🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2016-20058 | مرتفع | 7.8 |
Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivi…
|
— | أبريل 4, 2026 |
| CVE-2016-20059 | مرتفع | 7.8 |
IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services…
|
— | أبريل 4, 2026 |
| CVE-2016-20060 | مرتفع | 7.8 |
Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attac…
|
— | أبريل 4, 2026 |
| CVE-2016-20061 | مرتفع | 7.8 |
sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers …
|
— | أبريل 4, 2026 |
| CVE-2026-34769 | مرتفع | 7.7 |
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to version…
|
— | أبريل 4, 2026 |
| CVE-2018-25246 | مرتفع | 7.5 |
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application…
|
— | أبريل 4, 2026 |
| CVE-2026-1233 | مرتفع | 7.5 |
The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress is vulnerable to sensitive information exposure i…
|
— | أبريل 4, 2026 |
| CVE-2026-5526 | مرتفع | 7.3 |
A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerabil…
|
— | أبريل 4, 2026 |
| CVE-2018-25248 | مرتفع | 7.2 |
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inje…
|
⚡ Exploit | أبريل 4, 2026 |
| CVE-2018-25250 | مرتفع | 7.2 |
MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows atta…
|
— | أبريل 4, 2026 |
| CVE-2026-2936 | مرتفع | 7.2 |
The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page…
|
— | أبريل 4, 2026 |
| CVE-2026-5425 | مرتفع | 7.2 |
The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'feed_data' …
|
— | أبريل 4, 2026 |
| CVE-2026-3445 | مرتفع | 7.1 |
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePres…
|
— | أبريل 4, 2026 |
| CVE-2026-25044 | مرتفع | 8.8 |
Budibase is an open-source low-code platform. Prior to version 3.33.4, the bash automation step executes user-provided c…
|
— | أبريل 3, 2026 |
| CVE-2025-59710 | مرتفع | 8.8 |
An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the …
|
— | أبريل 3, 2026 |
| CVE-2026-32173 | مرتفع | 8.6 |
Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.
|
— | أبريل 3, 2026 |
| CVE-2015-10148 | مرتفع | 8.2 |
Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical…
|
— | أبريل 3, 2026 |
| CVE-2016-15058 | مرتفع | 8.1 |
Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior t…
|
— | أبريل 3, 2026 |
| CVE-2026-4350 | مرتفع | 8.1 |
The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to, …
|
— | أبريل 3, 2026 |
| CVE-2026-22665 | مرتفع | 8.1 |
prompts.chat prior to commit 1464475 contains an identity confusion vulnerability due to inconsistent case-sensitive and…
|
— | أبريل 3, 2026 |