快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 358424
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-40932 |
Apache::SessionX versions through 2.01 for Perl create insecure session id
|
HIGH | 8.2 | 2026-02-26 |
GRICHTER Apache::SessionX
grichter apache\
|
CVE NVD | |
| CVE-2026-3270 |
psi-probe PSI Probe Whois Whois.java lookup server-side request forgery
|
MEDIUM | 5.3 | 2026-02-26 |
psi-probe PSI Probe
psi-probe PSI Probe
+3个
|
CVE NVD | |
| CVE-2026-3269 |
psi-probe PSI Probe Session ExpireSessionsController.java handleRequestInternal denial of service
|
MEDIUM | 5.3 | 2026-02-26 |
psi-probe PSI Probe
psi-probe PSI Probe
+3个
|
CVE NVD | |
| CVE-2026-2597 |
Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes()
|
HIGH | 7.5 | 2026-02-26 |
LEONT Crypt::SysRandom::XS
leont crypt\
|
CVE NVD | |
| CVE-2026-25114 |
CloudCharge cloudcharge.se Improper Restriction of Excessive Authentication Attempts
|
HIGH | 7.5 | 2026-02-26 |
CloudCharge cloudcharge.se
cloudcharge cloudcharge.se
|
CVE NVD | |
| CVE-2026-20781 |
CloudCharge cloudcharge.se Missing Authentication for Critical Function
|
CRITICAL | 9.4 | 2026-02-26 |
CloudCharge cloudcharge.se
cloudcharge cloudcharge.se
|
CVE NVD | |
| CVE-2026-20791 |
Chargemap chargemap.com Insufficiently Protected Credentials
|
MEDIUM | 6.5 | 2026-02-26 |
Chargemap chargemap.com
chargemap chargemap.com
|
CVE NVD | |
| CVE-2026-25711 |
Chargemap chargemap.com Insufficient Session Expiration
|
HIGH | 7.3 | 2026-02-26 |
Chargemap chargemap.com
chargemap chargemap.com
|
CVE NVD | |
| CVE-2026-20792 |
Chargemap chargemap.com Improper Restriction of Excessive Authentication Attempts
|
HIGH | 7.5 | 2026-02-26 |
Chargemap chargemap.com
chargemap chargemap.com
|
CVE NVD | |
| CVE-2026-25851 |
Chargemap chargemap.com Missing Authentication for Critical Function
|
CRITICAL | 9.4 | 2026-02-26 |
Chargemap chargemap.com
chargemap chargemap.com
|
CVE NVD | |
| CVE-2026-3268 |
psi-probe PSI Probe Session Attribute RemoveSessAttributeController.java access control
|
MEDIUM | 5.3 | 2026-02-26 |
psi-probe PSI Probe
psi-probe PSI Probe
+2个
|
CVE NVD | |
| CVE-2026-28280 |
`osctrl-admin` has Stored Cross-Site Scripting (XSS) in On-Demand Query List
|
MEDIUM | 6.1 | 2026-02-26 |
jmpsec osctrl
jmpsec osctrl
|
CVE NVD | |
| CVE-2026-28279 |
`osctrl-admin` Vulnerable to OS Command Injection via Environment Configuration
|
HIGH | 7.4 | 2026-02-26 |
jmpsec osctrl
jmpsec osctrl
|
CVE NVD | |
| CVE-2026-28276 |
Initiative Allows Unauthenticated Access to Uploaded Documents via Public /uploads/ Endpoint
|
HIGH | 7.5 | 2026-02-26 |
Morelitea initiative
morelitea initiative
|
CVE NVD | |
| CVE-2026-28275 |
Initiative Vulnerable to Improper Session Invalidation (JWT Remains Valid)
|
HIGH | 8.1 | 2026-02-26 |
Morelitea initiative
morelitea initiative
|
CVE NVD | |
| CVE-2026-28274 |
Initiative Vulnerable to Token Theft via Stored XSS in Document Uploads
|
HIGH | 8.7 | 2026-02-26 |
Morelitea initiative
morelitea initiative
|
CVE NVD | |
| CVE-2026-28269 |
Kiteworks Core has an OS Command Injection
|
MEDIUM | 5.9 | 2026-02-26 |
kiteworks security-advisories
accellion kiteworks
|
CVE NVD | |
| CVE-2026-28230 |
In SteVe, any authenticated charger can terminate any other charger's active transaction (missing ownership verification on StopTransaction)
|
MEDIUM | 5.7 | 2026-02-26 |
steve-community steve
steve-community steve
|
CVE NVD | |
| CVE-2026-28226 |
Phishing Club has Authenticated Blind SQL Injection in GetOrphaned Recipient Listing
|
MEDIUM | 6.5 | 2026-02-26 |
phishingclub phishingclub
phishing.club phishing_club
|
CVE NVD | |
| CVE-2026-28225 |
Manyfold has IDOR in ModelFilesController
|
MEDIUM | 5.3 | 2026-02-26 |
manyfold3d manyfold
manyfold manyfold
|
CVE NVD |