🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2025-15311 | مرتفع | 7.8 |
Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.
|
✅ Patch | فبراير 5, 2026 |
| CVE-2020-37130 | مرتفع | 7.5 |
Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers …
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2020-37133 | مرتفع | 7.5 |
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allow…
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2020-37134 | مرتفع | 7.5 |
UltraVNC Viewer 1.2.4.0 contains a denial of service vulnerability that allows attackers to crash the application by man…
|
✅ Patch | فبراير 5, 2026 |
| CVE-2020-37136 | مرتفع | 7.5 |
ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers…
|
✅ Patch | فبراير 5, 2026 |
| CVE-2020-37143 | مرتفع | 7.5 |
ProficySCADA for iOS 5.0.25920 contains a denial of service vulnerability that allows attackers to crash the application…
|
✅ Patch | فبراير 5, 2026 |
| CVE-2020-37150 | مرتفع | 7.5 |
Edimax EW-7438RPn-v3 Mini 1.27 allows unauthenticated attackers to access the /wizard_reboot.asp page in unsetup mode, w…
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2025-11730 | مرتفع | 7.2 |
A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP s…
|
✅ Patch | فبراير 5, 2026 |
| CVE-2026-1294 | مرتفع | 7.2 |
The All In One Image Viewer Block plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up t…
|
✅ Patch | فبراير 5, 2026 |
| CVE-2026-25160 | حرج | 9.1 |
Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the a…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |
| CVE-2026-25539 | حرج | 9.1 |
SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not valid…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |
| CVE-2026-1756 | مرتفع | 8.8 |
The WP FOFT Loader plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in…
|
✅ Patch | فبراير 4, 2026 |
| CVE-2026-1819 | مرتفع | 8.8 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Karel Elect…
|
✅ Patch | فبراير 4, 2026 |
| CVE-2026-20098 | مرتفع | 8.8 |
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote a…
|
✅ Patch | فبراير 4, 2026 |
| CVE-2026-25056 | مرتفع | 8.8 |
n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge no…
|
✅ Patch | فبراير 4, 2026 |
| CVE-2026-25512 | مرتفع | 8.8 |
Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, a…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |
| CVE-2026-25513 | مرتفع | 8.8 |
FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.81, FacturaScr…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |
| CVE-2026-25514 | مرتفع | 8.8 |
FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.81, FacturaScr…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |
| CVE-2026-25521 | مرتفع | 8.8 |
Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. In versions from 2.0.12 to…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |
| CVE-2026-25538 | مرتفع | 8.8 |
Devtron is an open source tool integration platform for Kubernetes. In version 2.0.0 and prior, a vulnerability exists i…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |