快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359408
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-27192 |
Feathers has an origin validation bypass via prefix matching
|
HIGH | 7.6 | 2026-02-21 |
feathersjs feathers
feathersjs feathers
|
CVE NVD | |
| CVE-2026-27191 |
Feathers: Open Redirect in OAuth callback enables account takeover
|
HIGH | 7.4 | 2026-02-21 |
feathersjs feathers
feathersjs feathers
|
CVE NVD | |
| CVE-2025-65995 |
Apache Airflow: Disclosure of secrets to UI via kwargs
|
MEDIUM | 6.5 | 2026-02-21 |
Apache Software Foundation Apache Airflow
apache airflow
|
CVE NVD | |
| CVE-2026-27189 |
OpenSift: Race-prone local persistence could cause state corruption/loss
|
MEDIUM | 6.6 | 2026-02-21 |
OpenSift OpenSift
opensift opensift
|
CVE NVD | |
| CVE-2026-27170 |
OpenSift: SSRF risk in URL ingestion endpoint
|
HIGH | 7.1 | 2026-02-20 |
OpenSift OpenSift
opensift opensift
|
CVE NVD | |
| CVE-2026-27169 |
OpenSift: Persistent XSS Chat Tool Rendering
|
HIGH | 8.9 | 2026-02-20 |
OpenSift OpenSift
opensift opensift
|
CVE NVD | |
| CVE-2026-27168 |
SAIL: Heap-based Buffer Overflow in Sail-codecs-xwd
|
HIGH | 8.8 | 2026-02-20 |
HappySeaFox sail
sail sail
|
CVE NVD | |
| CVE-2026-27203 |
eBay API MCP Server Affected by Environment Variable Injection
|
HIGH | 8.3 | 2026-02-20 |
YosefHayim ebay-mcp
|
CVE NVD | |
| CVE-2026-27202 |
GetSimple CMS: Uploaded Files (feature) Arbitrary File Read Vulnerability
|
HIGH | 8.8 | 2026-02-20 |
GetSimpleCMS-CE GetSimpleCMS-CE
getsimple-ce getsimple_cms
|
CVE NVD | |
| CVE-2026-27161 |
Unauthenticated Information Disclosure via .htaccess Reliance in Sensitive Directories
|
HIGH | 8.7 | 2026-02-20 |
GetSimpleCMS-CE GetSimpleCMS-CE
getsimple-ce getsimple_cms
|
CVE NVD | |
| CVE-2026-27147 |
GetSimple CMS: Stored Cross-Site Scripting (XSS) via SVG File Upload (Authenticated)
|
MEDIUM | 6.9 | 2026-02-20 |
GetSimpleCMS-CE GetSimpleCMS-CE
getsimple-ce getsimple_cms
|
CVE NVD | |
| CVE-2026-27146 |
GetSimple CMS: Cross-Site Request Forgery (CSRF) in File Upload Allows Arbitrary Uploads
|
HIGH | 7.1 | 2026-02-20 |
GetSimpleCMS-CE GetSimpleCMS-CE
getsimple-ce getsimple_cms
|
CVE NVD | |
| CVE-2026-27134 |
Strimzi: All CAs from a custom CA chain consisting of multiple CAs are trusted for mTLS user autentication
|
HIGH | 8.1 | 2026-02-20 |
strimzi strimzi-kafka-operator
linuxfoundation strimzi_kafka_operator
|
CVE NVD | |
| CVE-2019-25454 |
phpMoAdmin 1.1.5 Stored Cross-Site Scripting via collection Parameter
|
MEDIUM | 5.3 | 2026-02-20 |
Phpmoadmin phpMoAdmin
phpmoadmin phpmoadmin
|
CVE NVD | |
| CVE-2019-25453 |
phpMoAdmin 1.1.5 Reflected Cross-Site Scripting via moadmin.php
|
MEDIUM | 5.1 | 2026-02-20 |
Phpmoadmin phpMoAdmin
phpmoadmin phpmoadmin
|
CVE NVD | |
| CVE-2019-25451 |
phpMoAdmin 1.1.5 Cross-Site Request Forgery via moadmin.php
|
MEDIUM | 5.3 | 2026-02-20 |
Phpmoadmin phpMoAdmin
phpmoadmin phpmoadmin
|
CVE NVD | |
| CVE-2019-25449 |
OrientDB 3.0.17 Reflected Cross-Site Scripting via document endpoint
|
MEDIUM | 5.1 | 2026-02-20 |
Orientdb OrientDB
orientdb orientdb
|
CVE NVD | |
| CVE-2019-25448 |
OrientDB 3.0.17 Stored Cross-Site Scripting via User Creation
|
MEDIUM | 5.1 | 2026-02-20 |
Orientdb OrientDB
orientdb orientdb
|
CVE NVD | |
| CVE-2019-25447 |
OrientDB 3.0.17 Cross-Site Request Forgery
|
MEDIUM | 5.3 | 2026-02-20 |
Orientdb OrientDB
orientdb orientdb
|
CVE NVD | |
| CVE-2019-25441 |
thesystem 1.0 Command Injection via run_command endpoint
|
CRITICAL | 9.3 | 2026-02-20 |
kostasmitroglou thesystem
|
CVE NVD |