🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-28431 | مرتفع | 7.5 |
Misskey is an open source, federated social media platform. All Misskey servers running versions 8.45.0 and later, but p…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-25167 | مرتفع | 7.4 |
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-25573 | مرتفع | 7.4 |
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application builds shell co…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-25570 | مرتفع | 7.4 |
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK does not perform che…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-25569 | مرتفع | 7.4 |
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). An out-of-bounds write vulnerability exi…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-2364 | مرتفع | 7.3 |
If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low pr…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-1261 | مرتفع | 7.2 |
The MetForm Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Quiz feature in all versions u…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-2724 | مرتفع | 7.2 |
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form entr…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-30958 | مرتفع | 7.2 |
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, an unauthenticated path traversal…
|
⚡ Exploit ✅ Patch | مارس 10, 2026 |
| CVE-2026-25178 | مرتفع | 7.0 |
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loca…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-24285 | مرتفع | 7.0 |
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-25179 | مرتفع | 7.0 |
Improper validation of specified type of input in Windows Ancillary Function Driver for WinSock allows an authorized att…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-24295 | مرتفع | 7.0 |
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Associatio…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-24296 | مرتفع | 7.0 |
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Associatio…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-23671 | مرتفع | 7.0 |
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM P…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-23667 | مرتفع | 7.0 |
Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally.
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-23668 | مرتفع | 7.0 |
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Compon…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-25170 | مرتفع | 7.0 |
Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-25171 | مرتفع | 7.0 |
Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
|
✅ Patch | مارس 10, 2026 |
| CVE-2025-52468 | مرتفع | 8.8 |
Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importi…
|
⚡ Exploit ✅ Patch | مارس 2, 2026 |