快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 354457
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-2258 |
aardappel lobster wfc.h WaveFunctionCollapse memory corruption
|
MEDIUM | 4.8 | 2026-02-10 |
aardappel lobster
aardappel lobster
+3个
|
CVE NVD | |
| CVE-2025-15147 |
WCFM Membership – WooCommerce Memberships for Multivendor Marketplace <= 2.11.8 - Insecure Direct Object Reference to Update Membership Payment
|
MEDIUM | 4.3 | 2026-02-09 |
wclovers WCFM Membership – WooCommerce Memberships for Multivendor Marketplace
|
CVE NVD | |
| CVE-2026-0845 |
WCFM - WooCommerce Frontend Manager <= 6.7.24 - Authenticated (Shop Manager+) Arbitrary Options Update
|
HIGH | 7.2 | 2026-02-09 |
wclovers WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible
|
CVE NVD | |
| CVE-2025-15314 |
Tanium addressed an arbitrary file deletion vulnerability in end-user-cx.
|
MEDIUM | 5.5 | 2026-02-09 |
Tanium end-user-cx
|
CVE NVD | |
| CVE-2025-15313 |
Tanium addressed an arbitrary file deletion vulnerability in Tanium EUSS.
|
MEDIUM | 5.5 | 2026-02-09 |
Tanium Tanium EUSS
|
CVE NVD | |
| CVE-2025-15310 |
Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.
|
HIGH | 7.8 | 2026-02-09 |
Tanium Patch Endpoint Tools
|
CVE NVD | |
| CVE-2025-15318 |
Tanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools.
|
MEDIUM | 5.1 | 2026-02-09 |
Tanium End-User Notifications Endpoint Tools
|
CVE NVD | |
| CVE-2025-15319 |
Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.
|
HIGH | 7.8 | 2026-02-09 |
Tanium Patch Endpoint Tools
|
CVE NVD | |
| CVE-2026-25958 |
Cube privilege escalation via a specially crafted request
|
HIGH | 7.7 | 2026-02-09 |
cube-js cube
cube-js cube
+1个
|
CVE NVD | |
| CVE-2026-25957 |
Cube Denial of Service (DoS) - An authenticated attacker can crash the server by sending a specially crafted request
|
MEDIUM | 6.5 | 2026-02-09 |
cube-js cube
cube-js cube
|
CVE NVD | |
| CVE-2026-25895 |
FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API
|
CRITICAL | 9.5 | 2026-02-09 |
frangoteam FUXA
|
CVE NVD | |
| CVE-2026-25894 |
FUXA Unauthenticated Remote Code Execution via Hardcoded JWT Secret in Default Configuration
|
CRITICAL | 9.5 | 2026-02-09 |
frangoteam FUXA
|
CVE NVD | |
| CVE-2026-25893 |
FUXA Unauthenticated Remote Code Execution via Admin JWT Minting
|
CRITICAL | 10.0 | 2026-02-09 |
frangoteam FUXA
|
CVE NVD | |
| CVE-2026-25951 |
FUXA has a Path Traversal Sanitization Bypass
|
HIGH | 8.6 | 2026-02-09 |
frangoteam FUXA
|
CVE NVD | |
| CVE-2026-25939 |
FUXA Unauthenticated Remote Arbitrary Scheduler Write
|
CRITICAL | 9.3 | 2026-02-09 |
frangoteam FUXA
|
CVE NVD | |
| CVE-2026-25938 |
FUXA Unauthenticated Remote Code Execution in Node-RED Integration
|
CRITICAL | 9.5 | 2026-02-09 |
frangoteam FUXA
|
CVE NVD | |
| CVE-2026-25934 |
go-git improperly verifies data integrity values for .idx and .pack files
|
MEDIUM | 4.3 | 2026-02-09 |
go-git go-git
|
CVE NVD | |
| CVE-2026-25931 |
vscode-spell-checker has a workspace-trust bypass Code Execution
|
HIGH | 7.8 | 2026-02-09 |
streetsidesoftware vscode-spell-checker
|
CVE NVD | |
| CVE-2026-25925 |
PowerDocu Affected by Remote Code Execution via Insecure Deserialization
|
HIGH | 7.8 | 2026-02-09 |
modery PowerDocu
|
CVE NVD | |
| CVE-2026-25923 |
Phar Deserialization leading to Arbitrary File Deletion in my little forum
|
HIGH | 8.7 | 2026-02-09 |
My-Little-Forum mylittleforum
|
CVE NVD |