🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2020-37215 | مرتفع | 7.5 |
MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the applica…
|
✅ Patch | فبراير 11, 2026 |
| CVE-2025-57713 | مرتفع | 7.5 |
A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit th…
|
✅ Patch | فبراير 11, 2026 |
| CVE-2026-1669 | مرتفع | 7.5 |
Arbitrary file read in the model loading mechanism (HDF5 integration) in Keras versions 3.0.0 through 3.13.1 on all supp…
|
✅ Patch | فبراير 11, 2026 |
| CVE-2026-25869 | مرتفع | 7.5 |
MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The app…
|
✅ Patch | فبراير 11, 2026 |
| CVE-2026-25990 | مرتفع | 7.5 |
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a …
|
✅ Patch | فبراير 11, 2026 |
| CVE-2025-14541 | مرتفع | 7.2 |
The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and includin…
|
✅ Patch | فبراير 11, 2026 |
| CVE-2025-15440 | مرتفع | 7.2 |
The iONE360 configurator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Form Paramet…
|
✅ Patch | فبراير 11, 2026 |
| CVE-2026-20617 | مرتفع | 7.0 |
A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe…
|
✅ Patch | فبراير 11, 2026 |
| CVE-2026-26157 | مرتفع | 7.0 |
A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craf…
|
✅ Patch | فبراير 11, 2026 |
| CVE-2026-26158 | مرتفع | 7.0 |
A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction di…
|
✅ Patch | فبراير 11, 2026 |
| CVE-2025-7347 | مرتفع | 8.8 |
Authorization Bypass Through User-Controlled Key vulnerability in Dinibh Puzzle Software Solutions Dinibh Patrol Trackin…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2025-7636 | مرتفع | 8.8 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ergosis Security S…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-0652 | مرتفع | 8.8 |
On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters …
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-2094 | مرتفع | 8.8 |
Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbi…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-2097 | مرتفع | 8.8 |
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to u…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-21256 | مرتفع | 8.8 |
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio …
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-21516 | مرتفع | 8.8 |
Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthor…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-21537 | مرتفع | 8.8 |
Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacke…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-23687 | مرتفع | 8.8 |
SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtai…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2025-6967 | مرتفع | 8.7 |
Execution After Redirect (EAR) vulnerability in Sarman Soft Software and Technology Services Industry and Trade Ltd. Co.…
|
✅ Patch | فبراير 10, 2026 |