🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-22816 | مرتفع | 7.4 |
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving d…
|
✅ Patch | يناير 16, 2026 |
| CVE-2026-22865 | مرتفع | 7.4 |
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving d…
|
✅ Patch | يناير 16, 2026 |
| CVE-2025-65117 | مرتفع | 7.4 |
The vulnerability, if exploited, could allow an authenticated miscreant
(Process Optimization Designer User) to embed O…
|
✅ Patch | يناير 16, 2026 |
| CVE-2026-23723 | مرتفع | 7.2 |
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an authenticated SQL Injection vulnerability was ide…
|
⚡ Exploit ✅ Patch | يناير 16, 2026 |
| CVE-2026-21223 | مرتفع | 7.1 |
Improper privilege management in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feat…
|
✅ Patch | يناير 16, 2026 |
| CVE-2026-23520 | حرج | 9.0 |
Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane…
|
⚡ Exploit ✅ Patch | يناير 15, 2026 |
| CVE-2026-23622 | مرتفع | 8.8 |
Easy!Appointments is a self hosted appointment scheduler. In 1.5.2 and earlier, application/core/EA_Security.php::csrf_v…
|
⚡ Exploit ✅ Patch | يناير 15, 2026 |
| CVE-2021-47757 | مرتفع | 8.8 |
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup res…
|
⚡ Exploit ✅ Patch | يناير 15, 2026 |
| CVE-2021-47758 | مرتفع | 8.8 |
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attac…
|
⚡ Exploit ✅ Patch | يناير 15, 2026 |
| CVE-2025-13062 | مرتفع | 8.8 |
The Supreme Modules Lite plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and includin…
|
✅ Patch | يناير 15, 2026 |
| CVE-2021-47775 | مرتفع | 8.4 |
YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allo…
|
✅ Patch | يناير 15, 2026 |
| CVE-2021-47763 | مرتفع | 8.2 |
Aimeos 2021.10 LTS contains a SQL injection vulnerability in the json api 'sort' parameter that allows attackers to inje…
|
✅ Patch | يناير 15, 2026 |
| CVE-2021-47777 | مرتفع | 8.2 |
Build Smart ERP 21.0817 contains an unauthenticated SQL injection vulnerability in the 'eidValue' parameter of the login…
|
✅ Patch | يناير 15, 2026 |
| CVE-2021-47761 | مرتفع | 7.8 |
MilleGPG5 5.7.2 contains a local privilege escalation vulnerability that allows authenticated users to modify service ex…
|
✅ Patch | يناير 15, 2026 |
| CVE-2021-47762 | مرتفع | 7.8 |
HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute …
|
✅ Patch | يناير 15, 2026 |
| CVE-2021-47755 | مرتفع | 7.5 |
Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrar…
|
⚡ Exploit ✅ Patch | يناير 15, 2026 |
| CVE-2021-47784 | مرتفع | 7.5 |
Cyberfox Web Browser 52.9.1 contains a denial of service vulnerability that allows attackers to crash the application by…
|
✅ Patch | يناير 15, 2026 |
| CVE-2025-60003 | مرتفع | 7.5 |
A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved …
|
✅ Patch | يناير 15, 2026 |
| CVE-2025-9014 | مرتفع | 7.5 |
A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP-Link TL-WR841N v14, …
|
✅ Patch | يناير 15, 2026 |
| CVE-2026-0227 | مرتفع | 7.5 |
A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (…
|
✅ Patch | يناير 15, 2026 |