快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359293
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-27503 |
SVXportal <= 2.5 admin/log.php Search Reflected XSS
|
MEDIUM | 5.1 | 2026-02-20 |
sa2blv SVXportal
radioinorr svxportal
|
CVE NVD | |
| CVE-2026-2333 |
Improper Neutralization of Special Elements used in a Command ('Command Injection') in Owl opds
|
CRITICAL | 9.2 | 2026-02-20 |
Owl opds
owlcyberdefense opds-talon
|
CVE NVD | |
| CVE-2026-27502 |
SVXportal <= 2.5 log.php Search Reflected XSS
|
MEDIUM | 5.1 | 2026-02-20 |
sa2blv SVXportal
radioinorr svxportal
|
CVE NVD | |
| CVE-2025-15583 |
detronetdip E-commerce function.php get_safe_value cross site scripting
|
MEDIUM | 5.1 | 2026-02-20 |
detronetdip E-commerce
detronetdip e-commerce
|
CVE NVD | |
| CVE-2025-15582 |
detronetdip E-commerce Product Management Update authorization
|
MEDIUM | 5.3 | 2026-02-20 |
detronetdip E-commerce
detronetdip e-commerce
|
CVE NVD | |
| CVE-2026-1842 |
HyperCloud Improper Refresh Token Validation and Access Token Invalidation Allows Long-Term Unauthorized Access
|
MEDIUM | 6.2 | 2026-02-20 |
SoftIron HyperCloud
|
CVE NVD | |
| CVE-2026-24790 |
Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller Missing Authentication for Critical Function
|
HIGH | 8.2 | 2026-02-20 |
Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller
|
CVE NVD | |
| CVE-2026-26048 |
Jinan USR IOT Technology Limited (PUSR) USR-W610 Missing Authentication for Critical Function
|
HIGH | 7.5 | 2026-02-20 |
Jinan USR IOT Technology Limited (PUSR) USR-W610
|
CVE NVD | |
| CVE-2026-26049 |
Jinan USR IOT Technology Limited (PUSR) USR-W610 Insufficiently Protected Credentials
|
MEDIUM | 5.7 | 2026-02-20 |
Jinan USR IOT Technology Limited (PUSR) USR-W610
|
CVE NVD | |
| CVE-2026-2818 |
Zip Slip Path Traversal in Snapshot Archive Extraction (Windows-Specific)
|
HIGH | 8.2 | 2026-02-20 |
VMware Spring Data Geode
VMware Spring Data Gemfire
|
CVE NVD | |
| CVE-2026-2849 |
yeqifu warehouse Cache Sync CacheController.java syncCache access control
|
MEDIUM | 5.3 | 2026-02-20 |
yeqifu warehouse
yeqifu warehouse
|
CVE NVD | |
| CVE-2026-2848 |
SourceCodester Simple Responsive Tourism Website Registration Master.php sql injection
|
MEDIUM | 6.9 | 2026-02-20 |
SourceCodester Simple Responsive Tourism Website
oretnom23 simple_responsive_tourism_website
|
CVE NVD | |
| CVE-2026-24455 |
Jinan USR IOT Technology Limited (PUSR) USR-W610 Cleartext Transmission of Sensitive Information
|
HIGH | 7.5 | 2026-02-20 |
Jinan USR IOT Technology Limited (PUSR) USR-W610
|
CVE NVD | |
| CVE-2026-25715 |
Jinan USR IOT Technology Limited (PUSR) USR-W610 Weak Password Requirements
|
CRITICAL | 9.8 | 2026-02-20 |
Jinan USR IOT Technology Limited (PUSR) USR-W610
|
CVE NVD | |
| CVE-2026-27072 |
WordPress PixelYourSite – Your smart PIXEL (TAG) Manager plugin <= 11.2.0.1 - Cross Site Scripting (XSS) vulnerability
|
HIGH | 7.1 | 2026-02-20 |
PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager
|
CVE NVD | |
| CVE-2026-24959 |
WordPress JS Help Desk plugin <= 3.0.1 - SQL Injection vulnerability
|
HIGH | 8.5 | 2026-02-20 |
JoomSky JS Help Desk
|
CVE NVD | |
| CVE-2026-24956 |
WordPress Download Manager Addons for Elementor plugin <= 1.3.0 - SQL Injection vulnerability
|
CRITICAL | 9.3 | 2026-02-20 |
Shahjada Download Manager Addons for Elementor
|
CVE NVD | |
| CVE-2026-24955 |
WordPress Whizz Plugins plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability
|
HIGH | 7.1 | 2026-02-20 |
fox-themes Whizz Plugins
|
CVE NVD | |
| CVE-2026-24953 |
WordPress Simple File List plugin <= 6.1.15 - Arbitrary File Download vulnerability
|
MEDIUM | 6.5 | 2026-02-20 |
Mitchell Bennis Simple File List
|
CVE NVD | |
| CVE-2026-24950 |
WordPress Authorsy plugin <= 1.0.6 - Insecure Direct Object References (IDOR) vulnerability
|
HIGH | 7.5 | 2026-02-20 |
themeplugs Authorsy
|
CVE NVD |