快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 358083
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-50189 |
Chamilo is a learning management system. Prior to version 1.11.30, the application performs insuffic
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-50188 |
Chamilo is a learning management system. Prior to version 1.11.30, the application performs insuffic
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-50187 |
Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is ev
|
CRITICAL | 9.8 | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-50186 |
Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting (XS
|
MEDIUM | 4.8 | 2026-03-02 |
未知
|
NVD | |
| CVE-2024-50337 |
Chamilo is a learning management system. Prior to version 1.11.28, the OpenId function allows anyone
|
MEDIUM | 5.3 | 2026-03-02 |
未知
|
NVD | |
| CVE-2024-47886 |
Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserial
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2026-26698 |
code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/modal
|
MEDIUM | 4.9 | 2026-03-02 |
未知
|
NVD | |
| CVE-2026-26697 |
code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/recor
|
MEDIUM | 4.9 | 2026-03-02 |
未知
|
NVD | |
| CVE-2026-1628 |
Mattermost Desktop App versions <=5.13.3 fail to attach listeners restricting navigation to external
|
MEDIUM | 4.6 | 2026-03-02 |
未知
|
NVD | |
| CVE-2026-3432 |
On SimStudio version below to 0.5.74, the `/api/auth/oauth/token` endpoint contains a code path that
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2026-3431 |
On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection paramet
|
CRITICAL | 9.8 | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-14532 |
DobryCMS's upload file functionality allows an unauthenticated remote attacker to upload files of an
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-12462 |
A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attack
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-58406 |
The CGM CLININET application respond without essential security HTTP headers, exposing users to clie
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-58405 |
The CGM CLININET application does not implement any mechanisms that prevent clickjacking attacks, ne
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-58402 |
The CGM CLININET application uses direct, sequential object identifiers "MessageID" without proper a
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-30062 |
In the "CheckUnitCodeAndKey.pl" service, the "validateOrgUnit" function is vulnerable to SQL injecti
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-30044 |
In the endpoints "/cgi-bin/CliniNET.prd/utils/usrlogstat_simple.pl", "/cgi-bin/CliniNET.prd/utils/us
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-30042 |
The CGM CLININET system provides smart card authentication; however, authentication is conducted loc
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD | |
| CVE-2025-30035 |
The vulnerability enables an attacker to fully bypass authentication in CGM CLININET and gain access
|
UNKNOWN | N/A | 2026-03-02 |
未知
|
NVD |