快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 355556
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-13540 |
Tiare Membership <= 1.2 - Unauthenticated Privilege Escalation
|
CRITICAL | 9.8 | 2025-11-27 |
Qode Interactive Tiare Membership
|
CVE NVD | |
| CVE-2025-13680 |
Tiger <= 101.2.1 - Authenticated (Subscriber+) Privilege Escalation
|
HIGH | 8.8 | 2025-11-27 |
DirectoryThemes Tiger
|
CVE NVD | |
| CVE-2025-12151 |
Simple Folio <= 1.1.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-27 |
presstigers Simple Folio
|
CVE NVD | |
| CVE-2025-13675 |
Tiger <= 101.2.1 - Unauthenticated Privilege Escalation
|
CRITICAL | 9.8 | 2025-11-27 |
DirectoryThemes Tiger
|
CVE NVD | |
| CVE-2025-7820 |
SKT PayPal for WooCommerce <= 1.4 - Unauthenticated Payment Bypass
|
HIGH | 7.5 | 2025-11-27 |
sonalsinha21 SKT PayPal for WooCommerce
|
CVE NVD | |
| CVE-2025-13538 |
FindAll Listing <= 1.0.5 - Unauthenticated Privilege Escalation
|
CRITICAL | 9.8 | 2025-11-27 |
Elated Themes FindAll Listing
|
CVE NVD | |
| CVE-2025-3784 |
Information Disclosure Vulnerability in GX Works2
|
MEDIUM | 5.5 | 2025-11-27 |
Mitsubishi Electric Corporation GX Works2
|
CVE NVD | |
| CVE-2025-13762 |
Client-Side Denial of Service Condition in SWS Extension prior to version 2.2.30305
|
MEDIUM | 4.8 | 2025-11-27 |
CyberArk CyberArk Secure Web Sessions Extension
|
CVE NVD | |
| CVE-2025-34351 |
NOT_EXTRACTED
|
LOW | -1.0 | 2025-11-27 |
未知
|
CVE NVD | |
| CVE-2025-12713 |
Soundslides <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundslides Shortcode
|
MEDIUM | 6.4 | 2025-11-27 |
wpoets Soundslides
|
CVE NVD | |
| CVE-2025-12670 |
wp-twitpic <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-27 |
realin wp-twitpic
|
CVE NVD | |
| CVE-2025-12649 |
SortTable Post <= 4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-27 |
sscovil SortTable Post
|
CVE NVD | |
| CVE-2025-12579 |
Reuters Direct <= 3.0.0 - Missing Authorization to Unauthenticated Settings Reset
|
MEDIUM | 5.3 | 2025-11-27 |
rnags Reuters Direct
|
CVE NVD | |
| CVE-2025-12712 |
Shouty <= 0.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via shouty Shortcode Attributes
|
MEDIUM | 6.4 | 2025-11-27 |
gungorbudak Shouty
|
CVE NVD | |
| CVE-2025-12666 |
Google Drive upload and download link <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-27 |
oscaruh Google Drive upload and download link
|
CVE NVD | |
| CVE-2025-12578 |
Reuters Direct <= 3.0.0 - Cross-Site Request Forgery to Settings Reset
|
MEDIUM | 4.3 | 2025-11-27 |
rnags Reuters Direct
|
CVE NVD | |
| CVE-2025-66314 |
Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Func...
|
HIGH | 7.5 | 2025-11-27 |
ZTE ElasticNet UME R32
|
CVE NVD | |
| CVE-2024-5540 |
ALC WebCTRL Carrier i-Vu Reflected Cross-Site Scripting
|
MEDIUM | 6.9 | 2025-11-27 |
Automated Logic WebCTRL
Carrier i-Vu
|
CVE NVD | |
| CVE-2024-5539 |
ALC WebCTRL Carrier i-Vu Access Control Bypass
|
CRITICAL | 9.2 | 2025-11-27 |
Automated Logic WebCTRL
Carrier i-Vu
|
CVE NVD | |
| CVE-2025-0657 |
ALC WebCTRL Carrier i-Vu and Gen5 Controllers Array Index out-of-range
|
HIGH | 8.8 | 2025-11-27 |
Automated Logic WebCtrl
Automated Logic Gen5 Controllers
+1个
|
CVE NVD |