🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2025-64438 | مرتفع | 7.5 |
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group
). …
|
✅ Patch | فبراير 3, 2026 |
| CVE-2025-8590 | مرتفع | 7.5 |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software Technology R&D Industry and Tr…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-21862 | مرتفع | 7.5 |
RustFS is a distributed object storage system built in Rust. Prior to version alpha.78, IP-based access control can be b…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-24762 | مرتفع | 7.5 |
RustFS is a distributed object storage system built in Rust. From versions alpha.13 to alpha.81, RustFS logs sensitive c…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-25235 | مرتفع | 7.5 |
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, predictable verificati…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-25239 | مرتفع | 7.5 |
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulner…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-24052 | مرتفع | 7.4 |
Claude Code is an agentic coding tool. Prior to version 1.0.111, Claude Code contained insufficient URL validation in it…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-1802 | مرتفع | 7.3 |
A security flaw has been discovered in Ziroom ZHOME A0101 1.0.1.0. This issue affects the function macAddrClone of the f…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2020-37084 | مرتفع | 7.2 |
School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitr…
|
⚡ Exploit ✅ Patch | فبراير 3, 2026 |
| CVE-2025-58382 | مرتفع | 7.2 |
A vulnerability in the secure configuration of authentication and
management services in Brocade Fabric OS before Fabri…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2025-58383 | مرتفع | 7.2 |
A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-0617 | مرتفع | 7.2 |
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-S…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-1065 | مرتفع | 7.2 |
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and inc…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2020-37081 | مرتفع | 7.1 |
Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calend…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2020-37105 | مرتفع | 7.1 |
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2020-37108 | مرتفع | 7.1 |
PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of product_detail.php that allows r…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-1058 | مرتفع | 7.1 |
The Form Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via hidden field values in all versions…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2022-50975 | مرتفع | 8.8 |
An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2024-5386 | مرتفع | 8.8 |
In lunary-ai/lunary version 1.2.2, an account hijacking vulnerability exists due to a password reset token leak. A user …
|
⚡ Exploit ✅ Patch | فبراير 2, 2026 |
| CVE-2026-25134 | مرتفع | 8.8 |
Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5…
|
⚡ Exploit ✅ Patch | فبراير 2, 2026 |