快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 350844
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-0615 |
CVE-2026-0615
|
HIGH | 7.3 | 2026-01-16 |
TheLibrarian TheLibrarian.io
|
CVE NVD | |
| CVE-2026-0616 |
CVE-2026-0616
|
HIGH | 7.5 | 2026-01-16 |
TheLibrarian TheLibrarian.io
|
CVE NVD | |
| CVE-2026-0613 |
CVE-2026-0613
|
HIGH | 7.5 | 2026-01-16 |
TheLibrarian TheLibrarian.io
|
CVE NVD | |
| CVE-2026-0612 |
CVE-2026-0612
|
HIGH | 7.5 | 2026-01-16 |
TheLibrarian TheLibrarian.io
|
CVE NVD | |
| CVE-2025-14894 |
CVE-2025-14894
|
HIGH | 7.5 | 2026-01-16 |
bee interactive Livewire Filemanager
|
CVE NVD | |
| CVE-2025-14435 |
Application-Level DoS via infinite re-render loop in user profile handling
|
MEDIUM | 6.8 | 2026-01-16 |
Mattermost Mattermost
|
CVE NVD | |
| CVE-2025-68675 |
Apache Airflow: proxy credentials for various providers might leak in task logs
|
HIGH | 7.5 | 2026-01-16 |
Apache Software Foundation Apache Airflow
|
CVE NVD | |
| CVE-2025-59870 |
Improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk
|
HIGH | 7.4 | 2026-01-16 |
HCL Software MyXalytics
|
CVE NVD | |
| CVE-2025-68438 |
Apache Airflow: Secrets in rendered templates could contain parts of sensitive values when truncated
|
HIGH | 7.5 | 2026-01-16 |
Apache Software Foundation Apache Airflow
|
CVE NVD | |
| CVE-2025-14844 |
Membership Plugin – Restrict Content <= 3.2.16 - Missing Authentication to Insecure Direct Object Reference and Sensitive Information Exposure
|
HIGH | 8.2 | 2026-01-16 |
stellarwp Membership Plugin – Restrict Content
|
CVE NVD | |
| CVE-2025-14822 |
DoS from quadratic complexity in model.ParseHashtags
|
LOW | 3.1 | 2026-01-16 |
Mattermost Mattermost
|
CVE NVD | |
| CVE-2025-12007 |
Supermicro BMC firmware update validation bypass
|
HIGH | 7.2 | 2026-01-16 |
SMCI X13SEM-F
|
CVE NVD | |
| CVE-2025-60021 |
Apache bRPC: Remote command injection vulnerability in heap builtin service
|
CRITICAL | 9.8 | 2026-01-16 |
Apache Software Foundation Apache bRPC
|
CVE NVD | |
| CVE-2025-14757 |
Cost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status Bypass
|
MEDIUM | 5.3 | 2026-01-16 |
stylemix Cost Calculator Builder
|
CVE NVD | |
| CVE-2025-12006 |
Supermicro BMC firmware update validation bypass
|
HIGH | 7.2 | 2026-01-16 |
SMCI X12STW-F
|
CVE NVD | |
| CVE-2026-0913 |
User Submitted Posts <= 20260110 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'usp_access' Shortcode
|
MEDIUM | 6.4 | 2026-01-16 |
specialk User Submitted Posts – Enable Users to Submit Posts from the Front End
|
CVE NVD | |
| CVE-2026-1004 |
Essential Addons for Elementor <= 6.5.5 - Missing Authorization to Unauthenticated Sensitive Information Exposure
|
MEDIUM | 5.3 | 2026-01-16 |
wpdevteam Essential Addons for Elementor – Popular Elementor Templates & Widgets
|
CVE NVD | |
| CVE-2026-22876 |
Path Traversal vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Cor...
|
HIGH | 7.1 | 2026-01-16 |
TOA Corporation Multiple Network Cameras TRIFORA 3 series
|
CVE NVD | |
| CVE-2026-20894 |
Cross-site scripting vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by T...
|
MEDIUM | 4.8 | 2026-01-16 |
TOA Corporation Multiple Network Cameras TRIFORA 3 series
|
CVE NVD | |
| CVE-2026-20759 |
OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by T...
|
HIGH | 8.7 | 2026-01-16 |
TOA Corporation Multiple Network Cameras TRIFORA 3 series
|
CVE NVD |