🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2020-36989 | مرتفع | 7.8 |
ForensiT AppX Management Service 2.2.0.4 contains an unquoted service path vulnerability that allows local users to pote…
|
✅ Patch | يناير 28, 2026 |
| CVE-2020-36990 | مرتفع | 7.8 |
Input Director 1.4.3 contains an unquoted service path vulnerability in its Windows service configuration that allows lo…
|
✅ Patch | يناير 28, 2026 |
| CVE-2020-36991 | مرتفع | 7.8 |
ShareMouse 5.0.43 contains an unquoted service path vulnerability that allows local users to potentially execute arbitra…
|
✅ Patch | يناير 28, 2026 |
| CVE-2020-36992 | مرتفع | 7.8 |
Nord VPN 6.31.13.0 contains an unquoted service path vulnerability in its nordvpn-service that allows local attackers to…
|
✅ Patch | يناير 28, 2026 |
| CVE-2025-59895 | مرتفع | 7.5 |
Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service (DoS) vulne…
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-0702 | مرتفع | 7.5 |
The VidShop – Shoppable Videos for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the 'f…
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-1280 | مرتفع | 7.5 |
The Frontend File Manager Plugin for WordPress is vulnerable to unauthorized file sharing due to a missing capability ch…
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-23743 | مرتفع | 7.5 |
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, permali…
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-0832 | مرتفع | 7.3 |
The New User Approve plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a…
|
✅ Patch | يناير 28, 2026 |
| CVE-2025-14610 | مرتفع | 7.2 |
The TableMaster for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, a…
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-1400 | مرتفع | 7.2 |
The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads …
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-1505 | مرتفع | 7.2 |
A vulnerability was found in D-Link DIR-615 4.10. This issue affects some unknown processing of the file /set_temp_nodes…
|
⚡ Exploit ✅ Patch | يناير 28, 2026 |
| CVE-2026-1506 | مرتفع | 7.2 |
A vulnerability was determined in D-Link DIR-615 4.10. Impacted is an unknown function of the file /adv_mac_filter.php o…
|
⚡ Exploit ✅ Patch | يناير 28, 2026 |
| CVE-2020-36938 | مرتفع | 8.8 |
WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system …
|
✅ Patch | يناير 27, 2026 |
| CVE-2020-36942 | مرتفع | 8.8 |
Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files throug…
|
⚡ Exploit ✅ Patch | يناير 27, 2026 |
| CVE-2025-41726 | مرتفع | 8.8 |
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the…
|
✅ Patch | يناير 27, 2026 |
| CVE-2026-24345 | مرتفع | 8.8 |
Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization che…
|
✅ Patch | يناير 27, 2026 |
| CVE-2026-24486 | مرتفع | 8.6 |
Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exi…
|
⚡ Exploit ✅ Patch | يناير 27, 2026 |
| CVE-2026-24882 | مرتفع | 8.4 |
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for …
|
⚡ Exploit ✅ Patch | يناير 27, 2026 |
| CVE-2020-36951 | مرتفع | 8.2 |
Phpscript-sgh 0.1.0 contains a time-based blind SQL injection vulnerability in the admin interface that allows attackers…
|
✅ Patch | يناير 27, 2026 |