快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359408
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-1842 |
HyperCloud Improper Refresh Token Validation and Access Token Invalidation Allows Long-Term Unauthorized Access
|
MEDIUM | 6.2 | 2026-02-20 |
SoftIron HyperCloud
|
CVE NVD | |
| CVE-2026-24790 |
Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller Missing Authentication for Critical Function
|
HIGH | 8.2 | 2026-02-20 |
Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller
|
CVE NVD | |
| CVE-2026-26048 |
Jinan USR IOT Technology Limited (PUSR) USR-W610 Missing Authentication for Critical Function
|
HIGH | 7.5 | 2026-02-20 |
Jinan USR IOT Technology Limited (PUSR) USR-W610
|
CVE NVD | |
| CVE-2026-26049 |
Jinan USR IOT Technology Limited (PUSR) USR-W610 Insufficiently Protected Credentials
|
MEDIUM | 5.7 | 2026-02-20 |
Jinan USR IOT Technology Limited (PUSR) USR-W610
|
CVE NVD | |
| CVE-2026-2818 |
Zip Slip Path Traversal in Snapshot Archive Extraction (Windows-Specific)
|
HIGH | 8.2 | 2026-02-20 |
VMware Spring Data Geode
VMware Spring Data Gemfire
|
CVE NVD | |
| CVE-2026-2849 |
yeqifu warehouse Cache Sync CacheController.java syncCache access control
|
MEDIUM | 5.3 | 2026-02-20 |
yeqifu warehouse
yeqifu warehouse
|
CVE NVD | |
| CVE-2026-2848 |
SourceCodester Simple Responsive Tourism Website Registration Master.php sql injection
|
MEDIUM | 6.9 | 2026-02-20 |
SourceCodester Simple Responsive Tourism Website
oretnom23 simple_responsive_tourism_website
|
CVE NVD | |
| CVE-2026-24455 |
Jinan USR IOT Technology Limited (PUSR) USR-W610 Cleartext Transmission of Sensitive Information
|
HIGH | 7.5 | 2026-02-20 |
Jinan USR IOT Technology Limited (PUSR) USR-W610
|
CVE NVD | |
| CVE-2026-25715 |
Jinan USR IOT Technology Limited (PUSR) USR-W610 Weak Password Requirements
|
CRITICAL | 9.8 | 2026-02-20 |
Jinan USR IOT Technology Limited (PUSR) USR-W610
|
CVE NVD | |
| CVE-2026-27072 |
WordPress PixelYourSite – Your smart PIXEL (TAG) Manager plugin <= 11.2.0.1 - Cross Site Scripting (XSS) vulnerability
|
HIGH | 7.1 | 2026-02-20 |
PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager
|
CVE NVD | |
| CVE-2026-24959 |
WordPress JS Help Desk plugin <= 3.0.1 - SQL Injection vulnerability
|
HIGH | 8.5 | 2026-02-20 |
JoomSky JS Help Desk
|
CVE NVD | |
| CVE-2026-24956 |
WordPress Download Manager Addons for Elementor plugin <= 1.3.0 - SQL Injection vulnerability
|
CRITICAL | 9.3 | 2026-02-20 |
Shahjada Download Manager Addons for Elementor
|
CVE NVD | |
| CVE-2026-24955 |
WordPress Whizz Plugins plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability
|
HIGH | 7.1 | 2026-02-20 |
fox-themes Whizz Plugins
|
CVE NVD | |
| CVE-2026-24953 |
WordPress Simple File List plugin <= 6.1.15 - Arbitrary File Download vulnerability
|
MEDIUM | 6.5 | 2026-02-20 |
Mitchell Bennis Simple File List
|
CVE NVD | |
| CVE-2026-24950 |
WordPress Authorsy plugin <= 1.0.6 - Insecure Direct Object References (IDOR) vulnerability
|
HIGH | 7.5 | 2026-02-20 |
themeplugs Authorsy
|
CVE NVD | |
| CVE-2026-24949 |
WordPress PhotoMe theme <= 5.7.1 - Cross Site Scripting (XSS) vulnerability
|
HIGH | 7.1 | 2026-02-20 |
ThemeGoods PhotoMe
|
CVE NVD | |
| CVE-2026-24948 |
WordPress Reflector plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulnerability
|
HIGH | 7.1 | 2026-02-20 |
fox-themes Reflector
|
CVE NVD | |
| CVE-2026-24946 |
WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.8.0 - Broken Access Control vulnerability
|
MEDIUM | 6.5 | 2026-02-20 |
tychesoftwares Print Invoice & Delivery Notes for WooCommerce
|
CVE NVD | |
| CVE-2026-24944 |
WordPress Subscribe2 plugin <= 10.44 - Broken Access Control vulnerability
|
MEDIUM | 6.5 | 2026-02-20 |
weDevs Subscribe2
|
CVE NVD | |
| CVE-2026-24943 |
WordPress Grand Conference theme <= 5.3.4 - Reflected Cross Site Scripting (XSS) vulnerability
|
HIGH | 7.1 | 2026-02-20 |
ThemeGoods Grand Conference
|
CVE NVD |