🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-3223 | متوسط | — |
Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer.
|
— | فبراير 27, 2026 |
| CVE-2026-21656 | متوسط | — |
Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD al…
|
— | فبراير 27, 2026 |
| CVE-2026-21659 | متوسط | — |
Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion (LFI) vulnerability in John…
|
— | فبراير 27, 2026 |
| CVE-2026-21658 | متوسط | — |
Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') vulnerability in Joh…
|
— | فبراير 27, 2026 |
| CVE-2026-21654 | متوسط | — |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Johnson Cont…
|
— | فبراير 27, 2026 |
| CVE-2018-25160 | متوسط | — |
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code i…
|
— | فبراير 27, 2026 |
| CVE-2026-21657 | متوسط | — |
Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD al…
|
— | فبراير 27, 2026 |
| CVE-2026-21619 | متوسط | — |
Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), …
|
— | فبراير 27, 2026 |
| CVE-2026-3304 | متوسط | — |
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allo…
|
— | فبراير 27, 2026 |
| CVE-2026-2359 | متوسط | — |
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allo…
|
— | فبراير 27, 2026 |
| CVE-2026-2880 | متوسط | — |
A vulnerability in @fastify/middie versions < 9.2.0 can result in authentication/authorization bypass when using path-sc…
|
— | فبراير 27, 2026 |
| CVE-2026-24498 | متوسط | — |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Network…
|
— | فبراير 27, 2026 |
| CVE-2026-24497 | متوسط | — |
Stack-based Buffer Overflow vulnerability in SimTech Systems, Inc. ThinkWise allows Remote Code Inclusion.This issue aff…
|
— | فبراير 27, 2026 |
| CVE-2026-3327 | متوسط | — |
Authenticated Iframe Injection in Dato CMS Web Previews plugin. This vulnerability permits a malicious authenticated use…
|
— | فبراير 27, 2026 |
| CVE-2026-2293 | متوسط | — |
A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fas…
|
— | فبراير 27, 2026 |
| CVE-2026-27500 | متوسط | — |
Rejected reason: Further research determined the situation described is not a vulnerability.
|
— | فبراير 27, 2026 |
| CVE-2026-27200 | متوسط | — |
Rejected reason: Further research determined the situation described is not a vulnerability.
|
— | فبراير 27, 2026 |
| CVE-2026-3277 | متوسط | — |
The OpenID Connect (OIDC) authentication configuration in PowerShell
Universal before 2026.1.3 stores the OIDC client s…
|
— | فبراير 27, 2026 |
| CVE-2025-15498 | متوسط | — |
Pro3W CMS if vulnerable to SQL injection attacks. Improper neutralization of input provided into a login form allows an …
|
— | فبراير 27, 2026 |
| CVE-2025-15509 | متوسط | — |
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage.
|
— | فبراير 27, 2026 |