快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 355986
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-36250 |
AIX Code Execution
|
CRITICAL | 10.0 | 2025-11-13 |
IBM AIX
IBM AIX
+6个
|
CVE NVD | |
| CVE-2025-36096 |
AIX Insufficiently Protected Credentials
|
CRITICAL | 9.0 | 2025-11-13 |
IBM AIX
IBM AIX
+6个
|
CVE NVD | |
| CVE-2025-36251 |
AIX Command Execution
|
CRITICAL | 9.6 | 2025-11-13 |
IBM AIX
IBM AIX
+6个
|
CVE NVD | |
| CVE-2025-64754 |
Jitsi Meet has DOM Redirect on Microsoft OAuth Flow
|
LOW | 2.7 | 2025-11-13 |
jitsi jitsi-meet
|
CVE NVD | |
| CVE-2025-64753 |
grist-core has insufficient access control in endpoints for comparisons between documents and versions
|
MEDIUM | 5.3 | 2025-11-13 |
gristlabs grist-core
getgrist grist-core
|
CVE NVD | |
| CVE-2025-64752 |
grist-core has path to server-side requests via websocket
|
MEDIUM | 6.8 | 2025-11-13 |
gristlabs grist-core
getgrist grist-core
|
CVE NVD | |
| CVE-2025-64749 |
Directus Vulnerable to Information Leakage in Existing Collections
|
MEDIUM | 4.3 | 2025-11-13 |
directus directus
monospace directus
|
CVE NVD | |
| CVE-2025-64748 |
Directus's conceal fields are searchable if read permissions enabled
|
MEDIUM | 6.5 | 2025-11-13 |
directus directus
monospace directus
|
CVE NVD | |
| CVE-2025-47913 |
Potential denial of service in golang.org/x/crypto/ssh/agent
|
HIGH | 7.5 | 2025-11-13 |
golang.org/x/crypto golang.org/x/crypto/ssh/agent
go ssh
|
CVE NVD | |
| CVE-2025-64747 |
Directus Vulnerable to Stored Cross-site Scripting
|
MEDIUM | 5.5 | 2025-11-13 |
directus directus
monospace directus
|
CVE NVD | |
| CVE-2025-64746 |
Directus has Improper Permission Handling on Deleted Fields
|
MEDIUM | 4.6 | 2025-11-13 |
directus directus
monospace directus
|
CVE NVD | |
| CVE-2025-64744 |
OpenObserve Vulnerable to HTML Injection in Organization Invitation Emails
|
LOW | 3.5 | 2025-11-13 |
openobserve openobserve
|
CVE NVD | |
| CVE-2025-64745 |
Astro development server error page vulnerable to reflected Cross-site Scripting
|
LOW | 2.7 | 2025-11-13 |
withastro astro
astro astro
|
CVE NVD | |
| CVE-2025-4619 |
PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Packets
|
MEDIUM | 6.6 | 2025-11-13 |
Palo Alto Networks Cloud NGFW
Palo Alto Networks PAN-OS
+1个
|
CVE NVD | |
| CVE-2025-64726 |
External Control of System or Configuration Setting and Uncontrolled Search Path Element in sfw
|
HIGH | 7.3 | 2025-11-13 |
SocketDev firewall-release
|
CVE NVD | |
| CVE-2025-59840 |
Vega Cross-Site Scripting (XSS) via expressions abusing toString calls in environments using the VEGA_DEBUG global variable
|
HIGH | 8.1 | 2025-11-13 |
vega vega
vega vega
+3个
|
CVE NVD | |
| CVE-2025-64709 |
Typebot May Expose AWS EKS Credentials via Server Side Request Forgery in Webhook Block
|
CRITICAL | 9.6 | 2025-11-13 |
baptisteArno typebot.io
typebot typebot
|
CVE NVD | |
| CVE-2025-46369 |
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporar...
|
HIGH | 7.8 | 2025-11-13 |
Dell Alienware Command Center 6.x (AWCC)
dell alienware_command_center
|
CVE NVD | |
| CVE-2025-46370 |
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Process Control vul...
|
LOW | 3.3 | 2025-11-13 |
Dell Alienware Command Center 6.x (AWCC)
dell alienware_command_center
|
CVE NVD | |
| CVE-2022-4984 |
ZenTao Biz < 6.5, Max < 3.0, & Open Source Edition 16.5/16.5beta1 SQL Injection via user-login.html
|
HIGH | 8.7 | 2025-11-13 |
Qingdao Esoft Tianchuang Network Technology Co., Ltd. ZenTao Biz
Qingdao Esoft Tianchuang Network Technology Co., Ltd. ZenTao Max
+1个
|
CVE NVD |