快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 358915
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-1198 |
SQL Injection in SIMPLE.ERP
|
HIGH | 8.6 | 2026-02-26 |
Simple SA Simple.ERP
|
CVE NVD | |
| CVE-2025-64999 |
Cross-site scripting in HTML logs of Synthetic Monitoring test services
|
HIGH | 7.3 | 2026-02-26 |
Checkmk GmbH Checkmk
checkmk checkmk
+1个
|
CVE NVD | |
| CVE-2026-28138 |
WordPress uListing plugin <= 2.2.0 - PHP Object Injection vulnerability
|
HIGH | 7.2 | 2026-02-26 |
Stylemix uListing
|
CVE NVD | |
| CVE-2026-28136 |
WordPress WP SMS plugin <= 6.9.12 - SQL Injection vulnerability
|
HIGH | 7.6 | 2026-02-26 |
VeronaLabs WP SMS
|
CVE NVD | |
| CVE-2026-28132 |
WordPress WooCommerce Photo Reviews plugin <= 1.4.4 - Content Injection vulnerability
|
MEDIUM | 5.3 | 2026-02-26 |
villatheme WooCommerce Photo Reviews
|
CVE NVD | |
| CVE-2026-28131 |
WordPress Elementor Addon Elements plugin <= 1.14.4 - Sensitive Data Exposure vulnerability
|
MEDIUM | 6.5 | 2026-02-26 |
WPVibes Elementor Addon Elements
|
CVE NVD | |
| CVE-2026-28083 |
WordPress Flatsome theme <= 3.20.1 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2026-02-26 |
UX-themes Flatsome
|
CVE NVD | |
| CVE-2026-1698 |
HTTP Host header vulnerability in WebClient and WebScheduler web apps
|
MEDIUM | 5.3 | 2026-02-26 |
arcinfo PcVue
|
CVE NVD | |
| CVE-2026-1697 |
Use of unsecure cookies for GraphicalData web service and WebClient web app
|
MEDIUM | 5.3 | 2026-02-26 |
arcinfo PcVue
|
CVE NVD | |
| CVE-2026-1696 |
Missing security HTTP headers
|
LOW | 2.3 | 2026-02-26 |
arcinfo PcVue
|
CVE NVD | |
| CVE-2026-1695 |
XSS vulnerability upon unsuccessful authentication
|
MEDIUM | 5.3 | 2026-02-26 |
arcinfo PcVue
|
CVE NVD | |
| CVE-2026-1694 |
Server configuration details in HTTP headers
|
LOW | 2.3 | 2026-02-26 |
arcinfo PcVue
|
CVE NVD | |
| CVE-2026-1693 |
Use of vulnerable Resource Owner Password Credentials flow
|
MEDIUM | 5.3 | 2026-02-26 |
arcinfo PcVue
|
CVE NVD | |
| CVE-2026-1692 |
Missing origin validation in GraphicalData web service requests
|
MEDIUM | 5.3 | 2026-02-26 |
arcinfo PcVue
|
CVE NVD | |
| CVE-2026-25191 |
The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL searc...
|
HIGH | 8.4 | 2026-02-26 |
Digital Arts Inc. FinalCode Ver.5 series
Digital Arts Inc. FinalCode Ver.6 series
|
CVE NVD | |
| CVE-2026-23703 |
The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permis...
|
HIGH | 8.5 | 2026-02-26 |
Digital Arts Inc. FinalCode Ver.5 series
Digital Arts Inc. FinalCode Ver.6 series
|
CVE NVD | |
| CVE-2026-1311 |
Worry Proof Backup <= 0.2.4 - Authenticated (Subscriber+) Path Traversal via Backup Upload
|
HIGH | 8.8 | 2026-02-26 |
bearsthemes Worry Proof Backup
|
CVE NVD | |
| CVE-2026-27465 |
Fleet: Sensitive Google Calendar credentials disclosed to low-privileged users
|
LOW | 1.3 | 2026-02-26 |
fleetdm fleet
fleetdm fleet
|
CVE NVD | |
| CVE-2026-25963 |
Fleet: Authorization Bypass in certificate template batch deletion for team administrators
|
LOW | 1.2 | 2026-02-26 |
fleetdm fleet
fleetdm fleet
|
CVE NVD | |
| CVE-2026-23999 |
Fleet: Device lock PIN can be predicted if lock time is known
|
LOW | 0.6 | 2026-02-26 |
fleetdm fleet
fleetdm fleet
|
CVE NVD |