🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-4615 | مرتفع | 7.3 |
A vulnerability was identified in SourceCodester Online Catering Reservation 1.0. Impacted is an unknown function of the…
|
— | مارس 24, 2026 |
| CVE-2026-4625 | مرتفع | 7.3 |
A flaw has been found in SourceCodester Online Admission System 1.0. This affects an unknown function of the file /progr…
|
— | مارس 24, 2026 |
| CVE-2026-4623 | مرتفع | 7.3 |
A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c…
|
— | مارس 24, 2026 |
| CVE-2026-4613 | مرتفع | 7.3 |
A vulnerability was found in SourceCodester E-Commerce Site 1.0. This vulnerability affects unknown code of the file /pr…
|
— | مارس 24, 2026 |
| CVE-2026-4617 | مرتفع | 7.3 |
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element…
|
— | مارس 24, 2026 |
| CVE-2026-33157 | مرتفع | 7.2 |
Craft CMS is a content management system (CMS). From version 5.6.0 to before version 5.9.13, a Remote Code Execution (RC…
|
⚡ Exploit ✅ Patch | مارس 24, 2026 |
| CVE-2026-33539 | مرتفع | 7.2 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…
|
✅ Patch | مارس 24, 2026 |
| CVE-2026-4627 | مرتفع | 7.2 |
A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handler_update_system_tim…
|
— | مارس 24, 2026 |
| CVE-2019-25638 | مرتفع | 7.1 |
Meeplace Business Review Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute…
|
— | مارس 24, 2026 |
| CVE-2026-33502 | حرج | 9.3 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, an unauthenticated server-side reque…
|
⚡ Exploit ✅ Patch | مارس 23, 2026 |
| CVE-2025-60949 | حرج | 9.1 |
Census CSWeb 8.0.1 allows "app/config" to be reachable via HTTP in some deployments. A remote, unauthenticated attacker …
|
✅ Patch | مارس 23, 2026 |
| CVE-2026-4566 | مرتفع | 8.8 |
A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/for…
|
— | مارس 23, 2026 |
| CVE-2026-33046 | مرتفع | 8.8 |
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In vers…
|
✅ Patch | مارس 23, 2026 |
| CVE-2026-33634 | مرتفع | 8.8 |
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy…
|
⚡ Exploit | مارس 23, 2026 |
| CVE-2026-23480 | مرتفع | 8.8 |
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is a privilege escalation vulnerability.…
|
✅ Patch | مارس 23, 2026 |
| CVE-2026-4565 | مرتفع | 8.8 |
A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetN…
|
— | مارس 23, 2026 |
| CVE-2026-33513 | مرتفع | 8.6 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, an unauthenticated API endpoint (`AP…
|
⚡ Exploit | مارس 23, 2026 |
| CVE-2026-33480 | مرتفع | 8.6 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `isSSRFSafeURL()` function in AV…
|
⚡ Exploit ✅ Patch | مارس 23, 2026 |
| CVE-2026-32845 | مرتفع | 8.4 |
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate() function when validating …
|
— | مارس 23, 2026 |
| CVE-2026-33651 | مرتفع | 8.1 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `remindMe.json.php` endpoint pas…
|
⚡ Exploit ✅ Patch | مارس 23, 2026 |