快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 354457
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-25808 |
Hollo DMs get leaked and can be seen on Webfinger Browser
|
HIGH | 7.5 | 2026-02-09 |
fedify-dev hollo
fedify-dev hollo
|
CVE NVD | |
| CVE-2025-15315 |
Tanium addressed a local privilege escalation vulnerability in Tanium Module Server.
|
MEDIUM | 6.7 | 2026-02-09 |
Tanium Tanium Module Server
|
CVE NVD | |
| CVE-2025-15316 |
Tanium addressed a local privilege escalation vulnerability in Tanium Server.
|
MEDIUM | 6.7 | 2026-02-09 |
Tanium Tanium Server
|
CVE NVD | |
| CVE-2026-25807 |
Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell
|
HIGH | 8.8 | 2026-02-09 |
TaklaXBR zai-shell
|
CVE NVD | |
| CVE-2025-15317 |
Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server.
|
MEDIUM | 6.5 | 2026-02-09 |
Tanium Tanium Server
|
CVE NVD | |
| CVE-2026-25961 |
SumatraPDF Update MITM -> Arbitrary Code Execution
|
HIGH | 7.5 | 2026-02-09 |
sumatrapdfreader sumatrapdf
|
CVE NVD | |
| CVE-2026-25920 |
SumatraPDF has a heap out-of-bounds read in MOBI HuffDic decompressor
|
MEDIUM | 5.5 | 2026-02-09 |
sumatrapdfreader sumatrapdf
|
CVE NVD | |
| CVE-2026-25918 |
unity-cli Exposes Plaintext Credentials in Debug Logs (sign-package command)
|
MEDIUM | 5.9 | 2026-02-09 |
RageAgainstThePixel unity-cli
|
CVE NVD | |
| CVE-2026-25892 |
Adminer has an Unauthenticated Persistent DoS via Array Injection in ?script=version Endpoint
|
HIGH | 7.5 | 2026-02-09 |
vrana adminer
|
CVE NVD | |
| CVE-2026-25890 |
File Browser has a Path-Based Access Control Bypass via Multiple Leading Slashes in URL
|
HIGH | 8.1 | 2026-02-09 |
filebrowser filebrowser
|
CVE NVD | |
| CVE-2026-25889 |
File Browser has an Authentication Bypass in User Password Update
|
MEDIUM | 5.4 | 2026-02-09 |
filebrowser filebrowser
|
CVE NVD | |
| CVE-2026-25885 |
PolarLearn allows Unauthenticated WebSocket access allows subscribing to and posting in arbitrary group chats
|
CRITICAL | 10.0 | 2026-02-09 |
polarnl PolarLearn
|
CVE NVD | |
| CVE-2026-25881 |
@nyariv/sandboxjs has host prototype pollution from sandbox via array intermediary (sandbox escape)
|
CRITICAL | 9.1 | 2026-02-09 |
nyariv SandboxJS
|
CVE NVD | |
| CVE-2026-25880 |
Untrusted Search Path in SumatraPDF Reader (explorer.exe on Windows)
|
HIGH | 7.8 | 2026-02-09 |
sumatrapdfreader sumatrapdf
|
CVE NVD | |
| CVE-2026-25875 |
PlaciPy Admin Privilege Escalation via Trusted JWT Claims
|
CRITICAL | 9.3 | 2026-02-09 |
Praskla-Technology assessment-placipy
|
CVE NVD | |
| CVE-2026-25814 |
NoSQL Injection Risk via Unsanitized Query Parameters
|
CRITICAL | 9.3 | 2026-02-09 |
Praskla-Technology assessment-placipy
|
CVE NVD | |
| CVE-2026-25813 |
PlaciPy Exposes Sensitive Data via Application Logs
|
HIGH | 8.7 | 2026-02-09 |
Praskla-Technology assessment-placipy
|
CVE NVD | |
| CVE-2026-25812 |
PlaciPy is Missing CSRF Protection on State-Changing Endpoints
|
CRITICAL | 9.3 | 2026-02-09 |
Praskla-Technology assessment-placipy
|
CVE NVD | |
| CVE-2026-25811 |
PlaciPy Email Domain Trust Enables Cross-Tenant Data Access (Multi-Tenant Isolation Failure)
|
MEDIUM | 5.3 | 2026-02-09 |
Praskla-Technology assessment-placipy
|
CVE NVD | |
| CVE-2026-25809 |
PlaciPy Code Execution Allowed Without Assessment Active State Validation
|
MEDIUM | 5.3 | 2026-02-09 |
Praskla-Technology assessment-placipy
|
CVE NVD |