سامي
سامي الغامدي
مستشار Fyntralink · متاح الآن
مدعوم بالذكاء الاصطناعي · Fyntralink
0536890919 info@fyntralink.com
تغذية مباشرة من NVD & CISA

قاعدة بيانات الثغرات الأمنية CVE Intelligence

بيانات CVE من NVD مع إثراء KEV من CISA وترجمة عربية. المحتوى مبني على المصادر الرسمية فقط.

إعادة ضبط
عرض صفحة 24 من 27 (1330 ثغرة)
CVE ID الشدة CVSS KEV مستغلة؟ تاريخ النشر الملخص
CVE-2026-25761 High 8,8 لا 2026-02-10 Super-linter is a combination of multiple linters to run as a GitHub Action or standalone. From 6.0.0 to 8.3.0, the Super-linter GitHub Act…
CVE-2026-25740 Medium 5,8 لا 2026-02-10 captive browser, a dedicated Chrome instance to log into captive portals without messing with DNS settings. In 25.05 and earlier, when prog…
CVE-2026-25639 High 7,5 لا 2026-02-10 Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.13.5, the mergeConfig function in axios crashes with a TypeErr…
CVE-2026-25528 Medium 5,8 لا 2026-02-10 LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. The LangSmith SDK's distributed tracing feature is vulnera…
CVE-2026-2246 Medium 4,8 لا 2026-02-09 A security vulnerability has been detected in AprilRobotics apriltag up to 3.4.5. Affected by this vulnerability is the function apriltag_d…
CVE-2026-2245 Medium 4,8 لا 2026-02-09 A vulnerability was identified in CCExtractor up to 183. This affects the function parse_PAT/parse_PMT in the library src/lib_ccx/ts_tables…
CVE-2026-25598 Medium 6,3 لا 2026-02-09 Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has be…
CVE-2026-25498 High 8,6 لا 2026-02-09 Craft is a platform for creating digital experiences. In versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, a Remote Code Exe…
CVE-2026-25497 High 8,6 لا 2026-02-09 Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a…
CVE-2026-25496 Medium 4,8 لا 2026-02-09 Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, a stored XS…
CVE-2026-25495 High 8,7 لا 2026-02-09 Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the element…
CVE-2026-25494 Medium 6,9 لا 2026-02-09 Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAss…
CVE-2026-25493 Medium 6,9 لا 2026-02-09 Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAss…
CVE-2026-25492 Medium 5,3 لا 2026-02-09 Craft CMS is a content management system. In Craft versions 3.5.0 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the save_images_Asset Graph…
CVE-2026-25491 Low 1,9 لا 2026-02-09 Craft is a platform for creating digital experiences. From 5.0.0-RC1 to 5.8.21, Craft has a stored XSS via Entry Type names. The name is no…
CVE-2026-25480 Medium 6,5 لا 2026-02-09 Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.20.0, FileStore maps cache keys to filenames using Unicod…
CVE-2026-25479 Medium 6,5 لا 2026-02-09 Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.20.0, in litestar.middleware.allowed_hosts, allowlist ent…
CVE-2026-25478 High 7,4 لا 2026-02-09 Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.20.0, CORSConfig.allowed_origins_regex is constructed usi…
CVE-2026-25231 High 7,5 لا 2026-02-09 FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 3.3.0, the application contains an unauthenticated file read …
CVE-2026-25230 Medium 4,6 لا 2026-02-09 FileRise is a self-hosted web file manager / WebDAV server. Prior to 3.3.0, an HTML Injection vulnerability allows an authenticated user to…
CVE-2026-25057 Critical 9,1 لا 2026-02-09 MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip fil…
CVE-2026-24900 Medium 6,5 لا 2026-02-09 MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, the courses/<:course_id>/assignments/<:a…
CVE-2026-1529 High 8,1 لا 2026-02-09 A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitim…
CVE-2026-1486 High 8,8 لا 2026-02-09 A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fails to verify if an Identity Pr…
CVE-2025-14778 Medium 5,4 لا 2026-02-09 A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection …
CVE-2026-24777 Medium 6,7 لا 2026-02-09 OpenProject is an open-source, web-based project management software. Prior to 17.0.2, users with the Manage Users permission can lock and …
CVE-2026-24684 High 8,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs …
CVE-2026-24683 High 8,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. ainput_send_input_event caches channel_callback in a local variable and la…
CVE-2026-24682 High 8,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audin_server_recv_formats frees an incorrect number of au…
CVE-2026-24681 High 8,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed c…
CVE-2026-24680 High 8,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdl_Pointer_New frees data on failure, then pointer_free …
CVE-2026-24679 High 8,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client uses server-supplied interface numbers …
CVE-2026-24678 High 8,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed cha…
CVE-2026-24677 High 8,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecam_encoder_compress_h264 trusts server-controlled dimen…
CVE-2026-24676 High 7,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, AUDIN format renegotiation frees the active format list w…
CVE-2026-24675 High 7,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, urb_select_interface can free the device's MS config on e…
CVE-2026-24491 High 7,7 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, video_timer can send client notifications after the contr…
CVE-2026-23948 Medium 6,9 لا 2026-02-09 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdp_write_log…
CVE-2026-2242 Medium 4,8 لا 2026-02-09 A vulnerability was determined in janet-lang janet up to 1.40.1. This impacts the function janetc_if of the file src/core/specials.c. Execu…
CVE-2026-2241 Medium 4,8 لا 2026-02-09 A vulnerability was found in janet-lang janet up to 1.40.1. This affects the function os_strftime of the file src/core/os.c. Performing a m…
CVE-2026-21419 Medium 6,6 لا 2026-02-09 Dell Display and Peripheral Manager (Windows) versions prior to 2.2 contain an Improper Link Resolution Before File Access ('Link Following…
CVE-2025-7432 Low 1,0 لا 2026-02-09 DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions. This may allow an attacker to eventually e…
CVE-2025-66630 Critical 9,2 لا 2026-02-09 Fiber is an Express inspired web framework written in Go. Before 2.52.11, on Go versions prior to 1.24, the underlying crypto/rand implemen…
CVE-2026-2240 Medium 4,8 لا 2026-02-09 A vulnerability has been found in janet-lang janet up to 1.40.1. The impacted element is the function janetc_pop_funcdef of the file src/co…
CVE-2026-24095 Medium 5,3 لا 2026-02-09 Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p21, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows users with the "Us…
CVE-2026-24027 Medium 5,3 لا 2026-02-09 Crafted zones can lead to increased incoming network traffic.
CVE-2026-0398 Medium 5,3 لا 2026-02-09 Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor.
CVE-2025-63354 Medium 4,6 لا 2026-02-09 Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handl…
CVE-2025-59024 Medium 6,5 لا 2026-02-09 Crafted delegations or IP fragments can poison cached delegations in Recursor.
CVE-2025-59023 High 8,2 لا 2026-02-09 Crafted delegations or IP fragments can poison cached delegations in Recursor.