快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 351381
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-24010 |
Horilla has HTML Injection Issue that, with Phishing, Leads to Account Takeover
|
HIGH | 8.8 | 2026-01-22 |
horilla-opensource horilla
|
CVE | |
| CVE-2026-24006 |
Seroval affected by Denial of Service via Deeply Nested Objects
|
HIGH | 7.5 | 2026-01-22 |
lxsmnsyc seroval
|
CVE | |
| CVE-2026-24002 |
pyodide sandbox option is insecure
|
CRITICAL | 9.1 | 2026-01-22 |
gristlabs grist-core
|
CVE | |
| CVE-2026-24001 |
jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch
|
LOW | 2.7 | 2026-01-22 |
kpdecker jsdiff
kpdecker jsdiff
+1个
|
CVE | |
| CVE-2026-23992 |
go-tuf improperly validates the configured threshold for delegations
|
MEDIUM | 5.9 | 2026-01-22 |
theupdateframework go-tuf
|
CVE | |
| CVE-2026-23991 |
go-tuf affected by client DoS via malformed server response
|
MEDIUM | 5.9 | 2026-01-22 |
theupdateframework go-tuf
|
CVE | |
| CVE-2026-23966 |
sm-crypto Affected by Private Key Recovery in SM2-PKE
|
CRITICAL | 9.1 | 2026-01-22 |
JuneAndGreen sm-crypto
|
CVE | |
| CVE-2026-23965 |
sm-crypto Affected by Signature Forgery in SM2-DSA
|
HIGH | 7.5 | 2026-01-22 |
JuneAndGreen sm-crypto
|
CVE | |
| CVE-2026-23967 |
sm-crypto Affected by Signature Malleability in SM2-DSA
|
HIGH | 7.5 | 2026-01-22 |
JuneAndGreen sm-crypto
|
CVE | |
| CVE-2026-23959 |
CoreShop Vulnerable to SQL Injection via Admin customer-company-modifier
|
MEDIUM | 6.9 | 2026-01-22 |
coreshop CoreShop
|
CVE | |
| CVE-2026-23964 |
Mastodon has insufficient access control to push notification settings
|
MEDIUM | 6.5 | 2026-01-22 |
mastodon mastodon
mastodon mastodon
+1个
|
CVE | |
| CVE-2026-23963 |
Mastodon missing length limits on list names, filter names, and filter keywords
|
MEDIUM | 4.3 | 2026-01-22 |
mastodon mastodon
mastodon mastodon
+1个
|
CVE | |
| CVE-2026-23962 |
Mastodon vulnerable to Denial of Service from a single post (client/server)
|
HIGH | 7.5 | 2026-01-22 |
mastodon mastodon
mastodon mastodon
+1个
|
CVE | |
| CVE-2026-23961 |
Mastodon may allow a remote suspension bypass
|
MEDIUM | 5.3 | 2026-01-22 |
mastodon mastodon
mastodon mastodon
+1个
|
CVE | |
| CVE-2026-23958 |
DataEase Vulnerable to Brute-Force Attack on Admin JWT Secret Derived from Password that Enables Full Account Takeover
|
HIGH | 8.8 | 2026-01-22 |
dataease dataease
|
CVE | |
| CVE-2026-23699 |
AP180 series with firmware versions prior to AP_RGOS 11.9(4)B1P8 contains an OS command injection vu...
|
HIGH | 8.6 | 2026-01-22 |
Ruijie Networks Co., Ltd. AP180(JA) V1.xx
Ruijie Networks Co., Ltd. AP180(JP) V1.xx
+7个
|
CVE | |
| CVE-2025-27380 |
HTML Injection Leading to Script Execution in Altium Enterprise Server
|
HIGH | 7.6 | 2026-01-22 |
Altium AES
|
CVE | |
| CVE-2026-23957 |
seroval is vulnerable to Denial of Service via array serialization
|
HIGH | 7.5 | 2026-01-22 |
lxsmnsyc seroval
|
CVE | |
| CVE-2026-23956 |
seroval affected by Denial of Service via RegExp serialization
|
HIGH | 7.5 | 2026-01-22 |
lxsmnsyc seroval
|
CVE | |
| CVE-2025-27379 |
Stored Cross-Site Scripting in AES BOM Viewer
|
MEDIUM | 6.8 | 2026-01-22 |
Altium AES
|
CVE |