快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359408
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-27025 |
pypdf has possible long runtimes/large memory usage for large /ToUnicode streams
|
MEDIUM | 6.9 | 2026-02-20 |
py-pdf pypdf
pypdf_project pypdf
|
CVE NVD | |
| CVE-2026-27024 |
pypdf has a possible infinite loop when processing TreeObject
|
MEDIUM | 6.9 | 2026-02-20 |
py-pdf pypdf
pypdf_project pypdf
|
CVE NVD | |
| CVE-2026-27022 |
RediSearch Query Injection in @langchain/langgraph-checkpoint-redis
|
MEDIUM | 6.5 | 2026-02-20 |
langchain-ai langgraphjs
|
CVE NVD | |
| CVE-2026-27020 |
Photobooth has a XSS vulnerability in user input
|
MEDIUM | 5.3 | 2026-02-20 |
lukas12000 photobooth
|
CVE NVD | |
| CVE-2026-2857 |
D-Link DWR-M960 Port Forwarding Configuration Endpoint formPortFw sub_423E00 stack-based overflow
|
HIGH | 8.7 | 2026-02-20 |
D-Link DWR-M960
dlink dwr-m960_firmware
|
CVE NVD | |
| CVE-2026-25896 |
fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names
|
CRITICAL | 9.3 | 2026-02-20 |
NaturalIntelligence fast-xml-parser
naturalintelligence fast-xml-parser
|
CVE NVD | |
| CVE-2026-24892 |
openITCOCKPIT has Unsafe Deserialization in openITCOCKPIT Changelog Handling
|
HIGH | 7.5 | 2026-02-20 |
openITCOCKPIT openITCOCKPIT
it-novum openitcockpit
|
CVE NVD | |
| CVE-2026-27190 |
Deno has a Command Injection via Incomplete shell metacharacter blocklist in node:child_process
|
HIGH | 8.1 | 2026-02-20 |
denoland deno
deno deno
|
CVE NVD | |
| CVE-2026-2856 |
D-Link DWR-M960 Filter Configuration Endpoint formFilter sub_424AFC stack-based overflow
|
HIGH | 8.7 | 2026-02-20 |
D-Link DWR-M960
dlink dwr-m960_firmware
|
CVE NVD | |
| CVE-2026-2855 |
D-Link DWR-M960 DDNS Settings formDdns sub_4648F0 stack-based overflow
|
HIGH | 8.7 | 2026-02-20 |
D-Link DWR-M960
dlink dwr-m960_firmware
|
CVE NVD | |
| CVE-2025-62326 |
HCL Digital Experience is susceptible to stored cross-site scripting (XSS)
|
MEDIUM | 6.1 | 2026-02-20 |
HCLSoftware Digital Experience
hcltech digital_experience
|
CVE NVD | |
| CVE-2026-2473 |
Bucket Squatting in Vertex AI Experiments leads to RCE and Model Theft.
|
HIGH | 7.7 | 2026-02-20 |
Google Cloud Vertex AI Experiments
|
CVE NVD | |
| CVE-2026-2472 |
Stored Cross-Site Scripting (XSS) in Vertex AI Python SDK Visualization
|
HIGH | 8.6 | 2026-02-20 |
Google Cloud Vertex AI SDK for Python
|
CVE NVD | |
| CVE-2026-2854 |
D-Link DWR-M960 NTP Configuration Endpoint formNtp sub_4611CC stack-based overflow
|
HIGH | 8.7 | 2026-02-20 |
D-Link DWR-M960
dlink dwr-m960_firmware
|
CVE NVD | |
| CVE-2026-2853 |
D-Link DWR-M960 System Log Configuration Endpoint formSysLog sub_462E14 stack-based overflow
|
HIGH | 8.7 | 2026-02-20 |
D-Link DWR-M960
dlink dwr-m960_firmware
|
CVE NVD | |
| CVE-2026-2852 |
yeqifu warehouse Sales Endpoint SalesController.java deleteSales access control
|
MEDIUM | 5.3 | 2026-02-20 |
yeqifu warehouse
yeqifu warehouse
|
CVE NVD | |
| CVE-2019-25445 |
Fiverr Clone Script 1.2.2 Cross-Site Scripting via search-results.php
|
MEDIUM | 5.1 | 2026-02-20 |
Phpscriptsmall Fiverr Clone Script
phpscriptsmall fiverr_clone_script
|
CVE NVD | |
| CVE-2019-25444 |
Fiverr Clone Script 1.2.2 SQL Injection via page Parameter
|
HIGH | 8.8 | 2026-02-20 |
Phpscriptsmall Fiverr Clone Script
phpscriptsmall fiverr_clone_script
|
CVE NVD | |
| CVE-2026-24891 |
openITCOCKPIT has Unsafe PHP Deserialization in Gearman Worker Allowing Conditional Object Injection
|
HIGH | 7.5 | 2026-02-20 |
openITCOCKPIT openITCOCKPIT
it-novum openitcockpit
|
CVE NVD | |
| CVE-2026-2832 |
Certain Samsung MultiXpress Multifunction Printers Firmware – Potential Information Disclosure
|
MEDIUM | 5.3 | 2026-02-20 |
HP Inc Samsung MultiXpress SL-X7600LXR, SL-X7500LXR, SL-X7400LXR
HP Inc Samsung MultiXpress SL-K7400LXR, SL-K7500LXR, SL-K7600LXR
+2个
|
CVE NVD |