快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 360566
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-4111 |
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specificall
|
HIGH | 7.5 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-4105 |
A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulner
|
MEDIUM | 6.7 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-4092 |
Path Traversal in Clasp impacting versions < 3.2.0 allows a remote attacker to perform remote code e
|
UNKNOWN | N/A | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-4063 |
The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data mo
|
MEDIUM | 4.3 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-3999 |
A broken access control may allow an authenticated user to perform a
horizontal privilege escalatio
|
UNKNOWN | N/A | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-3986 |
The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the
|
MEDIUM | 6.4 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-3910 |
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker
|
HIGH | 8.8 | 2026-03-13 |
google chrome
|
NVD | |
| CVE-2026-3909 |
Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to per
|
HIGH | 8.8 | 2026-03-13 |
google chrome
|
NVD | |
| CVE-2026-3891 |
The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing
|
CRITICAL | 9.8 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-3873 |
Use of Hard-coded Credentials vulnerability in Avantra allows Accessing
Functionality Not Properly
|
HIGH | 7.2 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-3045 |
The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is vulnerable t
|
HIGH | 7.5 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-32746 |
telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Ch
|
CRITICAL | 9.8 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-32745 |
In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure attribute f
|
MEDIUM | 6.3 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-32612 |
Statamic is a Laravel and Git powered content management system (CMS). Prior to 6.6.2, stored XSS in
|
MEDIUM | 5.4 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-32598 |
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.24, the password
|
UNKNOWN | N/A | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-32597 |
PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the cri
|
HIGH | 7.5 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-32543 |
Missing Authorization vulnerability in CyberChimps Responsive Blocks responsive-block-editor-addons
|
MEDIUM | 5.3 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-32487 |
Missing Authorization vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows Expl
|
MEDIUM | 5.3 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-32486 |
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploitin
|
MEDIUM | 5.3 | 2026-03-13 |
未知
|
NVD | |
| CVE-2026-32462 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
|
UNKNOWN | N/A | 2026-03-13 |
未知
|
NVD |