快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 355518
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-6966 |
Python-apt 安全漏洞
|
MEDIUM | 6.9 | 2025-12-05 |
Canonical python-apt
ubuntu python-apt
+9个
|
CVE NVD +1 | |
| CVE-2025-13654 |
CVE-2025-13654
|
HIGH | 7.5 | 2025-12-05 |
Duc Duc
zevv duc
|
CVE NVD | |
| CVE-2025-66200 |
Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
|
MEDIUM | 5.4 | 2025-12-05 |
Apache Software Foundation Apache HTTP Server
apache http_server
|
CVE NVD | |
| CVE-2025-13620 |
Wp Social Login and Register Social Counter <= 3.1.3 - Missing Authorization in Cache REST Endpoints to Social Counter Tampering
|
MEDIUM | 5.3 | 2025-12-05 |
roxnor Wp Social Login and Register Social Counter
|
CVE NVD | |
| CVE-2025-65082 |
Apache HTTP Server 安全漏洞
|
MEDIUM | 6.5 | 2025-12-05 |
Apache Software Foundation Apache HTTP Server
apache http_server
|
CVE NVD +1 | |
| CVE-2025-59775 |
Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF
|
HIGH | 7.5 | 2025-12-05 |
Apache Software Foundation Apache HTTP Server
apache http_server
|
CVE NVD | |
| CVE-2025-55753 |
Apache HTTP Server: mod_md (ACME), unintended retry intervals
|
HIGH | 7.5 | 2025-12-05 |
Apache Software Foundation Apache HTTP Server
apache http_server
|
CVE NVD | |
| CVE-2025-13682 |
Trail Manager <= 1.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting
|
MEDIUM | 4.4 | 2025-12-05 |
phegman Trail Manager
|
CVE NVD | |
| CVE-2025-13614 |
Cool Tag Cloud <= 2.29 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
HIGH | 8.1 | 2025-12-05 |
wpkube Cool Tag Cloud
|
CVE NVD | |
| CVE-2025-13678 |
Thai Lottery Widget <= 2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
|
MEDIUM | 6.4 | 2025-12-05 |
siamlottery Thai Lottery Widget
|
CVE NVD | |
| CVE-2025-12876 |
Projectopia – WordPress Project Management <= 5.1.19 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion
|
MEDIUM | 5.3 | 2025-12-05 |
projectopia Projectopia – WordPress Project Management
|
CVE NVD | |
| CVE-2025-12879 |
User Generator and Importer <= 1.2.2 - Cross-Site Request Forgery to Privilege Escalation via Arbitrary Administrator Account Creation
|
HIGH | 8.8 | 2025-12-05 |
vinoth06 User Generator and Importer
|
CVE NVD | |
| CVE-2025-13739 |
CryptX <= 4.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-12-05 |
d3395 CryptX
|
CVE NVD | |
| CVE-2025-12851 |
My auctions allegro <= 3.6.32 - Unauthenticated Local File Inclusion via controller
|
HIGH | 8.1 | 2025-12-05 |
wphocus My auctions allegro
|
CVE NVD | |
| CVE-2025-12130 |
WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors <= 2.6.4 - Cross-Site Request Forgery to Vendor Product Deletion
|
MEDIUM | 4.3 | 2025-12-05 |
wcvendors WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors
|
CVE NVD | |
| CVE-2025-13684 |
ARK Related Posts <= 2.19 - Cross-Site Request Forgery to Settings Update
|
MEDIUM | 4.3 | 2025-12-05 |
alexkar ARK Related Posts
|
CVE NVD | |
| CVE-2025-12850 |
My auctions allegro <= 3.6.32 - Unauthenticated SQL Injection via auction_id
|
HIGH | 7.5 | 2025-12-05 |
wphocus My auctions allegro
|
CVE NVD | |
| CVE-2025-13515 |
Nouri.sh Newsletter <= 1.0.1.3 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
|
MEDIUM | 6.1 | 2025-12-05 |
danrajkumar Nouri.sh Newsletter
|
CVE NVD | |
| CVE-2025-12093 |
Voidek Employee Portal <= 1.0.6 - Missing Authorization
|
MEDIUM | 5.3 | 2025-12-05 |
voidek Voidek Employee Portal
|
CVE NVD | |
| CVE-2025-12355 |
Payaza <= 0.3.8 - Missing Authorization to Unauthenticated Order Status Update
|
MEDIUM | 5.3 | 2025-12-05 |
bigmaster Payaza
|
CVE NVD |