سامي
سامي الغامدي
مستشار Fyntralink · متاح الآن
مدعوم بالذكاء الاصطناعي · Fyntralink
0536890919 info@fyntralink.com
تغذية مباشرة من NVD & CISA

قاعدة بيانات الثغرات الأمنية CVE Intelligence

بيانات CVE من NVD مع إثراء KEV من CISA وترجمة عربية. المحتوى مبني على المصادر الرسمية فقط.

إعادة ضبط
عرض صفحة 17 من 27 (1330 ثغرة)
CVE ID الشدة CVSS KEV مستغلة؟ تاريخ النشر الملخص
CVE-2026-26042 N/A لا 2026-02-11 Rejected reason: Not used
CVE-2026-26041 N/A لا 2026-02-11 Rejected reason: Not used
CVE-2026-26040 N/A لا 2026-02-11 Rejected reason: Not used
CVE-2026-26039 N/A لا 2026-02-11 Rejected reason: Not used
CVE-2026-26038 N/A لا 2026-02-11 Rejected reason: Not used
CVE-2026-26037 N/A لا 2026-02-11 Rejected reason: Not used
CVE-2026-26036 N/A لا 2026-02-11 Rejected reason: Not used
CVE-2026-1893 Medium 6,4 لا 2026-02-11 The Orbisius Random Name Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btn_label' parameter in the '…
CVE-2026-1231 Medium 6,4 لا 2026-02-11 The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `…
CVE-2025-15524 Medium 4,3 لا 2026-02-11 The Gallery by FooGallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax_g…
CVE-2025-14541 High 7,2 لا 2026-02-11 The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.22 via the c…
CVE-2025-13431 Medium 6,5 لا 2026-02-11 The SlimStat Analytics plugin for WordPress is vulnerable to time-based SQL Injection via the ‘args’ parameter in all versions up to, and i…
CVE-2026-1571 Medium 5,3 لا 2026-02-11 User-controlled input is reflected into the HTML output without proper encoding on TP-Link Archer C60 v3, allowing arbitrary JavaScript exe…
CVE-2026-25872 Medium 6,9 لا 2026-02-11 JUNG Smart Panel KNX firmware version L1.12.22 and prior contain an unauthenticated path traversal vulnerability in the embedded web interf…
CVE-2026-25870 Medium 6,9 لا 2026-02-11 DoraCMS version 3.1 and prior contains a server-side request forgery (SSRF) vulnerability in its UEditor remote image fetch functionality. …
CVE-2026-25251 N/A لا 2026-02-11 Rejected reason: This has been moved to the REJECTED state because the information source is under review. If circumstances change, it is p…
CVE-2026-26013 Low 3,7 لا 2026-02-11 LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.get_num_tokens_from_messages() m…
CVE-2026-26007 High 8,2 لا 2026-02-11 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the public_key_fro…
CVE-2026-26006 Medium 6,5 لا 2026-02-11 AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workf…
CVE-2026-1507 High 8,7 لا 2026-02-11 The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI servic…
CVE-2026-1495 Medium 5,7 لا 2026-02-11 The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including…
CVE-2025-12699 Medium 6,7 لا 2026-02-11 The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields (run numbe…
CVE-2026-2303 Medium 6,9 لا 2026-02-10 The mongo-go-driver repository contains CGo bindings for GSSAPI (Kerberos) authentication on Linux and macOS. The C wrapper implementation …
CVE-2026-21349 High 7,8 لا 2026-02-10 Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execut…
CVE-2026-21348 Medium 5,5 لا 2026-02-10 Substance3D - Modeler versions 1.22.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. A…
CVE-2026-1763 Medium 4,6 لا 2026-02-10 Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions.
CVE-2026-1762 Low 2,9 لا 2026-02-10 A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions.
CVE-2025-54514 Medium 4,8 لا 2026-02-10 Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a…
CVE-2025-52536 Medium 6,7 لا 2026-02-10 Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting …
CVE-2025-52534 Medium 5,3 لا 2026-02-10 Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integri…
CVE-2025-48517 Medium 4,6 لا 2026-02-10 Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES gue…
CVE-2025-48515 Medium 5,4 لا 2026-02-10 Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to over…
CVE-2025-48514 Medium 4,0 لا 2026-02-10 Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, po…
CVE-2025-48509 Low 1,8 لا 2026-02-10 Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of…
CVE-2025-29952 Medium 5,9 لا 2026-02-10 Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP…
CVE-2025-29951 High 7,3 لا 2026-02-10 A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privil…
CVE-2025-29950 High 7,1 لا 2026-02-10 Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary …
CVE-2025-29949 Medium 4,8 لا 2026-02-10 Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to …
CVE-2025-29948 Medium 5,9 لا 2026-02-10 Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections,…
CVE-2025-29946 Medium 4,5 لا 2026-02-10 Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a los…
CVE-2025-29939 Medium 6,9 لا 2026-02-10 Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) d…
CVE-2025-0031 Medium 4,6 لا 2026-02-10 A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a diff…
CVE-2025-0029 Low 1,8 لا 2026-02-10 Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writ…
CVE-2025-0012 Medium 6,8 لا 2026-02-10 Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged…
CVE-2024-36355 High 7,0 لا 2026-02-10 Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (…
CVE-2024-36311 Medium 4,6 لا 2026-02-10 A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input vali…
CVE-2024-36310 Medium 4,6 لا 2026-02-10 Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to S…
CVE-2024-21953 Medium 5,9 لا 2026-02-10 Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integr…
CVE-2021-26410 Low 1,8 لا 2026-02-10 Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own mem…
CVE-2021-26381 High 7,1 لا 2026-02-10 Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a la…