快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 355986
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-41069 |
Insecure Direct Object References (IDOR) in DeporSite of T-Innova DeporSite
|
MEDIUM | 5.3 | 2025-11-13 |
T-Innova DeporSite DSuite 2025
|
CVE NVD | |
| CVE-2025-12818 |
PostgreSQL 安全漏洞
|
MEDIUM | 5.9 | 2025-11-13 |
未知
|
CVE NVD +1 | |
| CVE-2025-12817 |
PostgreSQL CREATE STATISTICS does not check for schema CREATE privilege
|
LOW | 3.1 | 2025-11-13 |
未知
|
CVE NVD | |
| CVE-2025-12765 |
pgAdmin 4: LDAP authentication flow vulnerable to TLS certificate verification bypass.
|
HIGH | 7.5 | 2025-11-13 |
pgadmin.org pgAdmin 4
pgadmin pgadmin_4
|
CVE NVD | |
| CVE-2025-12764 |
pgAdmin 4: LDAP injection vulnerability in LDAP authentication flow.
|
HIGH | 7.5 | 2025-11-13 |
pgadmin.org pgAdmin 4
pgadmin pgadmin_4
|
CVE NVD | |
| CVE-2025-12763 |
Command injection vulnerability allowing arbitrary command execution on Windows
|
MEDIUM | 6.8 | 2025-11-13 |
pgadmin.org pgAdmin 4
pgadmin pgadmin_4
|
CVE NVD | |
| CVE-2025-12762 |
Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode (pgAdmin 4)
|
CRITICAL | 9.1 | 2025-11-13 |
pgadmin.org pgAdmin 4
pgadmin pgadmin_4
|
CVE NVD | |
| CVE-2025-40681 |
Cross-Site Scripting (XSS) in xCally Omnichannel
|
MEDIUM | 5.1 | 2025-11-13 |
xCally Omnichannel
|
CVE NVD | |
| CVE-2025-12377 |
Gallery Plugin for WordPress – Envira Photo Gallery <= 1.12.0 - Missing Authorization to Authenticated (Author+) Multiple Gallery Actions
|
MEDIUM | 4.3 | 2025-11-13 |
smub Gallery Plugin for WordPress – Envira Photo Gallery
|
CVE NVD | |
| CVE-2025-64384 |
WordPress JetFormBuilder plugin <= 3.5.3 - Broken Access Control vulnerability
|
MEDIUM | 6.3 | 2025-11-13 |
jetmonsters JetFormBuilder
|
CVE NVD | |
| CVE-2025-64383 |
WordPress Qi Blocks plugin <= 1.4.3 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
Qode Qi Blocks
|
CVE NVD | |
| CVE-2025-64382 |
WordPress Order Export & Order Import for WooCommerce plugin <= 2.6.7 - Broken Access Control vulnerability
|
MEDIUM | 4.3 | 2025-11-13 |
WebToffee Order Export & Order Import for WooCommerce
|
CVE NVD | |
| CVE-2025-64381 |
WordPress Booking Calendar plugin <= 10.14.7 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
wpdevelop Booking Calendar
|
CVE NVD | |
| CVE-2025-64380 |
WordPress Booster for WooCommerce plugin <= 7.3.2 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
Pluggabl Booster for WooCommerce
booster booster_for_woocommerce
|
CVE NVD | |
| CVE-2025-64379 |
WordPress Booster for WooCommerce plugin <= 7.4.0 - Broken Access Control vulnerability
|
MEDIUM | 4.3 | 2025-11-13 |
Pluggabl Booster for WooCommerce
booster booster_for_woocommerce
|
CVE NVD | |
| CVE-2025-64370 |
WordPress YOP Poll plugin <= 6.5.38 - Broken Access Control vulnerability
|
MEDIUM | 5.3 | 2025-11-13 |
YOP YOP Poll
|
CVE NVD | |
| CVE-2025-64369 |
WordPress Contact Form Email plugin <= 1.3.58 - Broken Access Control vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
codepeople Contact Form Email
|
CVE NVD | |
| CVE-2025-64292 |
WordPress Analytics Germanized for Google Analytics plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 5.4 | 2025-11-13 |
PascalBajorat Analytics Germanized for Google Analytics
|
CVE NVD | |
| CVE-2025-64277 |
WordPress ChatBot plugin <= 7.3.9 - Broken Access Control vulnerability
|
MEDIUM | 5.3 | 2025-11-13 |
QuantumCloud ChatBot
|
CVE NVD | |
| CVE-2025-64276 |
WordPress Survey Maker plugin <= 5.1.9.4 - Broken Access Control vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
Ays Pro Survey Maker
|
CVE NVD |