-reporting sangoma freepbx
CVE NVD
CVE-2025-5483
LC Wizard 1.2.10 - 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation
HIGH 8.1 2025-11-07
niaj Connector Wizard (formerly LC Wizard)
CVE NVD
CVE-2025-64323
kgateway is missing xDS authorization
MEDIUM 5.3 2025-11-07
kgateway-dev kgateway kgateway-dev kgateway
CVE NVD
CVE-2025-64187
OctoPrint is vulnerable to XSS through Action Command Notifications and Prompts
MEDIUM 4.6 2025-11-07
OctoPrint OctoPrint octoprint octoprint
CVE NVD
CVE-2025-64184
Dosage vulnerable to Directory Traversal through crafted HTTP responses
HIGH 8.8 2025-11-07
webcomics dosage
CVE NVD
CVE-2025-64180
Manager-io/Manager: Complete Bypass of SSRF Protection via Time-of-Check Time-of-Use (TOCTOU)
CRITICAL 10.0 2025-11-07
Manager-io Manager
CVE NVD
CVE-2025-11546
CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2,...
CRITICAL 9.3 2025-11-07
NEC Corporation CLUSTERPRO X for Linux (EXPRESSCLUSTER X for Linux) NEC Corporation CLUSTERPRO X SingleServerSafe for Linux (EXPRESSCLUSTER X SingleServerSafe for Linux)
CVE NVD
CVE-2025-48985
A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta. ...
LOW 3.7 2025-11-07
Vercel AI SDK vercel ai +1个
CVE NVD
CVE-2025-52662
A vulnerability in Nuxt DevTools has been fixed in version **2.6.4***. This issue may have allowed N...
MEDIUM 6.9 2025-11-07
Vercel Nuxt Devtools nuxt devtools
CVE NVD
CVE-2025-57697
AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function _encode_image_bs64. Sin...
MEDIUM 6.5 2025-11-07
astrbot astrbot
CVE NVD
CVE-2025-57698
AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function install_p...
HIGH 7.5 2025-11-07
astrbot astrbot
CVE NVD
CVE-2025-60574
A Local File Inclusion (LFI) vulnerability has been identified in tQuadra CMS 4.2.1117. The issue ex...
HIGH 7.5 2025-11-07
webair tquadra_cms
CVE NVD
CVE-2025-61261
A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows at...
MEDIUM 5.4 2025-11-07
angular angular ckeditor ckeditor5
CVE NVD
CVE-2025-63420
CrushFTP11 before 11.3.7_57 is vulnerable to stored HTML injection in the CrushFTP Admin Panel (Repo...
MEDIUM 4.1 2025-11-07
crushftp crushftp
CVE NVD
CVE-2025-63543
TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in the /search_results endpoint via the q ...
MEDIUM 6.1 2025-11-07
nooncarlett techstore
CVE NVD
CVE-2025-63544
TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in /order_notes via the id parameter.
MEDIUM 6.1 2025-11-07
nooncarlett techstore
CVE NVD