快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 354145
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-13624 |
Overstock Affiliate Links <= 1.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
|
MEDIUM | 6.1 | 2025-12-20 |
travishoki Overstock Affiliate Links
|
CVE NVD | |
| CVE-2025-14633 |
F70 Lead Document Download <= 1.4.4 - Missing Authorization to Unauthenticated Arbitrary Media File Download
|
MEDIUM | 5.3 | 2025-12-20 |
niao70 F70 Lead Document Download
|
CVE NVD | |
| CVE-2025-14721 |
Responsive and Swipe slider <= 1.0.2 - Authenticated (Editor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 5.5 | 2025-12-20 |
mansoormunib RESPONSIVE AND SWIPE SLIDER!
|
CVE NVD | |
| CVE-2025-12898 |
Pretty Google Calendar <= 2.0.0 - Missing Authorization to Unauthenticated Google API Key Exposure
|
MEDIUM | 5.3 | 2025-12-20 |
lbell Pretty Google Calendar
|
CVE NVD | |
| CVE-2025-14734 |
Amazon affiliate lite Plugin <= 1.0.0 - Cross-Site Request Forgery to Plugin Settings Update
|
MEDIUM | 5.4 | 2025-12-20 |
nestornoe Amazon affiliate lite Plugin
|
CVE NVD | |
| CVE-2025-14164 |
Quran Gateway <= 1.5 - Cross-Site Request Forgery to Settings Update
|
MEDIUM | 4.3 | 2025-12-20 |
edckwt Quran Gateway
|
CVE NVD | |
| CVE-2025-14735 |
Amazon affiliate lite Plugin <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
|
MEDIUM | 4.4 | 2025-12-20 |
nestornoe Amazon affiliate lite Plugin
|
CVE NVD | |
| CVE-2025-14591 |
PII Leak Due to Change in EOR Handling
|
MEDIUM | 5.3 | 2025-12-20 |
Perforce Delphix Continuous Compliance
perforce delphix_continuous_compliance
|
CVE NVD | |
| CVE-2025-14300 |
Unauthenticated Access to connectAP API Endpoint on Tapo C200
|
HIGH | 8.7 | 2025-12-20 |
TP-Link Systems Inc. Tapo C200 V3
tp-link tapo_c200_firmware
+11个
|
CVE NVD | |
| CVE-2025-14299 |
Improper Content-Length Validation in HTTPS Requests on Tapo C200
|
HIGH | 7.1 | 2025-12-20 |
TP-Link Systems Inc. Tapo C200 V3
tp-link tapo_c200_firmware
+11个
|
CVE NVD | |
| CVE-2025-8065 |
TP-Link Tapo C200 安全漏洞
|
HIGH | 7.1 | 2025-12-20 |
TP-Link Systems Inc. Tapo C200 V3
tp-link tapo_c200_firmware
+11个
|
CVE NVD +1 | |
| CVE-2025-68613 |
n8n Vulnerable to Remote Code Execution via Expression Injection
|
CRITICAL | 10.0 | 2025-12-19 |
n8n-io n8n
n8n-io n8n
+1个
|
CVE NVD | |
| CVE-2023-53953 |
WebsiteBaker 2.13.3 Stored Cross-Site Scripting via Page Creation
|
MEDIUM | 5.1 | 2025-12-19 |
Websitebaker WebsiteBaker
websitebaker websitebaker
|
CVE NVD | |
| CVE-2023-53950 |
InnovaStudio WYSIWYG Editor 5.4 Unrestricted File Upload via Filename Manipulation
|
CRITICAL | 9.3 | 2025-12-19 |
innovastudio WYSIWYG Editor
|
CVE NVD | |
| CVE-2023-53959 |
FileZilla Client 3.63.1 DLL Hijacking via Missing TextShaping.dll
|
HIGH | 8.5 | 2025-12-19 |
filezilla-project FileZilla Client
|
CVE NVD | |
| CVE-2023-53958 |
LDAP Tool Box Self Service Password 1.5.2 Account Takeover via HTTP Host Header
|
HIGH | 8.6 | 2025-12-19 |
ltb-project LDAP Tool Box Self Service Password
|
CVE NVD | |
| CVE-2023-53957 |
Kimai 1.30.10 SameSite Cookie Vulnerability Session Hijacking
|
HIGH | 8.5 | 2025-12-19 |
Kimai Kimai
|
CVE NVD | |
| CVE-2023-53956 |
Flatnux 2021-03.25 Authenticated File Upload Remote Code Execution
|
HIGH | 8.7 | 2025-12-19 |
altervista flatnux
|
CVE NVD | |
| CVE-2023-53954 |
ActFax 10.10 Unquoted Path Services Privilege Escalation Vulnerability
|
HIGH | 8.5 | 2025-12-19 |
Actfax ActFax
|
CVE NVD | |
| CVE-2023-53952 |
Dotclear 2.25.3 Authenticated Remote Code Execution via File Upload
|
HIGH | 8.7 | 2025-12-19 |
Dotclear Dotclear
dotclear dotclear
|
CVE NVD |