| CVE-2025-69275 |
Broadcom DX NetOps Spectrum DOM型XSS漏洞 |
中危 |
6.1 |
2026-01-12 |
| CVE-2025-69274 |
Broadcom DX NetOps Spectrum授权绕过漏洞 |
高危 |
8.8 |
2026-01-12 |
| CVE-2025-69273 |
Broadcom DX NetOps Spectrum 认证绕过漏洞 |
高危 |
7.5 |
2026-01-12 |
| CVE-2025-69272 |
Broadcom DX NetOps Spectrum 明文传输敏感信息漏洞 |
高危 |
7.5 |
2026-01-12 |
| CVE-2025-69271 |
Broadcom DX NetOps Spectrum 凭证保护不足漏洞 |
高危 |
7.5 |
2026-01-12 |
| CVE-2025-69270 |
| Broadcom DX NetOps Spectrum信息泄露导致会话劫持 |
严重 |
9.8 |
2026-01-12 |
| CVE-2025-69269 |
Broadcom DX NetOps Spectrum OS命令注入漏洞 |
严重 |
9.8 |
2026-01-12 |
| CVE-2025-69268 |
Broadcom DX NetOps Spectrum 跨站脚本(XSS)漏洞 |
中危 |
6.1 |
2026-01-12 |
| CVE-2025-69267 |
Broadcom DX NetOps Spectrum路径遍历漏洞 |
中危 |
6.5 |
2026-01-12 |
| CVE-2025-68657 |
Espressif ESP-IDF USB Host HID Driver双重释放漏洞 |
中危 |
6.4 |
2026-01-12 |
| CVE-2025-68656 |
Espressif ESP-IDF USB Host HID Driver use-after-fr... |
中危 |
6.8 |
2026-01-12 |
| CVE-2025-68622 |
Espressif ESP-IDF UVC驱动栈缓冲区溢出漏洞 |
中危 |
6.8 |
2026-01-12 |
| CVE-2025-68472 |
MindsDB 未授权路径遍历漏洞 |
高危 |
8.1 |
2026-01-12 |
| CVE-2025-68471 |
Avahi avahi-daemon CNAME记录拒绝服务漏洞 |
中危 |
6.5 |
2026-01-12 |
| CVE-2025-68468 |
Avahi avahi-daemon CNAME记录处理DoS漏洞 |
中危 |
6.5 |
2026-01-12 |
| CVE-2025-68276 |
Avahi 0.9-rc2及更早版本本地DoS漏洞 |
中危 |
5.5 |
2026-01-12 |
| CVE-2025-67813 |
Quest KACE Desktop Authority 命名管道权限漏洞 |
中危 |
5.3 |
2026-01-12 |
| CVE-2025-67147 |
Gym-Management-System-PHP SQL注入漏洞(严重) |
严重 |
9.8 |
2026-01-12 |
| CVE-2025-67146 |
GYM-MANAGEMENT-SYSTEM 多处SQL注入漏洞 |
严重 |
9.4 |
2026-01-12 |
| CVE-2025-66939 |
66biolinks XSS漏洞通过恶意favicon执行任意代码 |
中危 |
5.4 |
2026-01-12 |
| CVE-2025-66802 |
Sourcecodester Covid-19 Contact Tracing System 1.0... |
严重 |
9.8 |
2026-01-12 |
| CVE-2025-66689 |
Zen MCP Server路径遍历漏洞 (CVE-2025-66689) |
中危 |
6.5 |
2026-01-12 |
| CVE-2025-65553 |
D3D Wi-Fi家庭安全系统ZX-G12 433MHz射频干扰漏洞 |
中危 |
6.5 |
2026-01-12 |
| CVE-2025-65552 |
D3D Wi-Fi家庭安全系统ZX-G12 RF重放攻击漏洞 |
严重 |
9.8 |
2026-01-12 |
| CVE-2025-63314 |
DDSN Acora CMS v10.7.1 静态密码重置令牌漏洞导致账户接管 |
严重 |
10.0 |
2026-01-12 |
| CVE-2025-52694 |
SQL注入漏洞(严重) |
严重 |
10.0 |
2026-01-12 |
| CVE-2025-51567 |
| Kashipara在线考试系统SQL注入漏洞 |
严重 |
9.1 |
2026-01-12 |
| CVE-2025-46070 |
Automai BotManager 远程代码执行漏洞 |
严重 |
9.8 |
2026-01-12 |
| CVE-2025-46068 |
Automai Director远程代码执行漏洞 |
高危 |
8.8 |
2026-01-12 |
| CVE-2025-46067 |
Automai Director 权限提升和信息泄露漏洞 |
高危 |
8.2 |
2026-01-12 |
| CVE-2025-46066 |
Automai Director 权限提升漏洞 |
严重 |
9.9 |
2026-01-12 |
| CVE-2025-41078 |
Viafirma Documents 授权绕过导致权限提升 |
高危 |
8.1 |
2026-01-12 |
| CVE-2025-41077 |
Viafirma Inbox IDOR漏洞允许未授权用户枚举和账户接管 |
高危 |
8.1 |
2026-01-12 |
| CVE-2025-29329 |
Sagemcom F@st 3686 ippprint服务缓冲区溢出漏洞 |
严重 |
9.8 |
2026-01-12 |
| CVE-2025-15514 |
Ollama多模态图像处理空指针解引用拒绝服务漏洞 |
高危 |
7.5 |
2026-01-12 |
| CVE-2025-14579 |
WordPress Quiz Maker插件存储型XSS漏洞 |
中危 |
4.8 |
2026-01-12 |
| CVE-2025-14279 |
MLFlow REST服务器DNS重绑定攻击漏洞 |
高危 |
8.1 |
2026-01-12 |
| CVE-2025-12420 |
ServiceNow AI Platform 未授权用户冒充漏洞 |
严重 |
9.8 |
2026-01-12 |
| CVE-2024-58340 |
LangChain MRKLOutputParser正则表达式拒绝服务漏洞 |
高危 |
7.5 |
2026-01-12 |
| CVE-2024-58339 |
LlamaIndex VannaQueryEngine资源消耗漏洞 |
高危 |
7.5 |
2026-01-12 |
| CVE-2024-14021 |
LlamaIndex BGEM3Index不安全反序列化漏洞 |
高危 |
7.8 |
2026-01-12 |
| CVE-2023-36331 |
xmall v1.1 /member/orderList API 越权漏洞 |
高危 |
8.2 |
2026-01-12 |
| CVE-2021-41074 |
QloApps hotel eCommerce CSRF漏洞可修改管理员邮箱 |
中危 |
5.4 |
2026-01-12 |
| CVE-2026-0850 |
code-projects Intern Membership Management System ... |
中危 |
4.7 |
2026-01-11 |
| CVE-2026-0843 |
jjjshop_food产品product.category.index接口SQL注入漏洞 |
中危 |
6.3 |
2026-01-11 |
| CVE-2026-0842 |
Flycatcher Toys smART Sketcher蓝牙低能耗接口缺少认证漏洞 |
中危 |
6.3 |
2026-01-11 |
| CVE-2026-0841 |
UTT进取520W路由器strcpy缓冲区溢出漏洞 |
高危 |
8.8 |
2026-01-11 |
| CVE-2026-0840 |
UTT 进取 520W 路由器 strcpy 缓冲区溢出漏洞 |
高危 |
8.8 |
2026-01-11 |
| CVE-2026-0839 |
UTT路由器APSecurity缓冲区溢出漏洞 |
高危 |
8.8 |
2026-01-11 |
| CVE-2026-0838 |
UTT路由器ConfigWirelessBase缓冲区溢出漏洞 |
高危 |
8.8 |
2026-01-11 |