🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-23755 | مرتفع | 7.3 |
D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When ex…
|
✅ Patch | يناير 21, 2026 |
| CVE-2021-47855 | مرتفع | 7.2 |
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows …
|
✅ Patch | يناير 21, 2026 |
| CVE-2021-47857 | مرتفع | 7.2 |
Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows …
|
✅ Patch | يناير 21, 2026 |
| CVE-2021-47858 | مرتفع | 7.2 |
Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter …
|
✅ Patch | يناير 21, 2026 |
| CVE-2021-47873 | مرتفع | 7.2 |
VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that a…
|
✅ Patch | يناير 21, 2026 |
| CVE-2021-47872 | مرتفع | 7.1 |
SEO Panel versions prior to 4.9.0 contain a blind SQL injection vulnerability in the archive.php page that allows authen…
|
✅ Patch | يناير 21, 2026 |
| CVE-2026-23986 | مرتفع | 7.1 |
Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe…
|
⚡ Exploit ✅ Patch | يناير 21, 2026 |
| CVE-2025-15347 | مرتفع | 8.8 |
The Creator LMS – The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modific…
|
✅ Patch | يناير 20, 2026 |
| CVE-2025-33015 | مرتفع | 8.8 |
IBM Concert 1.0.0 through 2.1.0 is vulnerable to malicious file upload by not validating the content of the file uploade…
|
✅ Patch | يناير 20, 2026 |
| CVE-2026-21967 | مرتفع | 8.6 |
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). …
|
✅ Patch | يناير 20, 2026 |
| CVE-2025-12985 | مرتفع | 8.4 |
IBM Licensing Operator incorrectly assigns privileges to security critical files which could allow a local root escalati…
|
✅ Patch | يناير 20, 2026 |
| CVE-2025-14115 | مرتفع | 8.4 |
IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Inte…
|
✅ Patch | يناير 20, 2026 |
| CVE-2026-21987 | مرتفع | 8.2 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…
|
✅ Patch | يناير 20, 2026 |
| CVE-2026-21988 | مرتفع | 8.2 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…
|
✅ Patch | يناير 20, 2026 |
| CVE-2026-21990 | مرتفع | 8.2 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…
|
✅ Patch | يناير 20, 2026 |
| CVE-2025-14977 | مرتفع | 8.1 |
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPr…
|
✅ Patch | يناير 20, 2026 |
| CVE-2026-0726 | مرتفع | 8.1 |
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versi…
|
✅ Patch | يناير 20, 2026 |
| CVE-2026-21973 | مرتفع | 8.1 |
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Se…
|
✅ Patch | يناير 20, 2026 |
| CVE-2026-21989 | مرتفع | 8.1 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…
|
✅ Patch | يناير 20, 2026 |
| CVE-2026-22219 | مرتفع | 7.7 |
Chainlit versions prior to 2.9.4 contain a server-side request forgery (SSRF) vulnerability in the /project/element upda…
|
⚡ Exploit ✅ Patch | يناير 20, 2026 |