Vulnerabilites CVE

Base de donnees CVE enrichie avec CISA KEV et NVD

Total: 326,374 CVEs

CVE ID	CVSS	Severite	KEV	Publie
CVE-2025-67480 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43....	N/A	NONE	—	2/3/2026
CVE-2025-67479 Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. ...	N/A	NONE	—	2/3/2026
CVE-2025-67478 Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1.	N/A	NONE	—	2/3/2026
CVE-2025-67477 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resourc...	N/A	NONE	—	2/3/2026
CVE-2025-67476 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter.Php. This issue affects MediaWiki: from * before 1.4...	N/A	NONE	—	2/3/2026
CVE-2025-67475 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files include...	N/A	NONE	—	2/3/2026
CVE-2025-61658 Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from * before ...	N/A	NONE	—	2/3/2026
CVE-2025-61657 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/...	N/A	NONE	—	2/3/2026
CVE-2025-61656 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/...	N/A	NONE	—	2/3/2026
CVE-2025-61655 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files incl...	N/A	NONE	—	2/3/2026
CVE-2025-61654 Vulnerability in Wikimedia Foundation Thanks. This vulnerability is associated with program files includes/ThanksQueryHelper.Php. This issue affects Thanks: from * before 1.43.4, 1.44.1.	N/A	NONE	—	2/3/2026
CVE-2025-61653 Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php. This issue affects TextExtracts: from * before 1.39.14, 1.43.4, ...	N/A	NONE	—	2/3/2026
CVE-2025-61652 Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from * before 1.43.4, 1.44.1.	N/A	NONE	—	2/3/2026
CVE-2025-61651 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules...	N/A	NONE	—	2/3/2026
CVE-2025-58383 A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind command, to escalate privileges and bypass security controls allowing the execu...	7.2	HIGH	—	2/3/2026
CVE-2025-58382 A vulnerability in the secure configuration of authentication and management services in Brocade Fabric OS before Fabric OS 9.2.1c2 could allow an authenticated, remote attacker with administrative ...	7.2	HIGH	—	2/3/2026
CVE-2025-58379 Brocade Fabric OS before 9.2.1 has a vulnerability that could allow a local authenticated attacker to reveal command line passwords using commands that may expose higher privilege sensitive informatio...	5.5	MEDIUM	—	2/3/2026
CVE-2025-12774 A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. An attacker with access to Brocade SANnav supp...	7.5	HIGH	—	2/3/2026
CVE-2025-61650 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Ser...	N/A	NONE	—	2/3/2026
CVE-2025-61649 Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from 7cedd58781d261f1...	N/A	NONE	—	2/3/2026
CVE-2025-61648 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules...	N/A	NONE	—	2/3/2026
CVE-2025-61646 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php. This issue affects MediaWiki: from * before 1.39.1...	5.4	MEDIUM	—	2/3/2026
CVE-2025-61645 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files include...	6.1	MEDIUM	—	2/3/2026
CVE-2025-15556 Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verif...	7.5	HIGH	KEV	2/3/2026
CVE-2025-12773 A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of SANnav database password in the system audit logs. The vulnerability c...	6.5	MEDIUM	—	2/3/2026
CVE-2025-11261 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resourc...	6.1	MEDIUM	—	2/3/2026
CVE-2025-11173 Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from * before 1.39.14, 1.43.4, 1.44.1.	N/A	NONE	—	2/3/2026
CVE-2025-61647 Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831...	N/A	NONE	—	2/3/2026
CVE-2025-61644 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resourc...	N/A	NONE	—	2/3/2026
CVE-2025-61643 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchanges/RecentChangeRCFeedNotifier.Php. This issue affects MediaWiki: from * before...	6.1	MEDIUM	—	2/3/2026
CVE-2025-61642 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files include...	6.1	MEDIUM	—	2/3/2026
CVE-2025-61641 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQueryAllPages.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1....	6.1	MEDIUM	—	2/3/2026
CVE-2025-61640 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resourc...	4.8	MEDIUM	—	2/3/2026
CVE-2025-61639 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, inc...	4.8	MEDIUM	—	2/3/2026
CVE-2025-61638 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associa...	4.8	MEDIUM	—	2/3/2026
CVE-2025-61637 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resourc...	4.8	MEDIUM	—	2/3/2026
CVE-2025-61636 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files include...	4.8	MEDIUM	—	2/3/2026
CVE-2025-61635 Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php. This issue affects ConfirmEdit: *.	N/A	NONE	—	2/3/2026
CVE-2025-61634 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from * before 1.39.14, 1....	3.1	LOW	—	2/3/2026
CVE-2026-25228 Signal K Server is a server application that runs on a central hub in a boat. Prior to 2.20.3, a path traversal vulnerability in SignalK Server's applicationData API allows authenticated users on Wind...	5.0	MEDIUM	—	2/2/2026
CVE-2026-25222 PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, a timing attack vulnerability in the sign-in process allows unauthenticated attackers to determine if a specific ...	7.5	HIGH	—	2/2/2026
CVE-2026-25221 PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forg...	8.1	HIGH	—	2/2/2026
CVE-2026-25144 Talishar is a fan-made Flesh and Blood project. A Stored XSS exists in the chat in-game system. The playerID parameter in SubmitChat.php and is saved without sanitization and executed whenever a user ...	5.3	MEDIUM	—	2/2/2026
CVE-2026-25142 SandboxJS is a JavaScript sandboxing library. Prior to 0.8.27, SanboxJS does not properly restrict __lookupGetter__ which can be used to obtain prototypes, which can be used for escaping the sandbox /...	10.0	CRITICAL	—	2/2/2026
CVE-2026-25137 The NixOs Odoo package is an open source ERP and CRM system. From 21.11 to before 25.11 and 26.05, every NixOS based Odoo setup publicly exposes the database manager without any authentication. This a...	9.1	CRITICAL	—	2/2/2026
CVE-2026-25134 Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5, the MaintenanceController exposes an action zipLanguage which takes a lang par...	8.8	HIGH	—	2/2/2026
CVE-2026-25060 OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, certificate verification is disabled by default for all storage driver communications. The TlsInsecureSkipVerify setting is default t...	8.1	HIGH	—	2/2/2026
CVE-2026-25059 OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, the application contains path traversal vulnerability in multiple file operation handlers in server/handles/fsmanage.go. Filename com...	8.8	HIGH	—	2/2/2026
CVE-2026-24763 OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices. Prior to 2026.1.29, a command injection vulnerability existed in OpenClaw’s Docker sandbox execution mechanism due...	8.8	HIGH	—	2/2/2026
CVE-2026-24737 jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript action...	8.1	HIGH	—	2/2/2026

Page 190 de 6528

Precedent Suivant

This product uses data from the NVD API but is not endorsed or certified by the NVD.