🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2020-36905 | مرتفع | 7.5 |
FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented proxy API that allows…
|
✅ Patch | يناير 6, 2026 |
| CVE-2020-36907 | مرتفع | 7.5 |
Aerohive HiveOS contains a denial of service vulnerability in the NetConfig UI that allows unauthenticated attackers to …
|
✅ Patch | يناير 6, 2026 |
| CVE-2020-36914 | مرتفع | 7.5 |
QiHang Media Web Digital Signage 3.0.9 contains a sensitive information disclosure vulnerability that allows remote atta…
|
✅ Patch | يناير 6, 2026 |
| CVE-2020-36917 | مرتفع | 7.5 |
iDS6 DSSPro Digital Signage System 6.2 contains a sensitive information disclosure vulnerability that allows remote atta…
|
✅ Patch | يناير 6, 2026 |
| CVE-2020-36921 | مرتفع | 7.5 |
RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated at…
|
✅ Patch | يناير 6, 2026 |
| CVE-2020-36922 | مرتفع | 7.5 |
Sony BRAVIA Digital Signage 1.7.8 contains an information disclosure vulnerability that allows unauthenticated attackers…
|
⚡ Exploit ✅ Patch | يناير 6, 2026 |
| CVE-2025-69227 | مرتفع | 7.5 |
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an i…
|
✅ Patch | يناير 6, 2026 |
| CVE-2025-69228 | مرتفع | 7.5 |
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a reques…
|
✅ Patch | يناير 6, 2026 |
| CVE-2025-15364 | مرتفع | 7.3 |
The Download Manager plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up …
|
✅ Patch | يناير 6, 2026 |
| CVE-2025-14997 | مرتفع | 7.2 |
The BuddyPress Xprofile Custom Field Types plugin for WordPress is vulnerable to arbitrary file deletion due to insuffic…
|
✅ Patch | يناير 6, 2026 |
| CVE-2025-59157 | حرج | 9.9 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0…
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-64420 | حرج | 9.9 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-64419 | حرج | 9.6 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0…
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-15240 | مرتفع | 8.8 |
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing aut…
|
✅ Patch | يناير 5, 2026 |
| CVE-2025-15462 | مرتفع | 8.8 |
A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/C…
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-59156 | مرتفع | 8.8 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0…
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-64423 | مرتفع | 8.8 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-64424 | مرتفع | 8.8 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-66518 | مرتفع | 8.8 |
Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-side config kyuubi.ses…
|
✅ Patch | يناير 5, 2026 |
| CVE-2025-68454 | مرتفع | 8.8 |
Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 ar…
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |