🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-23515 | حرج | 9.9 |
Signal K Server is a server application that runs on a central hub in a boat. Prior to 1.5.0, a command injection vulner…
|
⚡ Exploit ✅ Patch | فبراير 2, 2026 |
| CVE-2026-25134 | مرتفع | 8.8 |
Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5…
|
⚡ Exploit ✅ Patch | فبراير 2, 2026 |
| CVE-2022-50975 | مرتفع | 8.8 |
An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2024-5386 | مرتفع | 8.8 |
In lunary-ai/lunary version 1.2.2, an account hijacking vulnerability exists due to a password reset token leak. A user …
|
⚡ Exploit ✅ Patch | فبراير 2, 2026 |
| CVE-2025-8587 | مرتفع | 8.6 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AKCE Software Tech…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2026-1530 | مرتفع | 8.1 |
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) atta…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2026-1531 | مرتفع | 8.1 |
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2026-25221 | مرتفع | 8.1 |
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for …
|
⚡ Exploit ✅ Patch | فبراير 2, 2026 |
| CVE-2026-0630 | مرتفع | 8.0 |
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent
authenticated
attack…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2026-0631 | مرتفع | 8.0 |
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows an adjacent
authenticated
att…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2026-22221 | مرتفع | 8.0 |
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent
authenticated
attack…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2026-22222 | مرتفع | 8.0 |
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent
authenticated
attack…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2026-22223 | مرتفع | 8.0 |
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent
authenticated
attack…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2025-47358 | مرتفع | 7.8 |
Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inad…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2025-47359 | مرتفع | 7.8 |
Memory Corruption when multiple threads simultaneously access a memory free API.
|
✅ Patch | فبراير 2, 2026 |
| CVE-2025-47397 | مرتفع | 7.8 |
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
|
✅ Patch | فبراير 2, 2026 |
| CVE-2025-47398 | مرتفع | 7.8 |
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2025-47399 | مرتفع | 7.8 |
Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.
|
✅ Patch | فبراير 2, 2026 |
| CVE-2022-50976 | مرتفع | 7.7 |
A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB.
|
✅ Patch | فبراير 2, 2026 |
| CVE-2025-14914 | مرتفع | 7.6 |
IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive…
|
✅ Patch | فبراير 2, 2026 |