| CVE-2023-53939 |
TinyWebGallery v2.5 存储型XSS漏洞 |
中危 |
5.4 |
2025-12-18 |
| CVE-2023-53938 |
RockMongo 1.1.7 存储型跨站脚本漏洞 (CVE-2023-53938) |
中危 |
5.4 |
2025-12-18 |
| CVE-2023-53937 |
Hubstaff DLL搜索顺序劫持漏洞 |
高危 |
7.8 |
2025-12-18 |
| CVE-2023-53936 |
Cameleon CMS 持久型XSS漏洞 |
中危 |
4.8 |
2025-12-18 |
| CVE-2023-53935 |
WBiz Desk 1.2 SQL注入漏洞 |
中危 |
5.4 |
2025-12-18 |
| CVE-2023-53934 |
Kentico Xperience GetResource处理器拒绝服务漏洞 |
高危 |
7.5 |
2025-12-18 |
| CVE-2023-53738 |
Kentico Xperience 反射型跨站脚本漏洞 |
中危 |
5.4 |
2025-12-18 |
| CVE-2023-53737 |
Kentico Xperience Localization应用程序存储型XSS漏洞 |
中危 |
4.8 |
2025-12-18 |
| CVE-2023-53736 |
- Kentico Xperience 反射型XSS漏洞 |
中危 |
5.4 |
2025-12-18 |
| CVE-2022-50686 |
| Kentico Xperience Portal Engine信息泄露漏洞 |
高危 |
7.5 |
2025-12-18 |
| CVE-2022-50685 |
Kentico Xperience 存储型XSS漏洞 |
中危 |
5.4 |
2025-12-18 |
| CVE-2022-50684 |
Kentico Xperience表单邮件HTML注入漏洞 |
中危 |
6.1 |
2025-12-18 |
| CVE-2022-50683 |
Kentico Xperience 存储型XSS漏洞 |
中危 |
5.4 |
2025-12-18 |
| CVE-2022-50682 |
Kentico Xperience路由引擎CRLF注入漏洞 |
中危 |
6.5 |
2025-12-18 |
| CVE-2022-50681 |
Kentico Xperience 富文本编辑器反射型XSS漏洞 |
中危 |
6.1 |
2025-12-18 |
| CVE-2022-50680 |
Kentico Xperience 邮件营销模板存储型XSS漏洞 |
中危 |
4.8 |
2025-12-18 |
| CVE-2021-47712 |
Kentico Xperience URL哈希值密码学漏洞 |
高危 |
7.5 |
2025-12-18 |
| CVE-2021-47711 |
Kentico Xperience SQL注入漏洞 |
高危 |
8.8 |
2025-12-18 |
| CVE-2020-36891 |
Kentico Xperience存储型XSS漏洞 |
中危 |
5.4 |
2025-12-18 |
| CVE-2020-36890 |
Kentico Xperience 访问控制绕过漏洞 |
高危 |
7.2 |
2025-12-18 |
| CVE-2020-36889 |
Kentico Xperience 存储型XSS漏洞 |
中危 |
5.4 |
2025-12-18 |
| CVE-2019-25230 |
Kentico Xperience 敏感信息泄露漏洞 |
中危 |
4.3 |
2025-12-18 |
| CVE-2019-25229 |
Kentico Xperience无限制文件上传漏洞 |
高危 |
8.8 |
2025-12-18 |
| CVE-2019-25228 |
Kentico Xperience虚拟上下文URL信息泄露漏洞 |
中危 |
5.3 |
2025-12-18 |
| CVE-2025-68435 |
Zerobyte 备份工具认证绕过漏洞 |
严重 |
9.1 |
2025-12-17 |
| CVE-2025-68434 |
OpenSourcePOS CSRF漏洞导致管理员账户创建 |
高危 |
8.8 |
2025-12-17 |
| CVE-2025-68433 |
Zed IDE MCP配置导致的任意代码执行漏洞 |
高危 |
7.7 |
2025-12-17 |
| CVE-2025-68432 |
Zed IDE 远程代码执行漏洞 |
高危 |
7.7 |
2025-12-17 |
| CVE-2025-68429 |
Storybook环境变量泄露漏洞 |
高危 |
7.3 |
2025-12-17 |
| CVE-2025-68401 |
ChurchCRM 存储型XSS漏洞 |
中危 |
4.8 |
2025-12-17 |
| CVE-2025-68400 |
ChurchCRM SQL注入漏洞 |
高危 |
8.8 |
2025-12-17 |
| CVE-2025-68399 |
ChurchCRM GroupEditor.php存储型XSS漏洞 |
中危 |
5.4 |
2025-12-17 |
| CVE-2025-68275 |
ChurchCRM 存储型XSS漏洞 (CVE-2025-68275) |
中危 |
4.8 |
2025-12-17 |
| CVE-2025-68147 |
Open Source Point of Sale存储型XSS漏洞 |
高危 |
8.1 |
2025-12-17 |
| CVE-2025-68145 |
| mcp-server-git 路径遍历访问控制绕过漏洞 |
严重 |
9.1 |
2025-12-17 |
| CVE-2025-68144 |
mcp-server-git 命令注入漏洞 |
高危 |
7.1 |
2025-12-17 |
| CVE-2025-68143 |
mcp-server-git 任意文件系统访问高危漏洞 |
高危 |
8.8 |
2025-12-17 |
| CVE-2025-68129 |
Auth0-PHP SDK访问令牌验证不当漏洞 |
中危 |
6.8 |
2025-12-17 |
| CVE-2025-68118 |
FreeRDP CVE-2025-68118 证书处理缓冲区溢出漏洞 |
严重 |
9.1 |
2025-12-17 |
| CVE-2025-68114 |
Capstone SStream_concat缓冲区溢出漏洞 |
中危 |
4.8 |
2025-12-17 |
| CVE-2025-68112 |
ChurchCRM Event Attendee Editor SQL注入漏洞 |
严重 |
9.6 |
2025-12-17 |
| CVE-2025-68111 |
ChurchCRM eGive.php ReImport功能SQL注入漏洞 |
高危 |
7.2 |
2025-12-17 |
| CVE-2025-68110 |
ChurchCRM < 6.5.3 数据库敏感信息泄露漏洞 (CVE-2025-68110) |
严重 |
9.9 |
2025-12-17 |
| CVE-2025-68109 |
ChurchCRM数据库恢复功能未验证文件导致RCE |
严重 |
9.1 |
2025-12-17 |
| CVE-2025-67895 |
Apache Airflow Edge3 Provider 远程代码执行漏洞 |
严重 |
9.8 |
2025-12-17 |
| CVE-2025-67877 |
ChurchCRM CartToFamily.php SQL注入漏洞 |
高危 |
8.8 |
2025-12-17 |
| CVE-2025-67876 |
ChurchCRM存储型XSS漏洞可导致账户接管 |
中危 |
5.4 |
2025-12-17 |
| CVE-2025-67875 |
ChurchCRM持久性XSS漏洞导致管理员账户接管 |
中危 |
5.4 |
2025-12-17 |
| CVE-2025-67873 |
Capstone反汇编框架堆缓冲区溢出漏洞 |
中危 |
4.8 |
2025-12-17 |
| CVE-2025-67794 |
DriveLock 代理文件权限过松导致本地权限提升漏洞 (CVE-2025-67794) |
中危 |
6.1 |
2025-12-17 |