🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-34261 | متوسط | 6.5 |
Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could m…
|
— | أبريل 14, 2026 |
| CVE-2026-27677 | متوسط | 6.5 |
Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Reference Equipment), an attacker could upd…
|
— | أبريل 14, 2026 |
| CVE-2026-34264 | متوسط | 6.5 |
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due t…
|
— | أبريل 14, 2026 |
| CVE-2026-27678 | متوسط | 6.5 |
Due to missing authorization checks in the SAP S/4HANA backend OData Service (Manage Reference Structures), an attacker …
|
— | أبريل 14, 2026 |
| CVE-2026-27679 | متوسط | 6.5 |
Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker…
|
— | أبريل 14, 2026 |
| CVE-2026-27925 | متوسط | 6.5 |
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose informa…
|
— | أبريل 14, 2026 |
| CVE-2026-32201 | متوسط | 6.5 |
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a netw…
|
— | أبريل 14, 2026 |
| CVE-2026-1607 | متوسط | 6.4 |
The Surbma | Booking.com Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `s…
|
— | أبريل 14, 2026 |
| CVE-2026-4059 | متوسط | 6.4 |
The ShopLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the woolentor_quickview_button shor…
|
— | أبريل 14, 2026 |
| CVE-2026-34626 | متوسط | 6.3 |
Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Mo…
|
— | أبريل 14, 2026 |
| CVE-2026-27299 | متوسط | 6.3 |
Adobe Framemaker versions 2022.8 and earlier are affected by an Improper Input Validation vulnerability that could lead …
|
— | أبريل 14, 2026 |
| CVE-2026-32072 | متوسط | 6.2 |
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.
|
— | أبريل 14, 2026 |
| CVE-2026-33822 | متوسط | 6.1 |
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
|
— | أبريل 14, 2026 |
| CVE-2026-32196 | متوسط | 6.1 |
Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an u…
|
— | أبريل 14, 2026 |
| CVE-2026-21331 | متوسط | 6.1 |
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. I…
|
— | أبريل 14, 2026 |
| CVE-2026-26169 | متوسط | 6.1 |
Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally.
|
— | أبريل 14, 2026 |
| CVE-2026-34257 | متوسط | 6.1 |
Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft …
|
— | أبريل 14, 2026 |
| CVE-2026-27674 | متوسط | 6.1 |
Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an unauthenticated att…
|
— | أبريل 14, 2026 |
| CVE-2026-34614 | متوسط | 6.1 |
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. I…
|
— | أبريل 14, 2026 |
| CVE-2026-32088 | متوسط | 6.1 |
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Biometric Service…
|
— | أبريل 14, 2026 |