🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-20042 | متوسط | 6.5 |
A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encrypt…
|
— | أبريل 1, 2026 |
| CVE-2026-20095 | متوسط | 6.5 |
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with ad…
|
— | أبريل 1, 2026 |
| CVE-2026-20096 | متوسط | 6.5 |
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with ad…
|
— | أبريل 1, 2026 |
| CVE-2026-20097 | متوسط | 6.5 |
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with ad…
|
— | أبريل 1, 2026 |
| CVE-2026-30522 | متوسط | 6.5 |
A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validati…
|
⚡ Exploit | أبريل 1, 2026 |
| CVE-2026-35000 | متوسط | 6.5 |
ChangeDetection.io versions prior to 0.54.7 contain a protection bypass vulnerability in the SafeXPath3Parser implementa…
|
— | أبريل 1, 2026 |
| CVE-2026-4668 | متوسط | 6.5 |
The Booking for Appointments and Events Calendar - Amelia plugin for WordPress is vulnerable to SQL Injection via the `s…
|
— | أبريل 1, 2026 |
| CVE-2025-13535 | متوسط | 6.4 |
The King Addons for Elementor plugin for WordPress is vulnerable to multiple Contributor+ DOM-Based Stored Cross-Site Sc…
|
— | أبريل 1, 2026 |
| CVE-2026-35054 | متوسط | 6.4 |
XenForo before 2.3.9 is vulnerable to stored cross-site scripting (XSS) related to BB code rendering. An attacker can in…
|
— | أبريل 1, 2026 |
| CVE-2026-35057 | متوسط | 6.4 |
XenForo before 2.3.10 and before 2.2.19 is vulnerable to stored cross-site scripting (XSS) in structured text mentions, …
|
⚡ Exploit | أبريل 1, 2026 |
| CVE-2024-58342 | متوسط | 6.3 |
XenForo before 2.2.17 and 2.3.1 allows open redirect via a specially crafted URL. The getDynamicRedirect() function does…
|
— | أبريل 1, 2026 |
| CVE-2025-66483 | متوسط | 6.3 |
IBM Aspera Shares 1.9.9 through 1.11.0 does not invalidate session after a password reset which could allow an authentic…
|
— | أبريل 1, 2026 |
| CVE-2026-1879 | متوسط | 6.3 |
A vulnerability was detected in Harvard University IQSS Dataverse up to 6.8. This affects an unknown function of the fil…
|
— | أبريل 1, 2026 |
| CVE-2026-5248 | متوسط | 6.3 |
A vulnerability has been found in gougucms 4.08.18. This affects the function reg_submit of the file gougucms-master\app…
|
— | أبريل 1, 2026 |
| CVE-2026-5251 | متوسط | 6.3 |
A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user…
|
— | أبريل 1, 2026 |
| CVE-2026-5259 | متوسط | 6.3 |
A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an unknown function of the…
|
— | أبريل 1, 2026 |
| CVE-2025-71280 | متوسط | 6.2 |
XenForo before 2.3.7 allows information disclosure via local account page caching on shared systems. On systems where mu…
|
— | أبريل 1, 2026 |
| CVE-2026-20041 | متوسط | 6.1 |
A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attac…
|
— | أبريل 1, 2026 |
| CVE-2026-20085 | متوسط | 6.1 |
A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to co…
|
— | أبريل 1, 2026 |
| CVE-2026-35055 | متوسط | 6.1 |
XenForo before 2.3.9 and before 2.2.18 is vulnerable to cross-site scripting (XSS) related to lightbox usage in posts. A…
|
— | أبريل 1, 2026 |