快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 355639
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-64063 |
Primakon Pi Portal 1.0.18 API endpoints fail to enforce sufficient authorization checks when process...
|
CRITICAL | 9.8 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-64064 |
Primakon Pi Portal 1.0.18 /api/v2/pp_users endpoint fails to adequately check user permissions befor...
|
HIGH | 8.8 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-64065 |
The Primakon Pi Portal 1.0.18 API /api/V2/pp_udfv_admin endpoint, fails to perform necessary server-...
|
HIGH | 8.8 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-64066 |
Primakon Pi Portal 1.0.18 REST /api/v2/user/register endpoint suffers from a Broken Access Control v...
|
HIGH | 8.6 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-64067 |
Primakon Pi Portal 1.0.18 API endpoints responsible for retrieving object-specific or filtered data ...
|
MEDIUM | 5.3 | 2025-11-25 |
primakon project_contract_management
|
CVE NVD | |
| CVE-2025-65647 |
Insecure Direct Object Reference (IDOR) in the Track order function in PHPGURUKUL Online Shopping Po...
|
MEDIUM | 4.3 | 2025-11-25 |
phpgurukul online_shopping_portal
|
CVE NVD | |
| CVE-2025-62155 |
QuantumNous New API Has SSRF Bypass
|
HIGH | 8.5 | 2025-11-24 |
QuantumNous new-api
|
CVE NVD | |
| CVE-2025-65018 |
libpng 缓冲区错误漏洞
|
HIGH | 7.1 | 2025-11-24 |
pnggroup libpng
libpng libpng
|
CVE NVD +1 | |
| CVE-2025-64720 |
LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication
|
HIGH | 7.1 | 2025-11-24 |
pnggroup libpng
libpng libpng
|
CVE NVD | |
| CVE-2025-64506 |
LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images
|
MEDIUM | 6.1 | 2025-11-24 |
pnggroup libpng
libpng libpng
|
CVE NVD | |
| CVE-2025-64505 |
LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index
|
MEDIUM | 6.1 | 2025-11-24 |
pnggroup libpng
libpng libpng
|
CVE NVD | |
| CVE-2025-10144 |
Perfect Brands for WooCommerce <= 3.6.2 - Authenticated (Contributor+) SQL Injection
|
MEDIUM | 6.5 | 2025-11-24 |
quadlayers Perfect Brands for WooCommerce
|
CVE NVD | |
| CVE-2025-29933 |
Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potent...
|
MEDIUM | 5.5 | 2025-11-24 |
AMD AMD μProf
amd uprof
|
CVE NVD | |
| CVE-2025-48511 |
Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physi...
|
MEDIUM | 5.5 | 2025-11-24 |
AMD AMD μProf
amd uprof
|
CVE NVD | |
| CVE-2025-48510 |
Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially result...
|
HIGH | 7.1 | 2025-11-24 |
AMD AMD μProf
amd uprof
|
CVE NVD | |
| CVE-2025-52538 |
Improper input validation within the XOCL driver may allow a local attacker to generate an integer o...
|
HIGH | 8.0 | 2025-11-24 |
AMD Xilinx Run Time (XRT)
|
CVE NVD | |
| CVE-2025-0003 |
Inadequate lock protection within Xilinx Run time may allow a local attacker to trigger a Use-After-...
|
HIGH | 7.3 | 2025-11-24 |
AMD Xilinx Run Time (XRT)
|
CVE NVD | |
| CVE-2025-0007 |
Insufficient validation within Xilinx Run Time framework could allow a local attacker to escalate pr...
|
MEDIUM | 5.7 | 2025-11-24 |
AMD Xilinx Run Time (XRT)
|
CVE NVD | |
| CVE-2023-7330 |
Ruijie Networks NBR Routers Unauthenticated Arbitrary File Upload via fileupload.php
|
CRITICAL | 9.3 | 2025-11-24 |
Beijing Star-Net Ruijie Network Technology Co., Ltd. NBR Series Routers
|
CVE NVD | |
| CVE-2024-14007 |
TVT NVMS-9000 < 1.3.4 Unauthenticated Administrative Queries & Information Disclosure
|
HIGH | 8.7 | 2025-11-24 |
Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000
|
CVE NVD |