快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 358915
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-27162 |
DIscourse doesn't prevent whispers to leak in excerpts
|
MEDIUM | 4.9 | 2026-02-26 |
discourse discourse
discourse discourse
+3个
|
CVE NVD | |
| CVE-2026-27151 |
Discourse doesn't validate destination topic when moving posts
|
LOW | 1.3 | 2026-02-26 |
discourse discourse
discourse discourse
+3个
|
CVE NVD | |
| CVE-2026-27150 |
Discourse doesn't ensure guardian check when creating QueryGroupBookmark
|
LOW | 1.3 | 2026-02-26 |
discourse discourse
discourse discourse
+3个
|
CVE NVD | |
| CVE-2026-27149 |
Discourse has SQL injection in PM tag filtering
|
MEDIUM | 4.9 | 2026-02-26 |
discourse discourse
discourse discourse
+3个
|
CVE NVD | |
| CVE-2026-27021 |
Discourse: Poll voters endpoint lacked post visibility checks
|
MEDIUM | 6.9 | 2026-02-26 |
discourse discourse
discourse discourse
+3个
|
CVE NVD | |
| CVE-2026-23939 |
Path Traversal in Local File Store Backend
|
MEDIUM | 6.9 | 2026-02-26 |
hexpm hexpm
|
CVE NVD | |
| CVE-2026-26979 |
Discourse: TL4 users are able to change status of restricted topics
|
LOW | 2.7 | 2026-02-26 |
discourse discourse
discourse discourse
+3个
|
CVE NVD | |
| CVE-2026-1565 |
User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.2.8 - Authenticated (Author+) Arbitrary File Upload
|
HIGH | 8.8 | 2026-02-26 |
wedevs User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration
|
CVE NVD | |
| CVE-2026-1241 |
Authentication Bypass Using an Alternate Path or Channel in Pelco, Inc. Sarix Pro 3 Series IP Cameras
|
HIGH | 8.7 | 2026-02-26 |
Pelco, Inc. Sarix Professional IMP 3 Series
Pelco, Inc. Sarix Professional IXP 3 Series
+2个
|
CVE NVD | |
| CVE-2026-26973 |
Discourse doesn't scope reviewable notes to user-visible reviewables
|
MEDIUM | 4.3 | 2026-02-26 |
discourse discourse
discourse discourse
+3个
|
CVE NVD | |
| CVE-2026-27510 |
Unitree Go2 Mobile Program Tampering Enables Root RCE
|
MEDIUM | 6.4 | 2026-02-26 |
UnitreeRobotics Unitree Go2
|
CVE NVD | |
| CVE-2026-27509 |
Unitree Go2 Missing DDS Authentication Enables Adjacent RCE
|
HIGH | 8.5 | 2026-02-26 |
UnitreeRobotics Unitree Go2
|
CVE NVD | |
| CVE-2026-27141 |
Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
|
HIGH | 7.5 | 2026-02-26 |
golang.org/x/net golang.org/x/net/http2
|
CVE NVD | |
| CVE-2026-22722 |
VMware Workstation for Windows null pointer dereference may allow an authenticated user to trigger a crash
|
MEDIUM | 6.1 | 2026-02-26 |
VMware Workstation
|
CVE NVD | |
| CVE-2026-22715 |
VMware Workstation/Fusion NAT vulnerability
|
MEDIUM | 5.9 | 2026-02-26 |
VMware Workstation
VMware Fusion
|
CVE NVD | |
| CVE-2026-26938 |
Improper Neutralization of Special Elements Used in a Template Engine in Kibana Workflows Leading to Server-Side Request Forgery (SSRF)
|
HIGH | 8.6 | 2026-02-26 |
Elastic Kibana
elastic kibana
|
CVE NVD | |
| CVE-2026-26937 |
Uncontrolled Resource Consumption in Kibana Leading to Denial of Service
|
MEDIUM | 6.5 | 2026-02-26 |
Elastic Kibana
elastic kibana
|
CVE NVD | |
| CVE-2026-26227 |
VLC for Android < 3.7.0 Remote Access OTP Authentication Bypass
|
MEDIUM | 6.3 | 2026-02-26 |
VideoLAN VLC for Android
|
CVE NVD | |
| CVE-2026-23750 |
Golioth Pouch < [INSERT FIXED VERSION] BLE GATT Heap-based Buffer Overflow
|
HIGH | 7.2 | 2026-02-26 |
Golioth Pouch
|
CVE NVD | |
| CVE-2026-23749 |
Golioth Firmware SDK < 0.22.0 Blockwise Transfer Path Out-of-Bounds Read
|
LOW | 2.1 | 2026-02-26 |
Golioth Firmware SDK
|
CVE NVD |