🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-40032 | مرتفع | 7.8 |
UAC (Unix-like Artifacts Collector) before 3.3.0-rc1 contains a command injection vulnerability in the placeholder subst…
|
— | أبريل 8, 2026 |
| CVE-2026-40031 | مرتفع | 7.8 |
MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking acr…
|
— | أبريل 8, 2026 |
| CVE-2026-40030 | مرتفع | 7.8 |
parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument (-v flag) is …
|
— | أبريل 8, 2026 |
| CVE-2026-40029 | مرتفع | 7.8 |
parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsa…
|
— | أبريل 8, 2026 |
| CVE-2026-5726 | مرتفع | 7.8 |
ASDA-Soft Stack-based Buffer Overflow Vulnerability
|
— | أبريل 8, 2026 |
| CVE-2026-40036 | مرتفع | 7.5 |
Unfurl before 2026.04 contains an unbounded zlib decompression vulnerability in parse_compressed.py that allows remote a…
|
— | أبريل 8, 2026 |
| CVE-2026-35525 | مرتفع | 7.5 |
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for {% include %},…
|
⚡ Exploit | أبريل 8, 2026 |
| CVE-2026-3396 | مرتفع | 7.5 |
WCAPF – WooCommerce Ajax Product Filter plugin is vulnerable to time-based SQL Injection via the 'post-author' parameter…
|
— | أبريل 8, 2026 |
| CVE-2025-50654 | مرتفع | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of the id parameter in th…
|
— | أبريل 8, 2026 |
| CVE-2025-50653 | مرتفع | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem paramet…
|
— | أبريل 8, 2026 |
| CVE-2025-50650 | مرتفع | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the ro…
|
— | أبريل 8, 2026 |
| CVE-2025-50652 | مرتفع | 7.5 |
An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint…
|
— | أبريل 8, 2026 |
| CVE-2025-52222 | مرتفع | 7.5 |
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-840…
|
— | أبريل 8, 2026 |
| CVE-2026-40027 | مرتفع | 7.3 |
ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerability in the NQ_Vault.p…
|
— | أبريل 8, 2026 |
| CVE-2026-5813 | مرتفع | 7.3 |
A weakness has been identified in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of …
|
— | أبريل 8, 2026 |
| CVE-2026-5805 | مرتفع | 7.3 |
A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of…
|
— | أبريل 8, 2026 |
| CVE-2026-5802 | مرتفع | 7.3 |
A vulnerability was identified in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of the component HTTP …
|
— | أبريل 8, 2026 |
| CVE-2026-4808 | مرتفع | 7.2 |
The Gerador de Certificados – DevApps plugin for WordPress is vulnerable to arbitrary file uploads due to missing file t…
|
— | أبريل 8, 2026 |
| CVE-2026-1343 | مرتفع | 7.2 |
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 …
|
— | أبريل 8, 2026 |
| CVE-2026-32589 | مرتفع | 7.1 |
A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any reposit…
|
— | أبريل 8, 2026 |