سامي
سامي الغامدي
مستشار Fyntralink · متاح الآن
مدعوم بالذكاء الاصطناعي · Fyntralink
0536890919 info@fyntralink.com
تغذية مباشرة من NVD & CISA

قاعدة بيانات الثغرات الأمنية CVE Intelligence

بيانات CVE من NVD مع إثراء KEV من CISA وترجمة عربية. المحتوى مبني على المصادر الرسمية فقط.

إعادة ضبط
عرض صفحة 23 من 27 (1330 ثغرة)
CVE ID الشدة CVSS KEV مستغلة؟ تاريخ النشر الملخص
CVE-2026-0488 Critical 9,9 لا 2026-02-10 An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call and execute …
CVE-2026-0486 Medium 5,0 لا 2026-02-10 In ABAP based SAP systems a remote enabled function module does not perform necessary authorization checks for an authenticated user result…
CVE-2026-0485 High 7,5 لا 2026-02-10 SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Manageme…
CVE-2026-0484 Medium 6,5 لا 2026-02-10 Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a speci…
CVE-2026-2258 Medium 4,8 لا 2026-02-10 A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library…
CVE-2026-0845 High 7,2 لا 2026-02-10 The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unau…
CVE-2025-15314 Medium 5,5 لا 2026-02-10 Tanium addressed an arbitrary file deletion vulnerability in end-user-cx.
CVE-2025-15313 Medium 5,5 لا 2026-02-10 Tanium addressed an arbitrary file deletion vulnerability in Tanium EUSS.
CVE-2025-15310 High 7,8 لا 2026-02-10 Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.
CVE-2025-15147 Medium 4,3 لا 2026-02-10 The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object Refe…
CVE-2026-25958 High 7,7 لا 2026-02-10 Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a special…
CVE-2026-25957 Medium 6,5 لا 2026-02-10 Cube is a semantic layer for building data applications. From 1.1.17 to before 1.5.13 and 1.4.2, it is possible to make the entire Cube API…
CVE-2026-25951 High 8,6 لا 2026-02-10 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.11, there is a flaw in the path sanitization logic a…
CVE-2026-25939 Critical 9,3 لا 2026-02-10 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. From 1.2.8 through version 1.2.10, an authorization bypass vulner…
CVE-2026-25938 Critical 9,5 لا 2026-02-10 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. From 1.2.8 through 1.2.10, an authentication bypass vulnerability…
CVE-2026-25934 Medium 4,3 لا 2026-02-10 go-git is a highly extensible git implementation library written in pure Go. Prior to 5.16.5, a vulnerability was discovered in go-git wher…
CVE-2026-25931 High 7,8 لا 2026-02-10 vscode-spell-checker is a basic spell checker that works well with code and documents. Prior to v4.5.4, DocumentSettings._determineIsTruste…
CVE-2026-25895 Critical 9,5 لا 2026-02-10 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. A path traversal vulnerability in FUXA allows an unauthenticated,…
CVE-2026-25894 Critical 9,5 لا 2026-02-10 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An insecure default configuration in FUXA allows an unauthenticat…
CVE-2026-25893 Critical 10,0 لا 2026-02-10 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.10, an authentication bypass vulnerability in FUXA a…
CVE-2025-15319 High 7,8 لا 2026-02-10 Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.
CVE-2025-15318 Medium 5,5 لا 2026-02-10 Tanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools.
CVE-2026-25961 High 7,5 لا 2026-02-10 SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification (…
CVE-2026-25925 High 7,8 لا 2026-02-10 PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vul…
CVE-2026-25923 High 8,7 لا 2026-02-10 my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the app…
CVE-2026-25920 Medium 5,5 لا 2026-02-10 SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, a heap out-of-bounds read vulnerability exists in SumatraPDF's MOBI …
CVE-2026-25918 Medium 5,9 لا 2026-02-10 unity-cli is a command line utility for the Unity Game Engine. Prior to 1.8.2 , the sign-package command in @rage-against-the-pixel/unity-c…
CVE-2026-25892 High 7,5 لا 2026-02-10 Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signe…
CVE-2026-25890 High 8,1 لا 2026-02-10 File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit…
CVE-2026-25889 Medium 5,4 لا 2026-02-10 File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit…
CVE-2026-25885 Critical 10,0 لا 2026-02-10 PolarLearn is a free and open-source learning program. In 0-PRERELEASE-16 and earlier, the group chat WebSocket at wss://polarlearn.nl/api/…
CVE-2026-25881 Critical 9,0 لا 2026-02-10 SandboxJS is a JavaScript sandboxing library. Prior to 0.8.31, a sandbox escape vulnerability allows sandboxed code to mutate host built-in…
CVE-2026-25880 High 7,8 لا 2026-02-10 SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary (explorer.exe)…
CVE-2026-25875 Critical 9,3 لا 2026-02-10 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts…
CVE-2026-25814 Critical 9,3 لا 2026-02-10 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query parameters are pass…
CVE-2026-25813 High 8,7 لا 2026-02-10 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive dat…
CVE-2026-25812 Critical 9,3 لا 2026-02-10 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application enables credentialed CORS…
CVE-2026-25811 Medium 5,3 لا 2026-02-10 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application derives the tenant identi…
CVE-2026-25808 High 7,5 لا 2026-02-10 Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Prior to 0.6.20 and 0.7.2, there is a…
CVE-2026-25807 High 8,8 لا 2026-02-10 ZAI Shell is an autonomous SysOps agent designed to navigate, repair, and secure complex environments. Prior to 9.0.3, the P2P terminal sha…
CVE-2025-15317 Medium 6,5 لا 2026-02-10 Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server.
CVE-2025-15316 Medium 6,7 لا 2026-02-10 Tanium addressed a local privilege escalation vulnerability in Tanium Server.
CVE-2025-15315 Medium 6,7 لا 2026-02-10 Tanium addressed a local privilege escalation vulnerability in Tanium Module Server.
CVE-2026-25878 Medium 6,9 لا 2026-02-10 FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route (/admin/adminer) was accessible without Shopwar…
CVE-2026-25876 Medium 5,3 لا 2026-02-10 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/results.routes.ts …
CVE-2026-25810 Medium 5,3 لا 2026-02-10 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/student.submission…
CVE-2026-25809 Medium 5,3 لا 2026-02-10 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the code evaluation endpoint does not val…
CVE-2026-25806 Medium 5,3 لا 2026-02-10 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT /api/stu…
CVE-2026-25791 High 7,5 لا 2026-02-10 Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.7.0, the DNS C2 listener accepts unauthenticate…
CVE-2026-25765 Medium 5,8 لا 2026-02-10 Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's build_e…