🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2025-68704 | مرتفع | 7.5 |
Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses java.uti…
|
✅ Patch | يناير 13, 2026 |
| CVE-2025-68931 | مرتفع | 7.5 |
Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, AES/CBC/PKCS5Padding…
|
✅ Patch | يناير 13, 2026 |
| CVE-2025-70753 | مرتفع | 7.5 |
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_4CA50 function…
|
⚡ Exploit ✅ Patch | يناير 13, 2026 |
| CVE-2025-71024 | مرتفع | 7.5 |
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the serviceName2 parameter of the fromAdvSetMac…
|
⚡ Exploit ✅ Patch | يناير 13, 2026 |
| CVE-2025-71025 | مرتفع | 7.5 |
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMt…
|
⚡ Exploit ✅ Patch | يناير 13, 2026 |
| CVE-2025-71026 | مرتفع | 7.5 |
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtu…
|
⚡ Exploit ✅ Patch | يناير 13, 2026 |
| CVE-2025-71027 | مرتفع | 7.5 |
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanMTU2 parameter of the fromAdvSetMacMtuWa…
|
⚡ Exploit ✅ Patch | يناير 13, 2026 |
| CVE-2022-50806 | مرتفع | 7.2 |
4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse…
|
⚡ Exploit ✅ Patch | يناير 13, 2026 |
| CVE-2022-50907 | مرتفع | 7.2 |
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrative users to bypass upl…
|
⚡ Exploit ✅ Patch | يناير 13, 2026 |
| CVE-2022-50908 | مرتفع | 7.2 |
Mailhog 1.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts thr…
|
✅ Patch | يناير 13, 2026 |
| CVE-2022-50916 | مرتفع | 7.2 |
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrators to override server …
|
⚡ Exploit ✅ Patch | يناير 13, 2026 |
| CVE-2026-21219 | مرتفع | 7.0 |
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
|
✅ Patch | يناير 13, 2026 |
| CVE-2026-22783 | حرج | 9.6 |
Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior…
|
✅ Patch | يناير 12, 2026 |
| CVE-2026-22794 | حرج | 9.6 |
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin …
|
⚡ Exploit ✅ Patch | يناير 12, 2026 |
| CVE-2025-8110 | حرج | 9.0 |
Gogs Path Traversal Vulnerability — Gogs contains a path traversal vulnerability affecting improper Symbolic link handli…
|
⚡ Exploit ✅ Patch | يناير 12, 2026 |
| CVE-2025-69274 | مرتفع | 8.8 |
Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows P…
|
✅ Patch | يناير 12, 2026 |
| CVE-2025-69276 | مرتفع | 8.8 |
Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection…
|
✅ Patch | يناير 12, 2026 |
| CVE-2026-0854 | مرتفع | 8.8 |
Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote …
|
✅ Patch | يناير 12, 2026 |
| CVE-2026-0855 | مرتفع | 8.8 |
Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remot…
|
✅ Patch | يناير 12, 2026 |
| CVE-2026-22799 | مرتفع | 8.8 |
Emlog is an open source website building system. emlog v2.6.1 and earlier exposes a REST API endpoint (/index.php?rest-a…
|
⚡ Exploit ✅ Patch | يناير 12, 2026 |