快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359799
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-13590 |
Authenticated arbitrary file upload via a System REST API requiring administrator permission.
|
CRITICAL | 9.1 | 2026-02-19 |
WSO2 WSO2 API Manager
WSO2 WSO2 API Control Plane
+14个
|
CVE NVD | |
| CVE-2025-12107 |
Potential authenticated Server-Side Template Injection (SSTI) vulnerability.
|
CRITICAL | 10.0 | 2026-02-19 |
WSO2 WSO2 Identity Server
wso2 identity_server
|
CVE NVD | |
| CVE-2026-1219 |
MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar 4.0 - 5.10 - Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure
|
MEDIUM | 5.3 | 2026-02-19 |
sonaar MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar
|
CVE NVD | |
| CVE-2026-2718 |
Dealia <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gutenberg Block Attributes
|
MEDIUM | 6.4 | 2026-02-19 |
dealia Dealia – Request a quote
|
CVE NVD | |
| CVE-2026-2716 |
Client Testimonial Slider <= 2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Testimonial Heading' Setting
|
MEDIUM | 4.4 | 2026-02-19 |
amu02aftab Client Testimonial Slider
|
CVE NVD | |
| CVE-2026-1461 |
Simple Membership <= 4.7.0 - Unauthenticated Improper Handling of Missing Values
|
MEDIUM | 6.5 | 2026-02-19 |
wpinsider-1 Simple Membership
|
CVE NVD | |
| CVE-2026-22267 |
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignm...
|
HIGH | 8.1 | 2026-02-19 |
Dell PowerProtect Data Manager
dell powerprotect_data_manager
|
CVE NVD | |
| CVE-2026-22268 |
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignm...
|
MEDIUM | 6.3 | 2026-02-19 |
Dell PowerProtect Data Manager
dell powerprotect_data_manager
|
CVE NVD | |
| CVE-2026-22266 |
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of So...
|
MEDIUM | 4.7 | 2026-02-19 |
Dell PowerProtect Data Manager
dell powerprotect_data_manager
|
CVE NVD | |
| CVE-2026-22269 |
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of So...
|
MEDIUM | 4.7 | 2026-02-19 |
Dell PowerProtect Data Manager
dell powerprotect_data_manager
|
CVE NVD | |
| CVE-2025-41023 |
Authentication bypass in AutoGPT de Thesamur
|
MEDIUM | 6.9 | 2026-02-19 |
Thesamur AutoGPT
|
CVE NVD | |
| CVE-2026-26358 |
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Missing Authorization vulnerability. A lo...
|
HIGH | 8.8 | 2026-02-19 |
Dell Unisphere for PowerMax
Dell PowerMax
+1个
|
CVE NVD | |
| CVE-2025-40697 |
Reflected Cross-Site Scripting (XSS) in Lewe WebMeasure
|
MEDIUM | 5.1 | 2026-02-19 |
Lewe WebMeasure
|
CVE NVD | |
| CVE-2026-26360 |
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vu...
|
HIGH | 8.1 | 2026-02-19 |
Dell Unisphere for PowerMax
Dell PowerMax
+1个
|
CVE NVD | |
| CVE-2026-2736 |
Reflected Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms
|
MEDIUM | 5.1 | 2026-02-19 |
Alkacon OpenCms
alkacon opencms
|
CVE NVD | |
| CVE-2026-2735 |
Stored Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms
|
MEDIUM | 5.1 | 2026-02-19 |
Alkacon OpenCms
alkacon opencms
|
CVE NVD | |
| CVE-2026-26359 |
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vu...
|
HIGH | 8.8 | 2026-02-19 |
Dell Unisphere for PowerMax
Dell PowerMax
+1个
|
CVE NVD | |
| CVE-2026-27094 |
WordPress CoBlocks plugin <= 3.1.16 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2026-02-19 |
GoDaddy CoBlocks
|
CVE NVD | |
| CVE-2026-27092 |
WordPress WPAdverts plugin <= 2.2.11 - Broken Access Control vulnerability
|
MEDIUM | 6.5 | 2026-02-19 |
Greg Winiarski WPAdverts
|
CVE NVD | |
| CVE-2026-27090 |
WordPress Kenta Companion plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulnerability
|
MEDIUM | 4.3 | 2026-02-19 |
WP Moose Kenta Companion
|
CVE NVD |