快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 360566
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-28537 |
Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerabilit
|
MEDIUM | 5.1 | 2026-03-05 |
huawei harmonyos
|
NVD | |
| CVE-2026-21786 |
HCL Sametime for iOS is impacted by a sensitive information disclosure. Hostnames information is wr
|
LOW | 3.3 | 2026-03-05 |
hcltech sametime
|
NVD | |
| CVE-2026-1321 |
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation
|
HIGH | 8.1 | 2026-03-05 |
未知
|
NVD | |
| CVE-2025-66319 |
Permission control vulnerability in the resource scheduling module. Impact: Successful exploitation
|
LOW | 3.3 | 2026-03-05 |
huawei harmonyos
huawei harmonyos
|
NVD | |
| CVE-2026-2743 |
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interfa
|
CRITICAL | 9.8 | 2026-03-05 |
seppmail seppmail
|
NVD | |
| CVE-2026-28536 |
Authentication bypass vulnerability in the device authentication module. Impact: Successful exploita
|
CRITICAL | 9.6 | 2026-03-05 |
huawei harmonyos
huawei harmonyos
|
NVD | |
| CVE-2026-25702 |
A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 br
|
HIGH | 7.3 | 2026-03-05 |
suse linux_enterprise_server
|
NVD | |
| CVE-2026-1678 |
dns_unpack_name() caches the buffer tailroom once and reuses it while appending DNS labels. As the b
|
CRITICAL | 9.4 | 2026-03-05 |
zephyrproject zephyr
|
NVD | |
| CVE-2026-3072 |
The Media Library Assistant plugin for WordPress is vulnerable to unauthorized modification of data
|
MEDIUM | 4.3 | 2026-03-05 |
未知
|
NVD | |
| CVE-2026-30777 |
EC-CUBE provided by EC-CUBE CO.,LTD. contains a multi-factor authentication (MFA) bypass vulnerabili
|
MEDIUM | 4.9 | 2026-03-05 |
ec-cube ec-cube
ec-cube ec-cube
+2个
|
NVD | |
| CVE-2026-2418 |
The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to
|
CRITICAL | 9.1 | 2026-03-05 |
未知
|
NVD | |
| CVE-2026-29128 |
IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing c
|
CRITICAL | 10.0 | 2026-03-05 |
datacast sfx2100_firmware
|
NVD | |
| CVE-2026-29053 |
Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, specifically crafted mal
|
HIGH | 7.6 | 2026-03-05 |
ghost ghost
|
NVD | |
| CVE-2026-29052 |
The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee
|
MEDIUM | 6.1 | 2026-03-05 |
humhub calendar
|
NVD | |
| CVE-2026-28137 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
|
HIGH | 7.1 | 2026-03-05 |
未知
|
NVD | |
| CVE-2026-28135 |
Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor A
|
HIGH | 8.2 | 2026-03-05 |
未知
|
NVD | |
| CVE-2026-28134 |
Improper Control of Generation of Code ('Code Injection') vulnerability in Crocoblock JetEngine jet-
|
HIGH | 8.5 | 2026-03-05 |
未知
|
NVD | |
| CVE-2026-28133 |
Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection allow
|
HIGH | 8.1 | 2026-03-05 |
未知
|
NVD | |
| CVE-2026-28130 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
|
HIGH | 7.1 | 2026-03-05 |
未知
|
NVD | |
| CVE-2026-28129 |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio
|
HIGH | 8.1 | 2026-03-05 |
未知
|
NVD |