快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359408
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-27589 |
Caddy vulnerable to cross-origin config application via local admin API /load (caddy)
|
MEDIUM | 6.9 | 2026-02-24 |
caddyserver caddy
caddyserver caddy
|
CVE NVD | |
| CVE-2026-27588 |
Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth bypass
|
HIGH | 7.7 | 2026-02-24 |
caddyserver caddy
caddyserver caddy
|
CVE NVD | |
| CVE-2026-27587 |
Caddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth bypass
|
HIGH | 7.7 | 2026-02-24 |
caddyserver caddy
caddyserver caddy
|
CVE NVD | |
| CVE-2026-27586 |
Caddy's mTLS client authentication silently fails open when CA certificate file is missing or malformed
|
HIGH | 8.8 | 2026-02-24 |
caddyserver caddy
caddyserver caddy
|
CVE NVD | |
| CVE-2026-27585 |
Caddy's improper sanitization of glob characters in file matcher may lead to bypassing security protections
|
MEDIUM | 6.9 | 2026-02-24 |
caddyserver caddy
caddyserver caddy
|
CVE NVD | |
| CVE-2026-27571 |
nats-server websockets are vulnerable to pre-auth memory DoS
|
MEDIUM | 5.9 | 2026-02-24 |
nats-io nats-server
nats-io nats-server
+1个
|
CVE NVD | |
| CVE-2025-13776 |
Hard-coded database credentials in Finka software
|
HIGH | 8.6 | 2026-02-24 |
TIK-SOFT Finka-FK
TIK-SOFT Finka-KPR
+10个
|
CVE NVD | |
| CVE-2025-47904 |
Unsigned upgrade package
|
MEDIUM | 5.7 | 2026-02-24 |
Microchip Time Provider 4100
microchip timeprovider_4100_firmware
|
CVE NVD | |
| CVE-2026-27521 |
Binardat 10G08-0800GSM Network Switch Missing Login Rate Limiting
|
MEDIUM | 6.9 | 2026-02-24 |
Binardat Ltd. 10G08-0800GSM Network Switch
binardat 10g08-0800gsm_firmware
|
CVE NVD | |
| CVE-2026-27520 |
Binardat 10G08-0800GSM Network Switch Base64-encoded Password Stored in Cookie
|
HIGH | 8.7 | 2026-02-24 |
Binardat Ltd. 10G08-0800GSM Network Switch
binardat 10g08-0800gsm_firmware
|
CVE NVD | |
| CVE-2026-27519 |
Binardat 10G08-0800GSM Network Switch Hard-coded RC4 Encryption Key
|
HIGH | 8.7 | 2026-02-24 |
Binardat Ltd. 10G08-0800GSM Network Switch
binardat 10g08-0800gsm_firmware
|
CVE NVD | |
| CVE-2026-27518 |
Binardat 10G08-0800GSM Network Switch CSRF
|
MEDIUM | 5.1 | 2026-02-24 |
Binardat Ltd. 10G08-0800GSM Network Switch
binardat 10g08-0800gsm_firmware
|
CVE NVD | |
| CVE-2026-27517 |
Binardat 10G08-0800GSM Network Switch XSS
|
MEDIUM | 5.1 | 2026-02-24 |
Binardat Ltd. 10G08-0800GSM Network Switch
binardat 10g08-0800gsm_firmware
|
CVE NVD | |
| CVE-2026-27516 |
Binardat 10G08-0800GSM Network Switch Plaintext Password Exposure
|
HIGH | 8.6 | 2026-02-24 |
Binardat Ltd. 10G08-0800GSM Network Switch
binardat 10g08-0800gsm_firmware
|
CVE NVD | |
| CVE-2026-27515 |
Binardat 10G08-0800GSM Network Switch Predictable Session Identifiers
|
CRITICAL | 9.3 | 2026-02-24 |
Binardat Ltd. 10G08-0800GSM Network Switch
binardat 10g08-0800gsm_firmware
|
CVE NVD | |
| CVE-2026-27507 |
Binardat 10G08-0800GSM Network Switch Hard-coded Credentials
|
CRITICAL | 9.3 | 2026-02-24 |
Binardat Ltd. 10G08-0800GSM Network Switch
binardat 10g08-0800gsm_firmware
|
CVE NVD | |
| CVE-2026-23678 |
Binardat 10G08-0800GSM Network Switch Traceroute CLI Command Injection
|
HIGH | 8.7 | 2026-02-24 |
Binardat Ltd. 10G08-0800GSM Network Switch
binardat 10g08-0800gsm_firmware
|
CVE NVD | |
| CVE-2026-27584 |
ActualBudget server is Missing Authentication for SimpleFIN and Pluggy AI bank sync endpoints
|
CRITICAL | 9.2 | 2026-02-24 |
actualbudget actual
actualbudget actual
|
CVE NVD | |
| CVE-2026-0402 |
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash ...
|
MEDIUM | 4.9 | 2026-02-24 |
SonicWall SonicOS
SonicWall SonicOS
+2个
|
CVE NVD | |
| CVE-2026-27732 |
AVideo has Authenticated Server-Side Request Forgery via downloadURL in aVideoEncoder.json.php
|
HIGH | 8.6 | 2026-02-24 |
WWBN AVideo
wwbn avideo
|
CVE NVD |