快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 358219
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2024-10938 |
The OVRI Payment plugin for WordPress contains malicious .htaccess files in version 1.7.0. The files
|
MEDIUM | 6.5 | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-2383 |
The Simple Download Monitor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via cu
|
MEDIUM | 6.4 | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-2362 |
The WP Accessibility plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via
|
MEDIUM | 6.4 | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-2252 |
An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forg
|
HIGH | 7.5 | 2026-02-27 |
xerox freeflow_core
|
NVD | |
| CVE-2026-2251 |
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox
|
CRITICAL | 9.8 | 2026-02-27 |
xerox freeflow_core
|
NVD | |
| CVE-2026-21658 |
Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection')
|
CRITICAL | 9.8 | 2026-02-27 |
johnsoncontrols frick_controls_quantum_hd_firmware
|
NVD | |
| CVE-2026-21657 |
Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Co
|
CRITICAL | 9.8 | 2026-02-27 |
johnsoncontrols frick_controls_quantum_hd_firmware
|
NVD | |
| CVE-2026-21656 |
Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Co
|
CRITICAL | 9.8 | 2026-02-27 |
johnsoncontrols frick_controls_quantum_hd_firmware
|
NVD | |
| CVE-2026-21654 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerabi
|
CRITICAL | 9.8 | 2026-02-27 |
johnsoncontrols frick_controls_quantum_hd_firmware
|
NVD | |
| CVE-2026-1627 |
An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to p
|
MEDIUM | 6.5 | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-1626 |
An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to poten
|
MEDIUM | 6.5 | 2026-02-27 |
未知
|
NVD | |
| CVE-2025-12150 |
A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacke
|
LOW | 3.1 | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-27776 |
IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This c
|
HIGH | 7.2 | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-0980 |
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of R
|
HIGH | 8.3 | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-0871 |
A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only a
|
MEDIUM | 4.9 | 2026-02-27 |
未知
|
NVD | |
| CVE-2025-9909 |
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This v
|
MEDIUM | 6.7 | 2026-02-27 |
未知
|
NVD | |
| CVE-2025-9908 |
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream
|
MEDIUM | 6.7 | 2026-02-27 |
未知
|
NVD | |
| CVE-2025-9907 |
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream
|
MEDIUM | 6.7 | 2026-02-27 |
未知
|
NVD | |
| CVE-2025-9572 |
n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond
|
MEDIUM | 5.0 | 2026-02-27 |
未知
|
NVD | |
| CVE-2025-13327 |
A flaw was found in uv. This vulnerability allows an attacker to execute malicious code during packa
|
MEDIUM | 6.3 | 2026-02-27 |
未知
|
NVD |