快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 358424
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-3150 |
itsourcecode College Management System display-teacher.php sql injection
|
MEDIUM | 5.3 | 2026-02-25 |
itsourcecode College Management System
angeljudesuarez college_management_system
|
CVE NVD | |
| CVE-2025-0976 |
Information Exposure Vulnerability in Hitachi Configuration Manager, Hitachi Ops Center API Configuration Manager
|
MEDIUM | 4.7 | 2026-02-25 |
Hitachi Hitachi Ops Center API Configuration Manager
Hitachi Hitachi Configuration Manager
+2个
|
CVE NVD | |
| CVE-2026-27696 |
changedetection.io Vulnerable to Server-Side Request Forgery (SSRF) via Watch URLs
|
HIGH | 8.6 | 2026-02-25 |
dgtlmoon changedetection.io
webtechnologies changedetection
|
CVE NVD | |
| CVE-2026-27645 |
changedetection.io Vulnerable to Reflected XSS in RSS Single Watch Error Response
|
MEDIUM | 6.1 | 2026-02-25 |
dgtlmoon changedetection.io
webtechnologies changedetection
|
CVE NVD | |
| CVE-2026-27624 |
Coturn: IPv4-mapped IPv6 (::ffff:0:0/96) bypasses denied-peer-ip ACL
|
HIGH | 7.2 | 2026-02-25 |
coturn coturn
coturn_project coturn
|
CVE NVD | |
| CVE-2026-3149 |
itsourcecode College Management System asign-single-student-subjects.php sql injection
|
MEDIUM | 5.3 | 2026-02-25 |
itsourcecode College Management System
angeljudesuarez college_management_system
|
CVE NVD | |
| CVE-2026-3148 |
SourceCodester Simple and Nice Shopping Cart Script signup.php sql injection
|
MEDIUM | 6.9 | 2026-02-25 |
SourceCodester Simple and Nice Shopping Cart Script
haben-cs9 simple_and_nice_shopping_cart_script
|
CVE NVD | |
| CVE-2026-27597 |
@enclave-vm/core is vulnerable to Sandbox Escape
|
CRITICAL | 10.0 | 2026-02-25 |
agentfront enclave
agentfront enclave
|
CVE NVD | |
| CVE-2026-27641 |
Flask-Reuploaded vulnerable to Remote Code Execution via Server-Side Template Injection
|
CRITICAL | 9.8 | 2026-02-25 |
jugmac00 flask-reuploaded
jugmac00 flask-reuploaded
|
CVE NVD | |
| CVE-2026-27640 |
tfplan2md has Sensitive Value Exposure in Generated Reports
|
HIGH | 8.5 | 2026-02-25 |
oocx tfplan2md
tfplan2md tfplan2md
+1个
|
CVE NVD | |
| CVE-2026-27627 |
Karakeep's Reddit plugin content bypasses DOMPurify sanitization, enabling stored XSS
|
HIGH | 8.2 | 2026-02-25 |
karakeep-app karakeep
localhostlabs karakeep
|
CVE NVD | |
| CVE-2026-27639 |
Mercator vulnerable to stored XSS via unescaped Blade directives in display templates
|
HIGH | 8.5 | 2026-02-25 |
dbarzin mercator
sourcentis mercator
|
CVE NVD | |
| CVE-2026-27636 |
FreeScout: Missing .htaccess in Restricted File Extensions Allows Remote Code Execution on Apache
|
HIGH | 8.8 | 2026-02-25 |
freescout-help-desk freescout
freescout freescout
|
CVE NVD | |
| CVE-2026-27637 |
FreeScout's Predictable Authentication Token Enables Account Takeover
|
CRITICAL | 9.8 | 2026-02-25 |
freescout-help-desk freescout
freescout freescout
|
CVE NVD | |
| CVE-2026-3147 |
libvips csvload.c vips_foreign_load_csv_build heap-based overflow
|
MEDIUM | 4.8 | 2026-02-25 |
libvips libvips
|
CVE NVD | |
| CVE-2026-27743 |
SPIP referer_spam <= 1.2.1 Unauthenticated SQL Injection
|
CRITICAL | 9.3 | 2026-02-25 |
SPIP referer_spam
spip referer_spam*
+1个
|
CVE NVD | |
| CVE-2026-27744 |
SPIP tickets < 4.3.3 Unauthenticated RCE
|
CRITICAL | 9.3 | 2026-02-25 |
SPIP tickets
spip tickets
|
CVE NVD | |
| CVE-2026-27745 |
SPIP interface_traduction_objets < 2.2.2 Authenticated RCE
|
HIGH | 8.7 | 2026-02-25 |
SPIP interface_traduction_objets
spip interface_traduction_objets
|
CVE NVD | |
| CVE-2026-27746 |
SPIP jeux < 4.1.1 Reflected XSS via index Parameters
|
MEDIUM | 5.1 | 2026-02-25 |
SPIP jeux
spip jeux
|
CVE NVD | |
| CVE-2026-27747 |
SPIP interface_traduction_objets < 2.2.2 Authenticated SQL Injection
|
HIGH | 7.1 | 2026-02-25 |
SPIP interface_traduction_objets
spip interface_traduction_objets
|
CVE NVD |