快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 355346
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-66581 |
Frappe LMS is Missing Server-Side Authorization in Business Logic
|
LOW | 1.3 | 2025-12-05 |
frappe lms
frappe learning
|
CVE NVD | |
| CVE-2025-66577 |
cpp-httplib Untrusted HTTP Header Handling: X-Forwarded-For/X-Real-IP Trust
|
MEDIUM | 5.3 | 2025-12-05 |
yhirose cpp-httplib
yhirose cpp-httplib
|
CVE NVD | |
| CVE-2025-66570 |
cpp-httplib Untrusted HTTP Header Handling: Internal Header Shadowing (REMOTE*/LOCAL*)
|
CRITICAL | 10.0 | 2025-12-05 |
yhirose cpp-httplib
yhirose cpp-httplib
|
CVE NVD | |
| CVE-2025-66566 |
LZ4 Java 安全漏洞
|
HIGH | 8.2 | 2025-12-05 |
yawkat lz4-java
|
CVE NVD +1 | |
| CVE-2025-66562 |
TUUI vulnerable to Remote Code Execution (RCE) via XSS in Markdown ECharts Rendering
|
HIGH | 8.9 | 2025-12-05 |
AI-QL tuui
|
CVE NVD | |
| CVE-2025-66558 |
Nextcloud Twofactor WebAuthn app was updated based on public key
|
LOW | 3.1 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+1个
|
CVE NVD | |
| CVE-2025-66556 |
Nextcloud talk allows participants to blindly delete poll drafts of other users by ID
|
LOW | 3.5 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+1个
|
CVE NVD | |
| CVE-2025-66554 |
Nextcloud Contacts vulnerable to Stored XSS in contacts app via organisation and title field
|
LOW | 3.5 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+2个
|
CVE NVD | |
| CVE-2025-66549 |
Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory
|
LOW | 2.4 | 2025-12-05 |
nextcloud security-advisories
nextcloud desktop
|
CVE NVD | |
| CVE-2025-66545 |
Nextcloud Groupfolders users with read-only permissions for team folder can restore deleted files from trash bin
|
LOW | 3.5 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+6个
|
CVE NVD | |
| CVE-2025-66515 |
Nextcloud Approval app allows users to request approval for other users file
|
LOW | 2.7 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+1个
|
CVE NVD | |
| CVE-2020-36882 |
Flexsense DiskBoss Application Crash Denial of Service
|
HIGH | 8.7 | 2025-12-05 |
Flexsense DiskBoss
flexense diskboss
|
CVE NVD | |
| CVE-2025-66514 |
Nextcloud Mail stored HTML injection in subject text
|
LOW | 3.5 | 2025-12-05 |
nextcloud security-advisories
nextcloud mail
|
CVE NVD | |
| CVE-2025-66557 |
Nextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-owners
|
MEDIUM | 5.4 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+1个
|
CVE NVD | |
| CVE-2025-66548 |
Nextcloud Deck app allows to spoof file extensions by using RTLO characters
|
LOW | 3.3 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+2个
|
CVE NVD | |
| CVE-2020-36881 |
Flexsense DiskBoss 'Add Input Directory' Buffer Overflow
|
HIGH | 8.6 | 2025-12-05 |
Flexsense DiskBoss
flexense diskboss
|
CVE NVD | |
| CVE-2020-36880 |
Flexsense DiskBoss 'Reports and Data Directory' Buffer Overflow
|
HIGH | 8.6 | 2025-12-05 |
Flexsense DiskBoss
flexense diskboss
|
CVE NVD | |
| CVE-2025-34256 |
Advantech WISE-DeviceOn Server < 5.4 Hard-coded JWT Key Authentication Bypass
|
CRITICAL | 10.0 | 2025-12-05 |
Advantech Co., Ltd. WISE-DeviceOn Server
advantech wise-deviceon_server
|
CVE NVD | |
| CVE-2025-34265 |
Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via rule-engines
|
MEDIUM | 5.1 | 2025-12-05 |
Advantech Co., Ltd. WISE-DeviceOn Server
advantech wise-deviceon_server
|
CVE NVD | |
| CVE-2025-66553 |
Nextcloud Tables app allowed users to view columns metadata information of any table
|
MEDIUM | 4.3 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+1个
|
CVE NVD |