快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359104
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-24314 |
Information Disclosure vulnerability in S/4HANA (Manage Payment Media)
|
MEDIUM | 4.3 | 2026-02-24 |
SAP_SE S/4HANA (Manage Payment Media)
SAP_SE S/4HANA (Manage Payment Media)
+12个
|
CVE NVD | |
| CVE-2026-3070 |
SourceCodester Modern Image Gallery App upload.php cross site scripting
|
MEDIUM | 5.3 | 2026-02-24 |
SourceCodester Modern Image Gallery App
remyandrade modern_image_gallery_app
|
CVE NVD | |
| CVE-2026-3069 |
itsourcecode Document Management System edtlbls.php sql injection
|
MEDIUM | 6.9 | 2026-02-24 |
itsourcecode Document Management System
admerc document_management_system
|
CVE NVD | |
| CVE-2026-3068 |
itsourcecode Document Management System deluser.php sql injection
|
MEDIUM | 6.9 | 2026-02-24 |
itsourcecode Document Management System
admerc document_management_system
|
CVE NVD | |
| CVE-2026-3067 |
HummerRisk Archive Extraction CommandUtils.java extractZip path traversal
|
MEDIUM | 5.3 | 2026-02-24 |
hummerrisk hummerrisk
|
CVE NVD | |
| CVE-2026-3066 |
HummerRisk Cloud Compliance Scanning PlatformUtils.java fixedCommand command injection
|
MEDIUM | 5.3 | 2026-02-24 |
hummerrisk hummerrisk
|
CVE NVD | |
| CVE-2026-27461 |
Pimcore vulnerable to SQL injection via unsanitized filter value in Dependency Dao RLIKE clause
|
MEDIUM | 6.9 | 2026-02-24 |
pimcore pimcore
pimcore pimcore
+1个
|
CVE NVD | |
| CVE-2026-1459 |
A post-authentication command injection vulnerability in the TR-369 certificate download CGI program...
|
HIGH | 7.2 | 2026-02-24 |
Zyxel VMG3625-T50B firmware
zyxel vmg8623-t50b_firmware
+5个
|
CVE NVD | |
| CVE-2026-27129 |
Cloud Metadata SSRF Protection Bypass via IPv6 Resolution
|
MEDIUM | 5.7 | 2026-02-24 |
craftcms cms
craftcms cms
+2个
|
CVE NVD | |
| CVE-2026-27128 |
Craft CMS's race condition in Token Service potentially allows for token usage greater than the token limit
|
MEDIUM | 6.9 | 2026-02-24 |
craftcms cms
craftcms cms
+3个
|
CVE NVD | |
| CVE-2026-27127 |
Craft CMS has Cloud Metadata SSRF Protection Bypass via DNS Rebinding
|
HIGH | 7.0 | 2026-02-24 |
craftcms cms
craftcms cms
+3个
|
CVE NVD | |
| CVE-2025-13943 |
A post-authentication command injection vulnerability in the log file download function of the Zyxel...
|
HIGH | 8.8 | 2026-02-24 |
Zyxel EX3301-T0 firmware
zyxel ee5301-00_firmware
+51个
|
CVE NVD | |
| CVE-2025-13942 |
A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions thro...
|
CRITICAL | 9.8 | 2026-02-24 |
Zyxel EX3510-B0 firmware
zyxel wx5610-b0_firmware
+17个
|
CVE NVD | |
| CVE-2026-3065 |
HummerRisk Cloud Task Dry-run CloudTaskService.java CommandUtils.commonExecCmdWithResult command injection
|
MEDIUM | 5.3 | 2026-02-24 |
hummerrisk hummerrisk
|
CVE NVD | |
| CVE-2026-3064 |
HummerRisk Cloud Task Scheduler ResourceCreateService.java command injection
|
MEDIUM | 5.3 | 2026-02-24 |
hummerrisk hummerrisk
|
CVE NVD | |
| CVE-2026-3091 |
An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows...
|
MEDIUM | 6.7 | 2026-02-24 |
Synology Synology Presto Client
synology presto_client
|
CVE NVD | |
| CVE-2026-27126 |
Craft CMS has Stored XSS in Table Field via "HTML" Column Type
|
MEDIUM | 5.9 | 2026-02-24 |
craftcms cms
craftcms cms
+3个
|
CVE NVD | |
| CVE-2026-26981 |
OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp
|
MEDIUM | 6.5 | 2026-02-24 |
AcademySoftwareFoundation openexr
AcademySoftwareFoundation openexr
+1个
|
CVE NVD | |
| CVE-2026-26331 |
yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option
|
HIGH | 8.8 | 2026-02-24 |
yt-dlp yt-dlp
yt-dlp_project yt-dlp
|
CVE NVD | |
| CVE-2025-11848 |
A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B fi...
|
MEDIUM | 4.9 | 2026-02-24 |
Zyxel VMG3625-T50B firmware
Zyxel WX3100-T0 firmware
+48个
|
CVE NVD |