🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2020-36999 | مرتفع | 8.2 |
Elaniin CMS 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard by manipul…
|
✅ Patch | يناير 29, 2026 |
| CVE-2020-37004 | مرتفع | 8.2 |
Ultimate Project Manager CRM PRO 2.0.5 contains a blind SQL injection vulnerability that allows attackers to extract use…
|
✅ Patch | يناير 29, 2026 |
| CVE-2020-37006 | مرتفع | 8.2 |
berliCRM 1.0.24 contains a SQL injection vulnerability in the 'src_record' parameter that allows remote attackers to man…
|
✅ Patch | يناير 29, 2026 |
| CVE-2026-1610 | مرتفع | 8.1 |
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this issue is some unknown functionality of t…
|
✅ Patch | يناير 29, 2026 |
| CVE-2025-7016 | مرتفع | 8.0 |
Improper Access Control vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Aut…
|
✅ Patch | يناير 29, 2026 |
| CVE-2020-37016 | مرتفع | 7.8 |
BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with eleva…
|
✅ Patch | يناير 29, 2026 |
| CVE-2020-37020 | مرتفع | 7.8 |
SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by…
|
✅ Patch | يناير 29, 2026 |
| CVE-2020-37021 | مرتفع | 7.8 |
10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local a…
|
✅ Patch | يناير 29, 2026 |
| CVE-2026-25116 | مرتفع | 7.6 |
Runtipi is a personal homeserver orchestrator. Starting in version 4.5.0 and prior to version 4.7.2, an unauthenticated …
|
⚡ Exploit ✅ Patch | يناير 29, 2026 |
| CVE-2026-25061 | مرتفع | 7.5 |
tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame …
|
⚡ Exploit ✅ Patch | يناير 29, 2026 |
| CVE-2020-36995 | مرتفع | 7.5 |
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application …
|
✅ Patch | يناير 29, 2026 |
| CVE-2020-37015 | مرتفع | 7.5 |
Ruijie Networks Switch eWeb S29_RGOS 11.4 contains a directory traversal vulnerability that allows unauthenticated attac…
|
✅ Patch | يناير 29, 2026 |
| CVE-2025-7713 | مرتفع | 7.5 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Inte…
|
✅ Patch | يناير 29, 2026 |
| CVE-2025-7714 | مرتفع | 7.5 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive…
|
✅ Patch | يناير 29, 2026 |
| CVE-2020-37005 | مرتفع | 7.1 |
TimeClock Software 1.01 contains an authenticated time-based SQL injection vulnerability that allows attackers to enumer…
|
✅ Patch | يناير 29, 2026 |
| CVE-2026-24897 | حرج | 10.0 |
Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticated low-privileged us…
|
⚡ Exploit ✅ Patch | يناير 28, 2026 |
| CVE-2026-0844 | مرتفع | 8.8 |
The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including…
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-22243 | مرتفع | 8.8 |
EGroupware is a Web based groupware server written in PHP. A SQL Injection vulnerability exists in the core components o…
|
⚡ Exploit ✅ Patch | يناير 28, 2026 |
| CVE-2026-24685 | مرتفع | 8.8 |
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitr…
|
✅ Patch | يناير 28, 2026 |
| CVE-2025-14386 | مرتفع | 8.8 |
The Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization plugin for WordPress …
|
✅ Patch | يناير 28, 2026 |