漏洞列表 - 漏洞数据展示平台

快速搜索提示： 按厂商查询（如：microsoft）| 按产品查询（如：microsoft sql_server）

搜索关键词支持模糊搜索，但速度较慢

严重程度

数据源

排序

常用厂商： microsoft cisco google apple oracle

示例： microsoft sql_server cisco ios apache http_server

漏洞列表 356402

CVE ID	标题	严重程度	CVSS	发布时间	受影响产品	数据源
CVE-2025-60645	A Cross-Site Request Forgery (CSRF) in xxl-api v1.3.0 allows attackers to arbitrarily add users to t...	MEDIUM	6.5	2025-11-12	xuxueli xxl-api	CVE NVD
CVE-2025-60646	A stored cross-site scripting (XSS) in the Business Line Management module of Xxl-api v1.3.0 attacke...	MEDIUM	6.1	2025-11-12	xuxueli xxl-api	CVE NVD
CVE-2025-63289	Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain...	CRITICAL	9.1	2025-11-12	sogexia sogexia	CVE NVD
CVE-2025-63353	A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi pass...	CRITICAL	9.8	2025-11-12	fiberhome hg6145f1_firmware	CVE NVD
CVE-2025-63396	An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch.prof...	LOW	3.3	2025-11-12	linuxfoundation pytorch linuxfoundation pytorch	CVE NVD
CVE-2025-63419	Cross Site Scripting (XSS) vulnerability in CrushFTP 11.3.6_48. The Web-Based Server has a feature w...	MEDIUM	6.1	2025-11-12	crushftp crushftp	CVE NVD
CVE-2025-63645	A stored cross-site scripting (XSS) vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1...	MEDIUM	5.4	2025-11-12	ph7builder ph7_social_dating_builder	CVE NVD
CVE-2025-63666	Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password has...	CRITICAL	9.8	2025-11-12	tenda ac15_firmware	CVE NVD
CVE-2025-63667	Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10-202...	HIGH	7.5	2025-11-12	simicam ip_camera_firmware keview ip_camera_firmware +1个	CVE NVD
CVE-2025-63679	free5gc v4.1.0 and before is vulnerable to Buffer Overflow. When AMF receives an UplinkRANConfigurat...	CRITICAL	9.8	2025-11-12	free5gc free5gc	CVE NVD
CVE-2025-63811	An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Den...	HIGH	7.5	2025-11-12	dvsekhvalnov jose2go	CVE NVD
CVE-2025-63927	A heap-use-after-free vulnerability exists in airpig2011 IEC104 thru Commit be6d841 (2019-07-08). Du...	MEDIUM	4.0	2025-11-12	airpig2011 iec104	CVE NVD
CVE-2025-63929	A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 (2019-07-08...	HIGH	7.5	2025-11-12	airpig2011 iec104	CVE NVD
CVE-2025-64280	A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inje...	CRITICAL	9.8	2025-11-12	centralsquare community_development	CVE NVD
CVE-2025-64281	An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to acc...	CRITICAL	9.8	2025-11-12	centralsquare community_development	CVE NVD
CVE-2025-65001	Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality,...	HIGH	8.2	2025-11-12	Fujitsu fbiosdrv.sys	CVE NVD
CVE-2025-65002	Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length...	HIGH	7.5	2025-11-12	Fujitsu / Fsas Technologies iRMC	CVE NVD
CVE-2025-61835	Substance3D - Stager \| Integer Underflow (Wrap or Wraparound) (CWE-191)	HIGH	7.8	2025-11-11	Adobe Substance3D - Stager adobe substance_3d_stager	CVE NVD
CVE-2025-61833	Substance3D - Stager \| Out-of-bounds Read (CWE-125)	HIGH	7.8	2025-11-11	Adobe Substance3D - Stager adobe substance_3d_stager	CVE NVD
CVE-2025-64531	Substance3D - Stager \| Use After Free (CWE-416)	HIGH	7.8	2025-11-11	Adobe Substance3D - Stager adobe substance_3d_stager	CVE NVD

耗时统计

总耗时:	236.77 ms
构建查询耗时:	0.0 ms
统计耗时:	224.96 ms
获取数据耗时:	10.36 ms
数据转换耗时:	1.43 ms

数据统计

匹配文档数:	356402
返回文档数:	20
当前页码:	740
每页数量:	20
跳过记录数:	14780

查询详情

查询集合:	`uni_vulnerabilities`
使用过滤器:	否
搜索关键词:	-
严重程度:	-
数据源:	-
效率分析:	良好查询速度正常

优化建议：

匹配文档数量很大（356402），建议使用更精确的搜索条件
当前未使用任何过滤条件，查询全部数据可能较慢

漏洞列表 356402

参考链接