🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2025-41027 | متوسط | 6.1 |
Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an attacker execute JavaS…
|
— | مارس 26, 2026 |
| CVE-2026-1986 | متوسط | 6.1 |
The FloristPress for Woo – Customize your eCommerce store for your Florist plugin for WordPress is vulnerable to Reflect…
|
— | مارس 26, 2026 |
| CVE-2026-28297 | متوسط | 6.1 |
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when…
|
— | مارس 26, 2026 |
| CVE-2026-4887 | متوسط | 6.1 |
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A re…
|
— | مارس 26, 2026 |
| CVE-2025-55266 | متوسط | 5.9 |
HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carr…
|
— | مارس 26, 2026 |
| CVE-2026-28298 | متوسط | 5.9 |
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when…
|
— | مارس 26, 2026 |
| CVE-2026-4830 | متوسط | 5.6 |
A vulnerability was identified in kalcaddle kodbox 1.64. This issue affects the function Add of the file app/controller/…
|
— | مارس 26, 2026 |
| CVE-2018-25215 | متوسط | 5.5 |
Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cau…
|
— | مارس 26, 2026 |
| CVE-2019-25649 | متوسط | 5.5 |
River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allow…
|
— | مارس 26, 2026 |
| CVE-2026-4897 | متوسط | 5.5 |
A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to th…
|
— | مارس 26, 2026 |
| CVE-2026-33915 | متوسط | 5.4 |
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to versio…
|
✅ Patch | مارس 26, 2026 |
| CVE-2026-4335 | متوسط | 5.4 |
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the attachment post…
|
— | مارس 26, 2026 |
| CVE-2026-4281 | متوسط | 5.3 |
The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to Missing Authorization in all versions up t…
|
— | مارس 26, 2026 |
| CVE-2026-4900 | متوسط | 5.3 |
A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the fil…
|
— | مارس 26, 2026 |
| CVE-2025-14917 | متوسط | 6.7 |
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could prov…
|
— | مارس 25, 2026 |
| CVE-2025-14790 | متوسط | 6.5 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due …
|
— | مارس 25, 2026 |
| CVE-2025-14807 | متوسط | 6.5 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to HTTP header injection, caused by improper v…
|
— | مارس 25, 2026 |
| CVE-2025-14915 | متوسط | 6.5 |
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affecte…
|
— | مارس 25, 2026 |
| CVE-2026-1014 | متوسط | 6.5 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON …
|
— | مارس 25, 2026 |
| CVE-2026-20083 | متوسط | 6.5 |
A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, …
|
— | مارس 25, 2026 |