快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 358424
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-3146 |
libvips matrixload.c vips_foreign_load_matrix_header null pointer dereference
|
MEDIUM | 4.8 | 2026-02-25 |
libvips libvips
|
CVE NVD | |
| CVE-2025-5781 |
Information Exposure Vulnerability in Hitachi Configuration Manager, Hitachi Ops Center API Configuration Manager
|
MEDIUM | 5.2 | 2026-02-25 |
Hitachi Hitachi Ops Center API Configuration Manager
Hitachi Hitachi Configuration Manager
+4个
|
CVE NVD | |
| CVE-2026-27632 |
Talishar Vulnerable to Cross-Site Request Forgery (CSRF)
|
LOW | 2.6 | 2026-02-25 |
Talishar Talishar
talishar talishar
|
CVE NVD | |
| CVE-2026-27629 |
InvenTree Vulnerable to Server Side Template Injection (SSTI)
|
MEDIUM | 5.9 | 2026-02-25 |
inventree InvenTree
inventree_project inventree
|
CVE NVD | |
| CVE-2026-27628 |
pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams
|
LOW | 1.2 | 2026-02-25 |
py-pdf pypdf
pypdf_project pypdf
|
CVE NVD | |
| CVE-2026-27626 |
OliveTin vulnerable to OS Command Injection via `password` argument type and webhook JSON extraction bypasses shell safety checks
|
CRITICAL | 10.0 | 2026-02-25 |
OliveTin OliveTin
olivetin olivetin
|
CVE NVD | |
| CVE-2026-27612 |
Repostat Vulnerable to Reflected Cross-Site Scripting (XSS) via repo prop in RepoCard
|
MEDIUM | 6.1 | 2026-02-25 |
denpiligrim repostat
denpiligrim repostat
|
CVE NVD | |
| CVE-2026-27621 |
TypiCMS Core has Stored Cross-Site Scripting (XSS) via SVG File Upload
|
MEDIUM | 6.8 | 2026-02-25 |
TypiCMS Core
typicms typicms
|
CVE NVD | |
| CVE-2026-27615 |
ADB-Explorer: UNC Path Support in ManualAdbPath Leads to Remote Code Execution (RCE)
|
HIGH | 8.8 | 2026-02-25 |
Alex4SSB ADB-Explorer
alex4ssb adb_explorer
|
CVE NVD | |
| CVE-2026-27614 |
Bugsink is vulnerable to Stored XSS via Pygments fallback in stacktrace rendering
|
CRITICAL | 9.3 | 2026-02-25 |
bugsink bugsink
bugsink bugsink
|
CVE NVD | |
| CVE-2026-27611 |
FileBrowser Quantum: Password Protection Not Enforced on Shared File Links
|
HIGH | 7.1 | 2026-02-25 |
gtsteffaniak filebrowser
gtsteffaniak filebrowser
+2个
|
CVE NVD | |
| CVE-2026-27595 |
Parse Dashboard has incomplete authentication on AI Agent endpoint
|
CRITICAL | 9.9 | 2026-02-25 |
parse-community parse-dashboard
parseplatform parse_dashboard
+12个
|
CVE NVD | |
| CVE-2026-27610 |
Parse Dashboard Has a Cache Key Collision that Leaks Master Key to Read-Only Sessions
|
HIGH | 7.0 | 2026-02-25 |
parse-community parse-dashboard
parseplatform parse_dashboard
+12个
|
CVE NVD | |
| CVE-2026-27609 |
Parse Dashboard Missing CSRF Protection on Agent Endpoint
|
HIGH | 8.3 | 2026-02-25 |
parse-community parse-dashboard
parseplatform parse_dashboard
+13个
|
CVE NVD | |
| CVE-2026-27608 |
Parse Dashboard Missing Authorization on Agent Endpoint
|
CRITICAL | 9.3 | 2026-02-25 |
parse-community parse-dashboard
parseplatform parse_dashboard
+12个
|
CVE NVD | |
| CVE-2026-27822 |
Rust has Critical Stored XSS in Preview Modal, leading to Administrative Account Takeover
|
CRITICAL | 9.1 | 2026-02-25 |
rustfs rustfs
rustfs rustfs
|
CVE NVD | |
| CVE-2026-27607 |
RustFS's Missing Post Policy Validation leads to Arbitrary Object Write
|
HIGH | 8.1 | 2026-02-25 |
rustfs rustfs
rustfs rustfs
|
CVE NVD | |
| CVE-2026-27606 |
Rollup 4 has Arbitrary File Write via Path Traversal
|
HIGH | 8.8 | 2026-02-25 |
rollup rollup
rollup rollup
+2个
|
CVE NVD | |
| CVE-2026-25135 |
OpenEMR's location resource for Group.$export operation returns entire patient/user population contact information
|
MEDIUM | 4.5 | 2026-02-25 |
openemr openemr
open-emr openemr
|
CVE NVD | |
| CVE-2026-3145 |
libvips matrixload.c vips_foreign_load_matrix_header memory corruption
|
MEDIUM | 4.8 | 2026-02-25 |
libvips libvips
|
CVE NVD |