快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359408
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-26339 |
Hyland Alfresco Transformation Service Argument Injection RCE
|
CRITICAL | 9.3 | 2026-02-19 |
Hyland Alfresco Transformation Service (Enterprise)
Hyland Alfresco Community (Transform Core)
+4个
|
CVE NVD | |
| CVE-2026-26338 |
Hyland Alfresco Transformation Service SSRF
|
MEDIUM | 6.9 | 2026-02-19 |
Hyland Alfresco Transformation Service (Enterprise)
Hyland Alfresco Community (Transform Core)
+5个
|
CVE NVD | |
| CVE-2026-26337 |
Hyland Alfresco Transformation Service Absolute Path Traversal Arbitrary File Read and SSRF
|
HIGH | 8.8 | 2026-02-19 |
Hyland Alfresco Transformation Service (Enterprise)
Hyland Alfresco Community (Transform Core)
+3个
|
CVE NVD | |
| CVE-2026-2232 |
Product Table and List Builder for WooCommerce Lite <= 4.6.2 - Unauthenticated Time-Based SQL Injection via 'search' Parameter
|
HIGH | 7.5 | 2026-02-19 |
wcproducttable Product Table and List Builder for WooCommerce Lite
|
CVE NVD | |
| CVE-2026-1581 |
wpForo Forum <= 2.4.14 - Unauthenticated Time-Based SQL Injection
|
HIGH | 7.5 | 2026-02-19 |
tomdever wpForo Forum
|
CVE NVD | |
| CVE-2026-26030 |
Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable to remote code execution
|
CRITICAL | 10.0 | 2026-02-19 |
microsoft semantic-kernel
microsoft semantic_kernel
|
CVE NVD | |
| CVE-2026-24834 |
Kata Container to Guest micro VM privilege escalation
|
CRITICAL | 9.4 | 2026-02-19 |
kata-containers kata-containers
katacontainers kata_containers
|
CVE NVD | |
| CVE-2026-26336 |
Hyland Alfresco Improper Authorization Arbitrary File Read
|
HIGH | 8.7 | 2026-02-19 |
Hyland Alfresco Enterprise
Hyland Alfresco Community
+1个
|
CVE NVD | |
| CVE-2026-26016 |
Pterodactyl Panel Allows Cross-Node Server Configuration Disclosure via Remote API Missing Authorization
|
CRITICAL | 9.2 | 2026-02-19 |
pterodactyl panel
pterodactyl panel
|
CVE NVD | |
| CVE-2026-25998 |
strongMan vulnerable to private credential recovery due to key and counter reuse
|
HIGH | 8.7 | 2026-02-19 |
strongswan strongMan
strongswan strongman
|
CVE NVD | |
| CVE-2026-25766 |
Echo has a Windows path traversal via backslash in middleware.Static default filesystem
|
MEDIUM | 5.3 | 2026-02-19 |
labstack echo
labstack echo
|
CVE NVD | |
| CVE-2026-25739 |
Indico affected by Cross-Site-Scripting via material uploads
|
MEDIUM | 5.4 | 2026-02-19 |
indico indico
cern indico
|
CVE NVD | |
| CVE-2026-25738 |
Indico has Server-Side Request Forgery (SSRF) in multiple places
|
MEDIUM | 6.9 | 2026-02-19 |
indico indico
cern indico
|
CVE NVD | |
| CVE-2026-25940 |
jsPDF's PDF Injection in AcroForm module allows Arbitrary JavaScript Execution (RadioButton.createOption and "AS" property)
|
HIGH | 8.1 | 2026-02-19 |
parallax jsPDF
parall jspdf
|
CVE NVD | |
| CVE-2026-26223 |
SPIP < 4.4.8 Cross-Site Scripting via Iframe Tags in Private Area
|
MEDIUM | 4.8 | 2026-02-19 |
SPIP SPIP
spip spip
|
CVE NVD | |
| CVE-2026-26345 |
SPIP < 4.4.8 Cross-Site Scripting in Public Area
|
LOW | 2.1 | 2026-02-19 |
SPIP SPIP
spip spip
|
CVE NVD | |
| CVE-2026-2274 |
Arbitrary File Read and SSRF in Google AppSheet
|
HIGH | 8.5 | 2026-02-19 |
AppSheet AppSheet Web (Main Server)
|
CVE NVD | |
| CVE-2025-71250 |
NOT_EXTRACTED
|
LOW | -1.0 | 2026-02-19 |
未知
|
CVE NVD | |
| CVE-2025-71249 |
NOT_EXTRACTED
|
LOW | -1.0 | 2026-02-19 |
未知
|
CVE NVD | |
| CVE-2025-71248 |
NOT_EXTRACTED
|
LOW | -1.0 | 2026-02-19 |
未知
|
CVE NVD |