漏洞列表 - 漏洞数据展示平台

快速搜索提示： 按厂商查询（如：microsoft）| 按产品查询（如：microsoft sql_server）

搜索关键词支持模糊搜索，但速度较慢

严重程度

数据源

排序

常用厂商： microsoft cisco google apple oracle

示例： microsoft sql_server cisco ios apache http_server

漏洞列表 355556

CVE ID	标题	严重程度	CVSS	发布时间	受影响产品	数据源
CVE-2025-62354	Improper neutralization of special elements used in an OS command ('command injection') in Cursor al...	CRITICAL	9.8	2025-11-26	cursor cursor	CVE NVD
CVE-2025-13601	Glib: integer overflow in in g_escape_uri_string()	HIGH	7.7	2025-11-26	Red Hat Red Hat Enterprise Linux 10 Red Hat Red Hat Enterprise Linux 6 +81个	CVE NVD
CVE-2025-9163	Houzez <= 4.1.6 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload	MEDIUM	6.1	2025-11-26	favethemes Houzez	CVE NVD
CVE-2025-9191	Houzez <= 4.1.6 - Authenticated (Subscriber+) PHP Object Injection via Saved Search	MEDIUM	6.3	2025-11-26	favethemes Houzez	CVE NVD
CVE-2025-13674	Wireshark 缓冲区错误漏洞	MEDIUM	5.5	2025-11-26	Wireshark Foundation Wireshark wireshark wireshark	CVE NVD +1
CVE-2025-59390	Apache Druid: Kerberos authenticaton chooses a cryptographically unsecure secret if not configured explicitly.	CRITICAL	9.8	2025-11-26	Apache Software Foundation Apache Druid apache druid	CVE NVD
CVE-2025-62728	Apache Hive: SQL injection vulnerability when processing delete column statistics requests via the HMS Thrift APIs	MEDIUM	5.4	2025-11-26	Apache Software Foundation Apache Hive apache hive	CVE NVD
CVE-2025-13735	Out-of-bounds Read in nr flc	HIGH	7.4	2025-11-26	ASR Lapwing_Linux	CVE NVD
CVE-2025-12061	Tax Service Electronic HDM < 1.2.1 - Unauthenticated Arbitrary SQL Execution	HIGH	8.6	2025-11-26	Unknown TAX SERVICE Electronic HDM	CVE NVD
CVE-2025-9557	Bluetooth: Mesh: Out-of-Bound Write in gen_prov_cont	HIGH	7.6	2025-11-26	zephyrproject-rtos Zephyr	CVE NVD
CVE-2025-9558	Bluetooth: Mesh: Out-of-Bound Write in gen_prov_start	HIGH	7.6	2025-11-26	zephyrproject-rtos Zephyr	CVE NVD
CVE-2025-64983	Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability ...	HIGH	8.6	2025-11-26	SwitchBot Smart Video Doorbell	CVE NVD
CVE-2025-66022	FACTION Unauthenticated Custom Extension Upload leads to RCE	CRITICAL	9.7	2025-11-26	factionsecurity faction owasp faction	CVE NVD
CVE-2025-66026	REDAXO is Vulnerable to Reflected XSS in Mediapool Info Banner via args[types]	MEDIUM	6.1	2025-11-26	redaxo redaxo redaxo redaxo	CVE NVD
CVE-2025-66025	Caido Improperly Handles External Links in Markdown	MEDIUM	4.3	2025-11-26	caido caido	CVE NVD
CVE-2025-66021	OWASP Java HTML Sanitizer is vulnerable to XSS via noscript tag and improper style tag sanitization	HIGH	8.6	2025-11-26	OWASP java-html-sanitizer owasp java_html_sanitizer	CVE NVD
CVE-2025-66020	Valibot has a ReDoS vulnerability in `EMOJI_REGEX`	HIGH	7.5	2025-11-26	open-circle valibot	CVE NVD
CVE-2025-12848	XSS vulnerability when rendering filename in Webform Multiform	HIGH	7.0	2025-11-26	Drupal Drupal webform_multiple_file_upload_project webform_multiple_file_upload +5个	CVE NVD
CVE-2025-66269	Unquoted Service Path in UPSilon2000V6.0(RupsMon and USBMate) running as SYSTEM	HIGH	7.1	2025-11-26	MegaTec Taiwan UPSilon2000V6.0	CVE NVD
CVE-2025-66266	Insecure SYSTEM Service Permissions in UPSilon2000V6.0 (RupsMon.exe) leading to trivial Local Privilege Escalation	CRITICAL	9.3	2025-11-26	MegaTec Taiwan UPSilon2000V6.0	CVE NVD

耗时统计

总耗时:	242.69 ms
构建查询耗时:	0.0 ms
统计耗时:	231.21 ms
获取数据耗时:	9.81 ms
数据转换耗时:	1.67 ms

数据统计

匹配文档数:	355556
返回文档数:	20
当前页码:	622
每页数量:	20
跳过记录数:	12420

查询详情

查询集合:	`uni_vulnerabilities`
使用过滤器:	否
搜索关键词:	-
严重程度:	-
数据源:	-
效率分析:	良好查询速度正常

优化建议：

匹配文档数量很大（355556），建议使用更精确的搜索条件
当前未使用任何过滤条件，查询全部数据可能较慢

漏洞列表 355556

参考链接