快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359293
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-27639 |
Mercator vulnerable to stored XSS via unescaped Blade directives in display templates
|
HIGH | 8.5 | 2026-02-25 |
dbarzin mercator
sourcentis mercator
|
CVE NVD | |
| CVE-2026-27636 |
FreeScout: Missing .htaccess in Restricted File Extensions Allows Remote Code Execution on Apache
|
HIGH | 8.8 | 2026-02-25 |
freescout-help-desk freescout
freescout freescout
|
CVE NVD | |
| CVE-2026-27637 |
FreeScout's Predictable Authentication Token Enables Account Takeover
|
CRITICAL | 9.8 | 2026-02-25 |
freescout-help-desk freescout
freescout freescout
|
CVE NVD | |
| CVE-2026-3147 |
libvips csvload.c vips_foreign_load_csv_build heap-based overflow
|
MEDIUM | 4.8 | 2026-02-25 |
libvips libvips
|
CVE NVD | |
| CVE-2026-27743 |
SPIP referer_spam <= 1.2.1 Unauthenticated SQL Injection
|
CRITICAL | 9.3 | 2026-02-25 |
SPIP referer_spam
spip referer_spam*
+1个
|
CVE NVD | |
| CVE-2026-27744 |
SPIP tickets < 4.3.3 Unauthenticated RCE
|
CRITICAL | 9.3 | 2026-02-25 |
SPIP tickets
spip tickets
|
CVE NVD | |
| CVE-2026-27745 |
SPIP interface_traduction_objets < 2.2.2 Authenticated RCE
|
HIGH | 8.7 | 2026-02-25 |
SPIP interface_traduction_objets
spip interface_traduction_objets
|
CVE NVD | |
| CVE-2026-27746 |
SPIP jeux < 4.1.1 Reflected XSS via index Parameters
|
MEDIUM | 5.1 | 2026-02-25 |
SPIP jeux
spip jeux
|
CVE NVD | |
| CVE-2026-27747 |
SPIP interface_traduction_objets < 2.2.2 Authenticated SQL Injection
|
HIGH | 7.1 | 2026-02-25 |
SPIP interface_traduction_objets
spip interface_traduction_objets
|
CVE NVD | |
| CVE-2026-3146 |
libvips matrixload.c vips_foreign_load_matrix_header null pointer dereference
|
MEDIUM | 4.8 | 2026-02-25 |
libvips libvips
|
CVE NVD | |
| CVE-2025-5781 |
Information Exposure Vulnerability in Hitachi Configuration Manager, Hitachi Ops Center API Configuration Manager
|
MEDIUM | 5.2 | 2026-02-25 |
Hitachi Hitachi Ops Center API Configuration Manager
Hitachi Hitachi Configuration Manager
+4个
|
CVE NVD | |
| CVE-2026-27632 |
Talishar Vulnerable to Cross-Site Request Forgery (CSRF)
|
LOW | 2.6 | 2026-02-25 |
Talishar Talishar
talishar talishar
|
CVE NVD | |
| CVE-2026-27629 |
InvenTree Vulnerable to Server Side Template Injection (SSTI)
|
MEDIUM | 5.9 | 2026-02-25 |
inventree InvenTree
inventree_project inventree
|
CVE NVD | |
| CVE-2026-27628 |
pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams
|
LOW | 1.2 | 2026-02-25 |
py-pdf pypdf
pypdf_project pypdf
|
CVE NVD | |
| CVE-2026-27626 |
OliveTin vulnerable to OS Command Injection via `password` argument type and webhook JSON extraction bypasses shell safety checks
|
CRITICAL | 10.0 | 2026-02-25 |
OliveTin OliveTin
olivetin olivetin
|
CVE NVD | |
| CVE-2026-27612 |
Repostat Vulnerable to Reflected Cross-Site Scripting (XSS) via repo prop in RepoCard
|
MEDIUM | 6.1 | 2026-02-25 |
denpiligrim repostat
denpiligrim repostat
|
CVE NVD | |
| CVE-2026-27621 |
TypiCMS Core has Stored Cross-Site Scripting (XSS) via SVG File Upload
|
MEDIUM | 6.8 | 2026-02-25 |
TypiCMS Core
typicms typicms
|
CVE NVD | |
| CVE-2026-27615 |
ADB-Explorer: UNC Path Support in ManualAdbPath Leads to Remote Code Execution (RCE)
|
HIGH | 8.8 | 2026-02-25 |
Alex4SSB ADB-Explorer
alex4ssb adb_explorer
|
CVE NVD | |
| CVE-2026-27614 |
Bugsink is vulnerable to Stored XSS via Pygments fallback in stacktrace rendering
|
CRITICAL | 9.3 | 2026-02-25 |
bugsink bugsink
bugsink bugsink
|
CVE NVD | |
| CVE-2026-27611 |
FileBrowser Quantum: Password Protection Not Enforced on Shared File Links
|
HIGH | 7.1 | 2026-02-25 |
gtsteffaniak filebrowser
gtsteffaniak filebrowser
+2个
|
CVE NVD |