快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359293
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2024-1524 |
A local user can be impersonated when using federated authentication with Silent JIT Provisioning.
|
HIGH | 7.7 | 2026-02-24 |
WSO2 WSO2 API Manager
WSO2 WSO2 Identity Server
+2个
|
CVE NVD | |
| CVE-2025-11165 |
A sandbox escape vulnerability exists in dotCMS’s Velocity scripting engine (VTools) that allows aut...
|
CRITICAL | 9.4 | 2026-02-24 |
dotCMS dotCMS
dotCMS dotCMS
+1个
|
CVE NVD | |
| CVE-2026-1229 |
Incorrect calculation in CIRCL secp384r1 CombinedMult
|
LOW | 2.9 | 2026-02-24 |
Cloudflare CIRCL
cloudflare circl
|
CVE NVD | |
| CVE-2025-40541 |
SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability
|
CRITICAL | 9.1 | 2026-02-24 |
SolarWinds Serv-U
solarwinds serv-u
|
CVE NVD | |
| CVE-2025-40540 |
SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability
|
CRITICAL | 9.1 | 2026-02-24 |
SolarWinds Serv-U
solarwinds serv-u
|
CVE NVD | |
| CVE-2025-40539 |
SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability
|
CRITICAL | 9.1 | 2026-02-24 |
SolarWinds Serv-U
solarwinds serv-u
|
CVE NVD | |
| CVE-2025-40538 |
SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability
|
CRITICAL | 9.1 | 2026-02-24 |
SolarWinds Serv-U
solarwinds serv-u
|
CVE NVD | |
| CVE-2025-15386 |
Responsive Lightbox & Gallery < 2.6.1 - Unauthenticated Stored XSS
|
HIGH | 8.8 | 2026-02-24 |
Unknown Responsive Lightbox & Gallery
|
CVE NVD | |
| CVE-2025-15589 |
MuYuCMS Template Management Template.php delete_dir_file path traversal
|
MEDIUM | 5.1 | 2026-02-24 |
muyucms muyucms
|
CVE NVD | |
| CVE-2026-24314 |
Information Disclosure vulnerability in S/4HANA (Manage Payment Media)
|
MEDIUM | 4.3 | 2026-02-24 |
SAP_SE S/4HANA (Manage Payment Media)
SAP_SE S/4HANA (Manage Payment Media)
+12个
|
CVE NVD | |
| CVE-2026-3070 |
SourceCodester Modern Image Gallery App upload.php cross site scripting
|
MEDIUM | 5.3 | 2026-02-24 |
SourceCodester Modern Image Gallery App
remyandrade modern_image_gallery_app
|
CVE NVD | |
| CVE-2026-3069 |
itsourcecode Document Management System edtlbls.php sql injection
|
MEDIUM | 6.9 | 2026-02-24 |
itsourcecode Document Management System
admerc document_management_system
|
CVE NVD | |
| CVE-2026-3068 |
itsourcecode Document Management System deluser.php sql injection
|
MEDIUM | 6.9 | 2026-02-24 |
itsourcecode Document Management System
admerc document_management_system
|
CVE NVD | |
| CVE-2026-3067 |
HummerRisk Archive Extraction CommandUtils.java extractZip path traversal
|
MEDIUM | 5.3 | 2026-02-24 |
hummerrisk hummerrisk
|
CVE NVD | |
| CVE-2026-3066 |
HummerRisk Cloud Compliance Scanning PlatformUtils.java fixedCommand command injection
|
MEDIUM | 5.3 | 2026-02-24 |
hummerrisk hummerrisk
|
CVE NVD | |
| CVE-2026-27461 |
Pimcore vulnerable to SQL injection via unsanitized filter value in Dependency Dao RLIKE clause
|
MEDIUM | 6.9 | 2026-02-24 |
pimcore pimcore
pimcore pimcore
+1个
|
CVE NVD | |
| CVE-2026-1459 |
A post-authentication command injection vulnerability in the TR-369 certificate download CGI program...
|
HIGH | 7.2 | 2026-02-24 |
Zyxel VMG3625-T50B firmware
zyxel vmg8623-t50b_firmware
+5个
|
CVE NVD | |
| CVE-2026-27129 |
Cloud Metadata SSRF Protection Bypass via IPv6 Resolution
|
MEDIUM | 5.7 | 2026-02-24 |
craftcms cms
craftcms cms
+2个
|
CVE NVD | |
| CVE-2026-27128 |
Craft CMS's race condition in Token Service potentially allows for token usage greater than the token limit
|
MEDIUM | 6.9 | 2026-02-24 |
craftcms cms
craftcms cms
+3个
|
CVE NVD | |
| CVE-2026-27127 |
Craft CMS has Cloud Metadata SSRF Protection Bypass via DNS Rebinding
|
HIGH | 7.0 | 2026-02-24 |
craftcms cms
craftcms cms
+3个
|
CVE NVD |