快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 355986
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-64401 |
Apache OpenOffice: Remote documents loaded without prompt via IFrame
|
HIGH | 7.5 | 2025-11-12 |
Apache Software Foundation Apache OpenOffice
apache openoffice
|
CVE NVD | |
| CVE-2025-12903 |
Payment Plugins Braintree For WooCommerce <= 3.2.78 - Missing Authorization to Payment Token Exposure and Transaction Fraud
|
HIGH | 7.5 | 2025-11-12 |
mrclayton Payment Plugins Braintree For WooCommerce
|
CVE NVD | |
| CVE-2025-12732 |
WP Import – Ultimate CSV XML Importer for WordPress <= 7.33 - Missing Authorization to Authenticated (Author+) Sensitive Information Exposure
|
MEDIUM | 4.3 | 2025-11-12 |
smackcoders WP Import – Ultimate CSV XML Importer for WordPress
|
CVE NVD | |
| CVE-2025-13047 |
NOT_EXTRACTED
|
LOW | -1.0 | 2025-11-12 |
未知
|
CVE NVD | |
| CVE-2025-13046 |
NOT_EXTRACTED
|
LOW | -1.0 | 2025-11-12 |
未知
|
CVE NVD | |
| CVE-2025-12872 |
aEnrich|eHRD - Stored Cross-Site Scripting
|
MEDIUM | 5.1 | 2025-11-12 |
aEnrich a+HRD
aEnrich a+HCM
|
CVE NVD | |
| CVE-2025-12871 |
aEnrich|a+HRD - Authentication Abuse
|
CRITICAL | 9.3 | 2025-11-12 |
aEnrich a+HRD
aenrich a\+hrd
|
CVE NVD | |
| CVE-2025-12870 |
aEnrich|eHRD - Authentication Abuse
|
CRITICAL | 9.3 | 2025-11-12 |
aEnrich a+HRD
aenrich a\+hrd
|
CVE NVD | |
| CVE-2025-12869 |
aEnrich|eHRD - Stored Cross-Site Scripting
|
MEDIUM | 4.8 | 2025-11-12 |
aEnrich a+HRD
aenrich a\+hrd
|
CVE NVD | |
| CVE-2025-12018 |
MembershipWorks <= 6.14 - Authenticated (Admin+) Stored Cross-Site Scripting
|
MEDIUM | 4.4 | 2025-11-12 |
sourcefound MembershipWorks – Membership, Events & Directory
|
CVE NVD | |
| CVE-2025-12113 |
Alt Text Generator AI – Auto Generate & Bulk Update Alt Texts For Images <= 1.8.3 - Missing Authorization to Authenticated (Subscriber+) API Key Deletion
|
MEDIUM | 4.3 | 2025-11-12 |
webtoffee Alt Text Generator AI – Auto Generate & Bulk Update Alt Texts For Images
|
CVE NVD | |
| CVE-2025-12633 |
Booking Calendar | Appointment Booking | Bookit <= 2.5.0 - Missing Authorization to Unauthenticated Stripe Connection
|
HIGH | 7.5 | 2025-11-12 |
stellarwp Booking Calendar | Appointment Booking | Bookit
|
CVE NVD | |
| CVE-2025-11560 |
Team Members Showcase < 3.5.0 - Reflected XSS
|
HIGH | 7.1 | 2025-11-12 |
Unknown Team Members Showcase
|
CVE NVD | |
| CVE-2025-12901 |
Asgaros Forum <= 3.2.1 - Cross-Site Request Forgery to Subscription Settings Update
|
MEDIUM | 4.3 | 2025-11-12 |
asgaros Asgaros Forum
|
CVE NVD | |
| CVE-2025-12833 |
GeoDirectory – WP Business Directory Plugin and Classified Listings Directory <= 2.8.139 - Missing Authorization to Authenticated (Author+) Arbitrary Image Attachment
|
MEDIUM | 4.3 | 2025-11-12 |
paoltaia GeoDirectory – WP Business Directory Plugin and Classified Listings Directory
|
CVE NVD | |
| CVE-2025-12087 |
Wishlist and Save for later for Woocommerce <= 1.1.22 - Insecure Direct Object Reference to Authenticated (Subscriber+) Wishlist Item Deletion
|
MEDIUM | 4.3 | 2025-11-12 |
acowebs Wishlist and Save for later for Woocommerce
|
CVE NVD | |
| CVE-2025-54983 |
Health check port on ZCC allows tunnel bypass
|
MEDIUM | 5.2 | 2025-11-12 |
Zscaler Zscaler Client Connector
|
CVE NVD | |
| CVE-2025-40111 |
Linux kernel 安全漏洞
|
UNKNOWN | N/A | 2025-11-12 |
Linux Linux
Linux Linux
|
CVE NVD +1 | |
| CVE-2025-40110 |
Linux kernel 安全漏洞
|
UNKNOWN | N/A | 2025-11-12 |
Linux Linux
Linux Linux
|
CVE NVD +1 | |
| CVE-2025-43205 |
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in wa...
|
MEDIUM | 4.0 | 2025-11-12 |
Apple watchOS
Apple tvOS
+7个
|
CVE NVD |