الثغرات / Vulnerabilities
بيانات CVE من NVD مع إثراء KEV من CISA وترجمة عربية. المحتوى أدناه مبني على المصادر الرسمية فقط.
| CVE | الشدة | CVSS | مستغلة فعليًا؟ | تاريخ النشر | ملخص عربي |
|---|---|---|---|---|---|
| CVE-2019-25342 | High | 7,1 | لا | 2026-02-13 | Centova Cast 3.2.12 contains a denial of service vulnerability that allows attackers to overwhelm the system by repeate… |
| CVE-2019-25341 | Medium | 6,7 | لا | 2026-02-13 | iNetTools for iOS 8.20 contains a denial of service vulnerability in the Whois feature that allows attackers to crash t… |
| CVE-2019-25340 | Medium | 6,7 | لا | 2026-02-13 | SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to … |
| CVE-2019-25339 | Medium | 6,7 | لا | 2026-02-13 | GHIA CamIP 1.2 for iOS contains a denial of service vulnerability in the password input field that allows attackers to … |
| CVE-2019-25338 | Medium | 6,9 | لا | 2026-02-13 | DokuWiki 2018-04-22b contains a username enumeration vulnerability in its password reset functionality that allows atta… |
| CVE-2019-25337 | Medium | 5,3 | لا | 2026-02-13 | OwnCloud 8.1.8 contains a username enumeration vulnerability that allows remote attackers to discover user accounts by … |
| CVE-2019-25336 | High | 8,4 | لا | 2026-02-13 | SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows atta… |
| CVE-2019-25335 | High | 8,8 | لا | 2026-02-13 | PRO-7070 Hazır Profesyonel Web Sitesi version 1.0 contains an authentication bypass vulnerability in the administration… |
| CVE-2019-25334 | Medium | 6,7 | لا | 2026-02-13 | Product Key Explorer 4.2.0.0 contains a denial of service vulnerability that allows local attackers to crash the applic… |
| CVE-2019-25333 | High | 8,7 | لا | 2026-02-13 | Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to… |
| CVE-2019-25332 | High | 8,4 | لا | 2026-02-13 | FTP Commander Pro 8.03 contains a local stack overflow vulnerability that allows attackers to execute arbitrary code by… |
| CVE-2019-25331 | High | 8,4 | لا | 2026-02-13 | AVS Audio Converter 9.1 contains a local buffer overflow vulnerability that allows local attackers to overwrite CPU reg… |
| CVE-2019-25330 | Medium | 6,7 | لا | 2026-02-13 | SurfOffline Professional 2.2.0.103 contains a structured exception handler (SEH) overflow vulnerability that allows att… |
| CVE-2019-25329 | Medium | 6,7 | لا | 2026-02-13 | FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwri… |
| CVE-2019-25328 | Medium | 6,7 | لا | 2026-02-13 | XnConvert 1.82 contains a denial of service vulnerability in its registration code input field that allows attackers to… |
| CVE-2019-25327 | High | 8,4 | لا | 2026-02-13 | Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field that allows remote att… |
| CVE-2019-25325 | High | 8,8 | لا | 2026-02-13 | Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticate… |
| CVE-2019-25324 | Medium | 5,1 | لا | 2026-02-13 | RICOH Web Image Monitor 1.09 contains an HTML injection vulnerability in the address configuration CGI script that allo… |
| CVE-2019-25323 | Medium | 5,1 | لا | 2026-02-13 | Heatmiser Netmonitor v3.03 contains an HTML injection vulnerability in the outputSetup.htm page that allows attackers t… |
| CVE-2019-25322 | Critical | 9,3 | لا | 2026-02-13 | Heatmiser Netmonitor 3.03 contains a hardcoded credentials vulnerability in the networkSetup.htm page with predictable … |
| CVE-2019-25321 | High | 8,4 | لا | 2026-02-13 | FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriti… |
| CVE-2019-25320 | High | 8,8 | لا | 2026-02-13 | E Learning Script 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard wit… |
| CVE-2019-25319 | High | 8,4 | لا | 2026-02-13 | Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to execute arbitrary code … |
| CVE-2019-25318 | High | 8,4 | لا | 2026-02-13 | AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code b… |
| CVE-2026-26225 | High | 8,5 | لا | 2026-02-13 | Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones… |
| CVE-2026-26224 | High | 8,5 | لا | 2026-02-13 | Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and applicat… |
| CVE-2026-26185 | Medium | 5,3 | لا | 2026-02-13 | Directus is a real-time API and App dashboard for managing SQL database content. Before 11.14.1, a timing-based user en… |
| CVE-2026-26076 | Medium | 6,9 | لا | 2026-02-13 | ntpd-rs is a full-featured implementation of the Network Time Protocol. Prior to 1.7.1, an attacker can remotely induce… |
| CVE-2026-26075 | Medium | 6,9 | لا | 2026-02-13 | FastGPT is an AI Agent building platform. Due to the fact that FastGPT's web page acquisition nodes, HTTP nodes, etc. n… |
| CVE-2026-26069 | Critical | 9,1 | لا | 2026-02-13 | Scraparr is a Prometheus Exporter for various components of the *arr Suite. From 3.0.0-beta to before 3.0.2, when the R… |
| CVE-2026-26068 | Critical | 9,3 | لا | 2026-02-13 | emp3r0r is a stealth-focused C2 designed by Linux users for Linux environments. Prior to 3.21.1, untrusted agent metada… |
| CVE-2026-26056 | High | 8,8 | لا | 2026-02-13 | Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer. In 0.19.0 and earlier, a vulnerability exists in… |
| CVE-2026-26055 | High | 7,5 | لا | 2026-02-13 | Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer. In 0.19.0 and earlier, a vulnerability exists in… |
| CVE-2026-25828 | Medium | 5,4 | لا | 2026-02-13 | grub-btrfs through 2026-01-31 (on Arch Linux and derivative distributions) allows initramfs OS command injection becaus… |
| CVE-2026-1358 | Critical | 9,8 | لا | 2026-02-13 | Airleader Master versions 6.381 and prior allow for file uploads without restriction to multiple webpages running maxim… |
| CVE-2025-70845 | Medium | 6,1 | لا | 2026-02-13 | lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting (XSS) exists in the /setting/ page where the "intro" field i… |
| CVE-2025-14282 | Medium | 5,4 | لا | 2026-02-13 | A flaw was found in Dropbear. When running in multi-user mode and authenticating users, the dropbear ssh server does th… |
| CVE-2026-26020 | Critical | 9,4 | لا | 2026-02-13 | AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that au… |
| CVE-2026-26011 | Critical | 9,3 | لا | 2026-02-13 | navigation2 is a ROS 2 Navigation Framework and System. In 1.3.11 and earlier, a critical heap out-of-bounds write vuln… |
| CVE-2026-26005 | Medium | 5,0 | لا | 2026-02-13 | ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #45, in Clip Bucket V5, The Remote Play allows… |
| CVE-2026-26000 | Medium | 5,3 | لا | 2026-02-13 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Prior to 17.9.… |
| CVE-2026-25996 | Medium | 6,9 | لا | 2026-02-13 | Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and L… |
| CVE-2026-0619 | Medium | 6,0 | لا | 2026-02-13 | A reachable infinite loop via an integer wraparound is present in Silicon Labs' Matter SDK which allows an attacker to … |
| CVE-2026-25949 | High | 7,5 | لا | 2026-02-12 | Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik manag… |
| CVE-2026-25933 | Medium | 6,8 | لا | 2026-02-12 | Arduino App Lab is a cross-platform IDE for developing Arduino Apps. Prior to 0.4.0, a vulnerability was identified in … |
| CVE-2026-25922 | High | 8,8 | لا | 2026-02-12 | authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source th… |
| CVE-2026-25768 | High | 7,1 | لا | 2026-02-12 | LavinMQ is a high-performance message queue & streaming server. Before 2.6.6, an authenticated user could access metada… |
| CVE-2026-25767 | High | 8,6 | لا | 2026-02-12 | LavinMQ is a high-performance message queue & streaming server. Before 2.6.8, an authenticated user, with the “Policyma… |
| CVE-2026-25748 | High | 8,6 | لا | 2026-02-12 | authentik is an open-source identity provider. Prior to 2025.10.4 and 2025.12.4, with a malformed cookie it was possibl… |
| CVE-2026-25227 | Critical | 9,1 | لا | 2026-02-12 | authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using d… |