| CVE-2025-12857 |
code-projects Responsive Hotel Site 1.0 SQL注入漏洞 |
中危 |
4.7 |
2025-11-07 |
| CVE-2025-12856 |
Responsive Hotel Site 1.0 reservation.php SQL注入漏洞 |
中危 |
4.7 |
2025-11-07 |
| CVE-2025-12855 |
code-projects Responsive Hotel Site 1.0 SQL注入漏洞 |
中危 |
4.7 |
2025-11-07 |
| CVE-2025-12854 |
newbee-mall-plus 秒杀功能授权绕过漏洞 |
低危 |
3.7 |
2025-11-07 |
| CVE-2025-12853 |
SourceCodester Best House Rental Management System... |
中危 |
4.7 |
2025-11-07 |
| CVE-2025-12829 |
Amazon Ion-C未初始化栈读取漏洞 |
中危 |
6.2 |
2025-11-07 |
| CVE-2025-12789 |
Red Hat Single Sign-On 开放重定向漏洞 |
中危 |
6.1 |
2025-11-07 |
| CVE-2025-12527 |
WordPress Page & Post Notes插件权限绕过漏洞 |
中危 |
4.3 |
2025-11-07 |
| CVE-2025-12520 |
WordPress WP Airbnb Review Slider 存储型XSS漏洞 |
中危 |
4.0 |
2025-11-07 |
| CVE-2025-12352 |
WordPress Gravity Forms插件任意文件上传漏洞 |
严重 |
9.8 |
2025-11-07 |
| CVE-2025-10968 |
PaperWork Hibernate SQL注入漏洞 |
高危 |
8.8 |
2025-11-07 |
| CVE-2025-10966 |
curl wolfSSH后端SFTP连接主机验证缺失漏洞 |
中危 |
4.3 |
2025-11-07 |
| CVE-2025-10230 |
Samba WINS Hook远程代码执行漏洞 |
严重 |
10.0 |
2025-11-07 |
| CVE-2024-47118 |
IBM Db2 拒绝服务漏洞 |
中危 |
6.5 |
2025-11-07 |
| CVE-2025-64327 |
ThinkDashboard 盲SSRF漏洞 |
中危 |
5.3 |
2025-11-06 |
| CVE-2025-64326 |
Weblate审计日志IP地址泄露漏洞 |
低危 |
2.6 |
2025-11-06 |
| CVE-2025-64302 |
Advantech Dashboard标签/路径输入验证不足导致信息泄露 |
中危 |
6.4 |
2025-11-06 |
| CVE-2025-64287 |
Alloggio酒店预订主题本地文件包含漏洞 |
高危 |
8.1 |
2025-11-06 |
| CVE-2025-64232 |
WordPress Import from YML插件反射型XSS漏洞 |
高危 |
7.1 |
2025-11-06 |
| CVE-2025-64224 |
WordPress Grand Conference主题插件反射型XSS漏洞 |
高危 |
7.1 |
2025-11-06 |
| CVE-2025-64198 |
WordPress Easy Social Share Buttons插件反射型XSS漏洞 |
高危 |
7.1 |
2025-11-06 |
| CVE-2025-64196 |
Booster for WooCommerce插件反射型XSS漏洞 |
高危 |
7.1 |
2025-11-06 |
| CVE-2025-64179 |
lakeFS 未授权访问usage-report接口漏洞 |
中危 |
5.3 |
2025-11-06 |
| CVE-2025-64177 |
ThinkDashboard存储型XSS漏洞 |
中危 |
5.4 |
2025-11-06 |
| CVE-2025-64176 |
ThinkDashboard备份导入任意文件上传漏洞 |
中危 |
5.3 |
2025-11-06 |
| CVE-2025-64174 |
Magento-lts 存储型XSS漏洞 |
中危 |
4.8 |
2025-11-06 |
| CVE-2025-64173 |
Apollo Router Core接口访问控制绕过漏洞 |
高危 |
7.5 |
2025-11-06 |
| CVE-2025-64164 |
DataEase JNDI注入远程代码执行漏洞 |
严重 |
9.8 |
2025-11-06 |
| CVE-2025-64163 |
DataEase DNS协议SSRF漏洞 |
严重 |
9.8 |
2025-11-06 |
| CVE-2025-64114 |
ClipBucket v5 Custom Fields插件SQL注入漏洞 |
中危 |
6.5 |
2025-11-06 |
| CVE-2025-63589 |
CMSimple_XH 1.8 反射型XSS漏洞 |
高危 |
7.1 |
2025-11-06 |
| CVE-2025-63588 |
CMSimpleXH 反射型XSS漏洞 |
高危 |
7.1 |
2025-11-06 |
| CVE-2025-63560 |
KiloView视频编码器System/reFactory组件拒绝服务漏洞 |
高危 |
7.5 |
2025-11-06 |
| CVE-2025-63551 |
MetInfo CMS XXE注入导致SSRF漏洞 |
高危 |
7.5 |
2025-11-06 |
| CVE-2025-63307 |
laravel-file-manager存储型XSS漏洞 |
高危 |
8.1 |
2025-11-06 |
| CVE-2025-6327 |
King Addons for Elementor插件任意文件上传漏洞 |
严重 |
10.0 |
2025-11-06 |
| CVE-2025-6325 |
King Addons for Elementor 权限提升漏洞 |
严重 |
9.8 |
2025-11-06 |
| CVE-2025-62950 |
WordPress Contest Gallery插件CSRF漏洞 |
中危 |
4.3 |
2025-11-06 |
| CVE-2025-62914 |
Effect Maker WordPress插件存在缺少授权访问控制漏洞 |
中危 |
6.5 |
2025-11-06 |
| CVE-2025-62630 |
Advantech工业产品配置上传目录遍历导致远程代码执行高危漏洞 |
高危 |
8.8 |
2025-11-06 |
| CVE-2025-62596 |
Youki容器运行时AppArmor路径遍历漏洞 |
严重 |
10.0 |
2025-11-06 |
| CVE-2025-62161 |
Youki容器运行时/dev/null验证不足导致容器逃逸漏洞 |
严重 |
10.0 |
2025-11-06 |
| CVE-2025-62076 |
WordPress Simple Payment插件存储型XSS漏洞 |
高危 |
7.1 |
2025-11-06 |
| CVE-2025-62075 |
WordPress Simple Payment插件远程文件包含漏洞 |
高危 |
7.5 |
2025-11-06 |
| CVE-2025-62074 |
WordPress WPMobile.App插件跨站脚本漏洞 |
高危 |
7.1 |
2025-11-06 |
| CVE-2025-62067 |
Savory主题远程文件包含漏洞 |
高危 |
8.1 |
2025-11-06 |
| CVE-2025-62066 |
WordPress Revolution Theme 远程文件包含漏洞 |
高危 |
7.5 |
2025-11-06 |
| CVE-2025-62065 |
Rometheme RTMKit插件任意文件上传漏洞 |
严重 |
9.9 |
2025-11-06 |
| CVE-2025-62064 |
WordPress Search & Go主题密码恢复认证绕过漏洞 |
严重 |
9.8 |
2025-11-06 |
| CVE-2025-62059 |
WordPress SureRank插件存储型XSS漏洞 |
高危 |
7.1 |
2025-11-06 |