🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2019-25266 | مرتفع | 7.8 |
Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local at…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2019-25292 | مرتفع | 7.8 |
Alps HID Monitor Service 8.1.0.10 contains an unquoted service path vulnerability that allows local attackers to potenti…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2019-25293 | مرتفع | 7.8 |
BlueStacks App Player 2.4.44.62.57 contains an unquoted service path vulnerability in the BstHdLogRotatorSvc service tha…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2019-25302 | مرتفع | 7.8 |
Acer Launch Manager 6.1.7600.16385 contains an unquoted service path vulnerability in the DsiWMIService that allows loca…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2019-25304 | مرتفع | 7.8 |
SecurOS Enterprise 10.2 contains an unquoted service path vulnerability in the SecurosCtrlService that allows local user…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2019-25305 | مرتفع | 7.8 |
JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privi…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2026-21626 | مرتفع | 7.5 |
Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violatio…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2026-25556 | مرتفع | 7.5 |
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fz_fill_pixmap_from_display_list() when an e…
|
⚡ Exploit ✅ Patch | فبراير 6, 2026 |
| CVE-2026-25650 | مرتفع | 7.5 |
MCP Salesforce Connector is a Model Context Protocol (MCP) server implementation for Salesforce integration. Prior to 0.…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2026-25724 | مرتفع | 7.5 |
Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configu…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2026-25751 | مرتفع | 7.5 |
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An information disclosure vulnerability in FUX…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2026-25758 | مرتفع | 7.5 |
Spree is an open source e-commerce solution built with Ruby on Rails. A critical IDOR vulnerability exists in Spree Comm…
|
⚡ Exploit ✅ Patch | فبراير 6, 2026 |
| CVE-2026-2103 | مرتفع | 7.1 |
Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, da…
|
⚡ Exploit ✅ Patch | فبراير 6, 2026 |
| CVE-2019-25299 | مرتفع | 7.1 |
RimbaLinux AhadPOS 1.11 contains a SQL injection vulnerability in the 'alamatCustomer' parameter that allows attackers t…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2019-25300 | مرتفع | 7.1 |
thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries th…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2019-25303 | مرتفع | 7.1 |
TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate databas…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2025-11953 | حرج | 9.0 |
React Native Community CLI OS Command Injection Vulnerability — React Native Community CLI contains an OS command inject…
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2026-24423 | حرج | 9.0 |
SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability — SmarterTools SmarterMail contains …
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2020-37117 | مرتفع | 8.8 |
jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated adm…
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2025-15557 | مرتفع | 8.8 |
An Improper Certificate Validation vulnerability in TP-Link Tapo H100 v1 and Tapo P100 v1 allows an on-path attacker on …
|
✅ Patch | فبراير 5, 2026 |