🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2020-11978	Apache Airflow Command Injection — A remote code/command injectio… Apache Airflow Command Injection — A remote code/command injection vulnerability was discovered in o…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2020-13671	Drupal core Un-restricted Upload of File — Improper sanitization … Drupal core Un-restricted Upload of File — Improper sanitization in the extension file names is pres…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2020-13927	Apache Airflow's Experimental API Authentication Bypass — The pre… Apache Airflow's Experimental API Authentication Bypass — The previous default setting for Airflow's…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2020-14864	Oracle Business Intelligence Enterprise Edition Path Transversal … Oracle Business Intelligence Enterprise Edition Path Transversal — Path traversal vulnerability, whe…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2021-21315	System Information Library for Node.JS Command Injection — In thi… System Information Library for Node.JS Command Injection — In this vulnerability, an attacker can se…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2021-21975	VMware Server Side Request Forgery in vRealize Operations Manager… VMware Server Side Request Forgery in vRealize Operations Manager API — Server Side Request Forgery …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2021-22991	F5 BIG-IP Traffic Management Microkernel Buffer Overflow — The Tr… F5 BIG-IP Traffic Management Microkernel Buffer Overflow — The Traffic Management Microkernel of BIG…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2021-25296	Nagios XI OS Command Injection — Nagios XI contains a vulnerabili… Nagios XI OS Command Injection — Nagios XI contains a vulnerability which can lead to OS command inj…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2021-25297	Nagios XI OS Command Injection — Nagios XI contains a vulnerabili… Nagios XI OS Command Injection — Nagios XI contains a vulnerability which can lead to OS command inj…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2021-25298	Nagios XI OS Command Injection — Nagios XI contains a vulnerabili… Nagios XI OS Command Injection — Nagios XI contains a vulnerability which can lead to OS command inj…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2021-32648	October CMS Improper Authentication — In affected versions of the… October CMS Improper Authentication — In affected versions of the october/system package an attacker…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2021-33766	Microsoft Exchange Server Information Disclosure — Microsoft Exch… Microsoft Exchange Server Information Disclosure — Microsoft Exchange Server contains an information…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2021-40870	Aviatrix Controller Unrestricted Upload of File — Unrestricted up… Aviatrix Controller Unrestricted Upload of File — Unrestricted upload of a file with a dangerous typ…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 18, 2022
CVE-2019-7609	Kibana Arbitrary Code Execution — Kibana contain an arbitrary cod… Kibana Arbitrary Code Execution — Kibana contain an arbitrary code execution flaw in the Timelion vi…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2019-9670	Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of … Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference — Syn…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2020-6572	Google Chrome Media Use-After-Free Vulnerability — Google Chrome … Google Chrome Media Use-After-Free Vulnerability — Google Chrome Media contains a use-after-free vul…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2021-22017	VMware vCenter Server Improper Access Control — Rhttproxy as used… VMware vCenter Server Improper Access Control — Rhttproxy as used in vCenter Server contains a vulne…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2021-27860	FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit — A v… FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit — A vulnerability in the web management …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2021-36260	Hikvision Improper Input Validation — A command injection vulnera… Hikvision Improper Input Validation — A command injection vulnerability in the web server of some Hi…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2013-3900	Microsoft WinVerifyTrust Authenticode Signature Verification Remo… Microsoft WinVerifyTrust function Remote Code Execution — A remote code execution vulnerability exis…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2015-7450	IBM WebSphere Application Server and Server Hypervisor Edition Co… IBM WebSphere Application Server and Server Hypervisor Edition Code Injection. — Serialized-object i…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2017-1000486	Primetek Primefaces Remote Code Execution Vulnerability — Primete… Primetek Primefaces Remote Code Execution Vulnerability — Primetek Primefaces is vulnerable to a wea…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2018-13382	Fortinet FortiOS and FortiProxy Improper Authorization — An Impro… Fortinet FortiOS and FortiProxy Improper Authorization — An Improper Authorization vulnerability in …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2018-13383	Fortinet FortiOS and FortiProxy Out-of-bounds Write — A heap buff… Fortinet FortiOS and FortiProxy Out-of-bounds Write — A heap buffer overflow in Fortinet FortiOS and…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022
CVE-2019-10149	Exim Mail Transfer Agent (MTA) Improper Input Validation — Improp… Exim Mail Transfer Agent (MTA) Improper Input Validation — Improper validation of recipient address …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 10, 2022

← 1…48 49 50 51 52…63 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,831 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8