🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-21986 | مرتفع | 7.1 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…
|
✅ Patch | يناير 20, 2026 |
| CVE-2026-21939 | مرتفع | 7.0 |
Vulnerability in the SQLcl component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.0…
|
✅ Patch | يناير 20, 2026 |
| CVE-2026-1137 | مرتفع | 8.8 |
A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /gof…
|
⚡ Exploit ✅ Patch | يناير 19, 2026 |
| CVE-2026-1138 | مرتفع | 8.8 |
A flaw has been found in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/ConfigExceptQQ. …
|
⚡ Exploit ✅ Patch | يناير 19, 2026 |
| CVE-2026-1139 | مرتفع | 8.8 |
A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /…
|
⚡ Exploit ✅ Patch | يناير 19, 2026 |
| CVE-2026-1140 | مرتفع | 8.8 |
A vulnerability was found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/Config…
|
⚡ Exploit ✅ Patch | يناير 19, 2026 |
| CVE-2025-68616 | مرتفع | 7.5 |
WeasyPrint helps web developers to create PDF documents. Prior to version 68.0, a server-side request forgery (SSRF) pro…
|
⚡ Exploit ✅ Patch | يناير 19, 2026 |
| CVE-2026-23732 | مرتفع | 7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts `cbDa…
|
⚡ Exploit ✅ Patch | يناير 19, 2026 |
| CVE-2026-23850 | مرتفع | 7.5 |
SiYuan is a personal knowledge management system. In versions prior to 3.5.4, the markdown feature allows unrestricted s…
|
⚡ Exploit ✅ Patch | يناير 19, 2026 |
| CVE-2026-1192 | مرتفع | 7.3 |
A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unkn…
|
⚡ Exploit ✅ Patch | يناير 19, 2026 |
| CVE-2026-23644 | مرتفع | 7.5 |
esm.sh is a no-build content delivery network (CDN) for web development. Prior to Go pseeudoversion 0.0.0-20260116051925…
|
⚡ Exploit ✅ Patch | يناير 18, 2026 |
| CVE-2025-14478 | مرتفع | 7.5 |
The Demo Importer Plus plugin for WordPress is vulnerable to XML External Entity Injection (XXE) in all versions up to, …
|
✅ Patch | يناير 17, 2026 |
| CVE-2026-0517 | مرتفع | 7.5 |
CVE-2026-0517 is a denial-of-service vulnerability in versions of Secure
Access Server prior to 14.20. An attacker can …
|
✅ Patch | يناير 17, 2026 |
| CVE-2021-47794 | مرتفع | 8.8 |
ZesleCP 3.1.9 contains an authenticated remote code execution vulnerability that allows attackers to create malicious FT…
|
⚡ Exploit ✅ Patch | يناير 16, 2026 |
| CVE-2021-47816 | مرتفع | 8.8 |
Thecus N4800Eco NAS Server Control Panel contains a command injection vulnerability that allows authenticated attackers …
|
✅ Patch | يناير 16, 2026 |
| CVE-2025-12957 | مرتفع | 8.8 |
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and incl…
|
✅ Patch | يناير 16, 2026 |
| CVE-2026-21625 | مرتفع | 8.8 |
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by …
|
✅ Patch | يناير 16, 2026 |
| CVE-2021-47756 | مرتفع | 8.4 |
Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the…
|
✅ Patch | يناير 16, 2026 |
| CVE-2025-61943 | مرتفع | 8.4 |
The vulnerability, if exploited, could allow an authenticated miscreant
(Process Optimization Standard User) to tamper …
|
✅ Patch | يناير 16, 2026 |
| CVE-2021-47782 | مرتفع | 8.2 |
Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API endpoint that allows remot…
|
✅ Patch | يناير 16, 2026 |