سامي
سامي الغامدي
مستشار Fyntralink · متاح الآن
مدعوم بالذكاء الاصطناعي · Fyntralink
0536890919 info@fyntralink.com
تغذية مباشرة من NVD & CISA

قاعدة بيانات الثغرات الأمنية CVE Intelligence

بيانات CVE من NVD مع إثراء KEV من CISA وترجمة عربية. المحتوى مبني على المصادر الرسمية فقط.

إعادة ضبط
عرض صفحة 14 من 27 (1330 ثغرة)
CVE ID الشدة CVSS KEV مستغلة؟ تاريخ النشر الملخص
CVE-2026-2361 High 8,0 لا 2026-02-11 PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a func…
CVE-2026-2360 High 8,0 لا 2026-02-11 PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public …
CVE-2026-0229 Medium 6,6 لا 2026-02-11 A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unaut…
CVE-2026-0228 Low 1,3 لا 2026-02-11 An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expire…
CVE-2025-70085 Critical 9,8 لا 2026-02-11 An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two file…
CVE-2025-70084 High 7,5 لا 2026-02-11 Directory traversal vulnerability in OpenSatKit 2.2.1 allows attackers to gain access to sensitive information or delete arbitrary files vi…
CVE-2025-70083 High 7,8 لا 2026-02-11 An issue was discovered in OpenSatKit 2.2.1. The DirName field in the telecommand is provided by the ground segment and must be treated as …
CVE-2025-70029 High 7,5 لا 2026-02-11 An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certific…
CVE-2025-69874 Critical 9,8 لا 2026-02-11 nanotar through 0.2.0 has a path traversal vulnerability in parseTar() and parseTarGzip() that allows remote attackers to write arbitrary f…
CVE-2025-65480 High 8,8 لا 2026-02-11 An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are e…
CVE-2025-65128 Critical 9,1 لا 2026-02-11 A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauth…
CVE-2026-25084 Critical 9,3 لا 2026-02-11 Authentication for ZLAN5143D can be bypassed by directly accessing internal URLs.
CVE-2026-24789 Critical 9,3 لا 2026-02-11 An unprotected API endpoint allows an attacker to remotely change the device password without providing authentication.
CVE-2025-65127 High 7,5 لا 2026-02-11 A lack of session validation in the web API component of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote unauthenticated a…
CVE-2025-13391 Medium 5,8 لا 2026-02-11 The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) plugin for WordPress is vulnerable to unauthorized l…
CVE-2026-25869 Medium 6,9 لا 2026-02-11 MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The application appends us…
CVE-2026-25868 Medium 5,1 لا 2026-02-11 MiniGal Nano version 0.3.5 and prior contain a reflected cross-site scripting (XSS) vulnerability in index.php via the dir parameter. The a…
CVE-2026-1837 High 8,7 لا 2026-02-11 A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from anot…
CVE-2025-64075 Critical 10,0 لا 2026-02-11 A path traversal vulnerability in the check_token function of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote attackers to…
CVE-2025-12474 Low 2,3 لا 2026-02-11 A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causi…
CVE-2026-2345 Low 3,6 لا 2026-02-11 Proctorio Chrome Extension is a browser extension used for online proctoring. The extension contains multiple window.addEventListener('mess…
CVE-2026-2344 High 8,6 لا 2026-02-11 A vulnerability in Plunet Plunet BusinessManager allows unauthorized actions being performed on behalf of privileged users.This issue affec…
CVE-2026-2250 High 7,5 لا 2026-02-11 The /dbviewer/ web endpoint in METIS WIC devices is exposed without authentication. A remote attacker can access and export the internal te…
CVE-2026-2249 Critical 9,8 لا 2026-02-11 METIS DFS devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. …
CVE-2026-2248 Critical 9,8 لا 2026-02-11 METIS WIC devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. …
CVE-2025-61969 High 7,0 لا 2026-02-11 Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially result…
CVE-2025-52541 High 7,3 لا 2026-02-11 A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary co…
CVE-2025-48518 Medium 6,9 لا 2026-02-11 Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of inte…
CVE-2025-48508 Medium 6,0 لا 2026-02-11 Improper Hardware reset flow logic in the GPU GFX Hardware IP block could allow a privileged attacker in a guest virtual machine to control…
CVE-2025-48503 High 7,8 لا 2026-02-11 A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting i…
CVE-2025-12059 Critical 9,8 لا 2026-02-11 Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo…
CVE-2024-36324 High 8,8 لا 2026-02-11 Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbi…
CVE-2024-36320 High 7,0 لا 2026-02-11 Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentia…
CVE-2024-36316 Medium 5,5 لا 2026-02-11 The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a deni…
CVE-2023-31324 High 7,1 لا 2026-02-11 A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Mem…
CVE-2023-20548 High 7,1 لا 2026-02-11 A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting i…
CVE-2023-20514 High 8,7 لا 2026-02-11 Improper handling of parameters in the AMD Secure Processor (ASP) could allow a privileged attacker to pass an arbitrary memory value to fu…
CVE-2019-25317 Medium 5,1 لا 2026-02-11 Kimai 2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into timesheet descripti…
CVE-2019-25316 Medium 5,1 لا 2026-02-11 GOautodial 4.0 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts thr…
CVE-2019-25315 Medium 5,1 لا 2026-02-11 WordPress Server Log Viewer 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts …
CVE-2019-25314 Medium 4,8 لا 2026-02-11 Yoast Duplicate-Post WordPress Plugin 3.2.3 contains a persistent cross-site scripting vulnerability in plugin settings parameters. Attacke…
CVE-2019-25312 Medium 5,1 لا 2026-02-11 InoERP 0.7.2 contains a persistent cross-site scripting vulnerability in the comment section that allows unauthenticated attackers to injec…
CVE-2019-25311 Medium 5,1 لا 2026-02-11 thesystem version 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through mu…
CVE-2019-25310 High 8,5 لا 2026-02-11 ActiveFax Server 6.92 Build 0316 contains an unquoted service path vulnerability in the ActiveFaxServiceNT service that allows local attack…
CVE-2019-25309 High 8,5 لا 2026-02-11 Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitr…
CVE-2019-25308 High 8,5 لا 2026-02-11 Mikogo 5.2.2.150317 contains an unquoted service path vulnerability in the Mikogo-Service Windows service configuration. Attackers can expl…
CVE-2019-25307 High 8,5 لا 2026-02-11 WorkgroupMail 7.5.1 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to pot…
CVE-2019-25306 High 8,5 لا 2026-02-11 BlackMoon FTP Server 3.1.2.1731 contains an unquoted service path vulnerability that allows local users to potentially execute code with el…
CVE-2018-25157 Medium 5,1 لا 2026-02-11 Phraseanet 4.0.3 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through c…
CVE-2026-2337 High 8,7 لا 2026-02-11 A vulnerability in Plunet Plunet BusinessManager allows session hijacking, data theft, unauthorized actions on behalf of the user.This issu…