Search

Found 49,597 results in 2032ms · Match type: Filtered list

CVE	Severity	CVSS	Risk	Flags	OS	Vendor	Published	Description
CVE-2026-6495	high	7.1	7.1				20d ago	The Ajax Load More WordPress plugin before 7.8.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used again…
CVE-2026-6381	high	7.5	7.5				20d ago	The WP Maps WordPress plugin before 4.9.3 does not properly sanitize a parameter before using it in a file path, allowing authenticated users to perform Local File Inclusion attacks.
CVE-2026-6379	high	8.6	8.6				20d ago	The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection at…
CVE-2026-3220	high	8.8	8.8				20d ago	The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Script…
CVE-2026-8785	high	7.3	7.3				20d ago	A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file update_info.php of the component GET Param…
CVE-2026-8776	high	8.8	8.8				20d ago	A vulnerability has been found in Edimax BR-6428NS 1.10. This vulnerability affects the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Such manipulati…
CVE-2026-8775	high	8.8	8.8				20d ago	A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TP…
CVE-2026-8771	high	7.3	7.3				20d ago	org.linlinjava:litemall-wx-api has an Injection issue
CVE-2026-45363	high	—	8.0				20d ago	ruby-jwt: Empty-key HMAC bypass; cross-language sibling of CVE-2026-44351
CVE-2026-42945	high	8.1	8.1	FIX	rhel sles debian		20d ago	RHSA-2026:18041: nginx:1.24 security update (Critical)
CVE-2026-41316	high	8.1	8.1	FIX	rhel sles debian	google	20d ago	Important: ruby:4.0 security update
CVE-2026-33416	high	—	8.0	FIX	rhel debian sles		20d ago	Important: thunderbird security update
CVE-2026-8768	high	7.3	7.3			vercel	20d ago	A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils.…
CVE-2026-8767	high	7.5	7.5			vercel	20d ago	A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manip…
CVE-2026-8764	high	7.2	7.2				20d ago	A security vulnerability has been detected in H3C Magic B3 up to 100R002. This affects the function UpdateWanParams of the file /goform/aspForm. Such manipulation of the argument param leads to buffe…
CVE-2026-46720	high	8.2	8.2				20d ago	Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources c…
CVE-2026-8759	high	7.3	7.3				20d ago	Beetl's SpELFunction extension function has an expression injection risk
CVE-2026-8758	high	7.3	7.3				20d ago	A vulnerability was determined in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This impacts an unknown function of the file /common/jsp/upload3.jsp. Executing a manipulation of the argument File can lea…
CVE-2026-8756	high	7.3	7.3				20d ago	A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generate_config of the file webui_preprocess.py of the comp…
CVE-2026-8755	high	7.3	7.3				20d ago	A flaw has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The affected element is the function _get_all_models of the file hiyoriUI.py of the component Model Handl…
CVE-2018-25339	high	8.2	8.2				20d ago	Zechat 1.5 contains a SQL injection vulnerability in the v parameter that allows unauthenticated attackers to extract database information using time-based blind techniques. Attackers can exploit the…
CVE-2018-25338	high	8.2	8.2				20d ago	Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers can exploit th…
CVE-2018-25333	high	8.2	8.2				20d ago	Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the …
CVE-2018-25330	high	8.2	8.2				20d ago	Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. At…
CVE-2018-25329	high	7.5	7.5				20d ago	WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attack…
CVE-2018-25328	high	8.4	8.4				20d ago	VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craf…
CVE-2018-25326	high	7.5	7.5				20d ago	Google Drive for WordPress 2.2 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by injecting directory traversal sequences in the file_name parame…
CVE-2018-25325	high	7.5	7.5				20d ago	Woocommerce CSV Importer 3.3.6 contains a path traversal vulnerability that allows any registered user to delete arbitrary files by submitting unescaped filenames through the delete_export_file AJAX …
CVE-2018-25323	high	8.4	8.4				20d ago	Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payl…
CVE-2018-25322	high	8.4	8.4				20d ago	Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can…
CVE-2018-25319	high	7.1	7.1				20d ago	Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myevents_id parameter. Att…
CVE-2026-8750	high	7.5	7.5			h2o	20d ago	A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFi…
CVE-2026-8734	high	7.3	7.3				21d ago	A vulnerability was determined in Oinone Pamirs up to 7.2.0. Affected by this issue is the function RSQLToSQLNodeConnector.makeVariable of the component queryListByWrapper Interface. This manipulatio…
CVE-2026-8719	high	8.8	8.8				21d ago	The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPress is vulnerable to Privilege Escalation in version 3.4.9. This is due to missing WordPress capability enforcement in t…
CVE-2026-8725	high	7.3	7.3				21d ago	A weakness has been identified in CoreWorxLab CAAL up to 1.6.0. The affected element is an unknown function of the file src/caal/webhooks.py of the component test-hass Endpoint. This manipulation cau…
CVE-2026-8724	high	7.2	7.2			dataease	21d ago	A security flaw has been discovered in Dataease 2.10.20. Impacted is the function SqlparserUtils.transFilter of the file SqlparserUtils.java of the component Data Dashboard. The manipulation results …
CVE-2026-46728	high	8.2	8.2		sles debian		21d ago	Das U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted from a hash.
CVE-2021-47980	high	7.1	7.1				21d ago	Fuel CMS 1.4.13 contains a blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'col' parameter in the Activity Log i…
CVE-2021-47979	high	8.8	8.8				21d ago	WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers …
CVE-2021-47977	high	7.5	7.5				21d ago	WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the f…
CVE-2021-47976	high	8.8	8.8				21d ago	TextPattern CMS 4.9.0-dev contains a remote code execution vulnerability that allows authenticated attackers to upload arbitrary PHP files by exploiting the plugin upload functionality. Attackers can…
CVE-2021-47975	high	7.2	7.2				21d ago	WP Learn Manager 1.1.2 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the `fieldtitle` parameter. Attackers can submit …
CVE-2021-47974	high	7.8	7.8				21d ago	VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place ma…
CVE-2021-47973	high	7.5	7.5				21d ago	Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can gener…
CVE-2021-47972	high	7.5	7.5				21d ago	Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can p…
CVE-2021-47971	high	7.5	7.5				21d ago	My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a pa…
CVE-2021-47970	high	7.5	7.5				21d ago	Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload…
CVE-2021-47969	high	7.5	7.5				21d ago	Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payl…
CVE-2021-47956	high	8.2	8.2				21d ago	EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname parameter. Attackers…
CVE-2021-47954	high	8.2	8.2				21d ago	LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send…
CVE-2021-47942	high	7.5	7.5			hacs	21d ago	Home Assistant Community Store (HACS) prior to 1.10.0 contains a path traversal vulnerability that allows unauthenticated attackers to read sensitive files by traversing directories via the /hacsfile…
CVE-2020-37247	high	7.8	7.8				21d ago	Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers …
CVE-2020-37245	high	7.5	7.5				21d ago	Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field that allows attackers to access files outside the web root by injecting directory traversal sequ…
CVE-2020-37244	high	8.2	8.2				21d ago	Supsystic Membership 1.4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'search' and 'sidx' p…
CVE-2020-37243	high	8.2	8.2				21d ago	Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl acti…
CVE-2020-37242	high	8.2	8.2				21d ago	Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'sidx' GET parame…
CVE-2020-37232	high	7.8	7.8				21d ago	Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Atta…
CVE-2020-37231	high	7.8	7.8				21d ago	Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Atta…
CVE-2020-37230	high	7.8	7.8				21d ago	Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allows local attackers to escalate privileges by exploiting the unquoted binary path…
CVE-2020-37229	high	7.8	7.8				21d ago	OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unqu…
CVE-2020-37227	high	8.8	8.8				21d ago	HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can…
CVE-2026-8657	high	8.2	8.2				22d ago	Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Prototype Pollution via the jsondiffpatch.patch() and jsondiffpatch/formatters/jsonpatch.patch() APIs. An attacker can perform pro…
CVE-2026-8700	high	7.3	7.3	FIX	debian		22d ago	Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
CVE-2026-45665	high	8.1	8.1			openwebui	22d ago	Open WebUI has Stored XSS in Banner Component via Improper Sanitization Order
CVE-2026-45315	high	8.7	8.7			openwebui	22d ago	Open WebUI has stored XSS via attacker-controlled file extension in /api/v1/audio/transcriptions
CVE-2026-45301	high	8.1	8.1			openwebui	22d ago	Open WebUI: Missing permission check in files API allows authenticated users to list, access and delete every uploaded file
CVE-2026-44570	high	8.3	8.3			openwebui	22d ago	Open WebUI has inconsistent authorization controls within memories API
CVE-2026-44569	high	7.1	7.1			openwebui	22d ago	Open WebUI's Insecure Message Access Breaks Authorization
CVE-2026-44565	high	8.1	8.1			openwebui	22d ago	Open WebUI Arbitrary File Write, Delete via Path Traversal
CVE-2026-44549	high	8.7	8.7			openwebui	22d ago	Open WebUI has stored XSS in Excel file preview
CVE-2026-46367	high	7.6	7.6				22d ago	phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl() that allows authenticated users to inject JavaScript via malformed URLs in comments. Attackers can craf…
CVE-2026-45402	high	8.1	8.1			openwebui	22d ago	Open WebUI: Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints
CVE-2026-45401	high	8.5	8.5			openwebui	22d ago	Open WebUI has a SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints (not addressed by CVE-2025-65958)
CVE-2026-45400	high	8.5	8.5			openwebui	22d ago	Open WebUI has a Server-Side Request Forgery (SSRF) bypass in `validate_url`
CVE-2026-45395	high	7.2	7.2			openwebui	22d ago	Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution
CVE-2026-44721	high	7.3	7.3			openwebui	22d ago	open-webui Vulnerable to Stored XSS via Model Description
CVE-2026-45675	high	8.1	8.1			openwebui	22d ago	Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts
CVE-2026-45399	high	7.1	7.1			openwebui	22d ago	Open WebUI: Low-privilege authenticated users can enumerate and stop global background tasks, causing system-wide chat disruption
CVE-2026-45349	high	7.1	7.1			openwebui	22d ago	Open WebUI has Broken Access Control for Completions API
CVE-2026-44556	high	7.1	7.1			openwebui	22d ago	Open WebUI's responses passthrough endpoint lacks access control authorization
CVE-2026-44555	high	7.6	7.6			openwebui	22d ago	Open WebUI's Base Model Routing Bypasses Access Control via Model Chaining
CVE-2026-44554	high	8.1	8.1			openwebui	22d ago	Open WebUI has Knowledge Base Destruction and RAG Poisoning via Unauthorized Collection Overwrite
CVE-2026-46408	high	7.6	7.6				22d ago	Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the checkout endpoint accepts a user-controlled cart_id and uses it to enter …
CVE-2026-46407	high	8.1	8.1				22d ago	Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the backend admin/auth-token endpoint allows an authenticated administrator t…
CVE-2026-46366	high	7.5	7.5				22d ago	phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId() method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted …
CVE-2026-46359	high	7.5	7.5				22d ago	phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attac…
CVE-2026-44826	high	7.5	7.5				22d ago	Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-ad…
CVE-2021-47966	high	8.2	8.2				22d ago	PHP Timeclock 1.04 contains time-based and boolean-based blind SQL injection vulnerabilities in the login_userid parameter of login.php that allows unauthenticated attackers to extract database conte…
CVE-2021-47964	high	8.8	8.8				22d ago	Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious extension packages through the block manager…
CVE-2021-47963	high	7.2	7.2				22d ago	Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to execute arbitrary code by injecting malicious payloads into markdown files stored within the application. A…
CVE-2021-47959	high	7.5	7.5				22d ago	WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows unauthenticated attackers to exhaust server resources by sending batched GraphQL queries with duplicated fields…
CVE-2026-45578	high	8.8	8.8			wwbn	22d ago	WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a classic shell-metacharacter injection. The YPTSocket notification branch in plugin/Live/on_publish.php builds an execAsyn…
CVE-2026-46474	high	7.5	7.5				22d ago	Trog::TOTP versions before 1.006 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
CVE-2026-46491	high	—	8.0				22d ago	SimpleSAMLphp casserver FileSystemTicketStore path traversal allows out-of-ticket-directory read/unserialize and conditional deletion
CVE-2026-44692	high	—	8.0				22d ago	Authenticated Sharp users can download unrelated Laravel Storage objects through the generic download endpoint
CVE-2026-45364	high	7.3	7.3				22d ago	Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it rece…
CVE-2026-45539	high	7.4	7.4				22d ago	Microsoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree
CVE-2026-45038	high	7.8	7.8			tabby	22d ago	Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code …
CVE-2026-45037	high	7.1	7.1			tabby	22d ago	Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.232, Tabby's terminal linkifier passes any detected URI directly to the operating system's protocol handler without …
CVE-2026-45036	high	7.0	7.0			tabby	22d ago	Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without us…