CVE-2025-67364 - fast-filesystem-mcp version 3.4.0 contains a critical path traversal vulnerability in its file opera

CVE-2025-66837 - A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execute arbitrary code via

CVE-2025-66786 - OpenAirInterface CN5G AMF<=v2.0.1 There is a logical error when processing JSON format requests. Una

CVE-2025-66686 - A stored Cross-Site Scripting (XSS) vulnerability exists in Perch CMS version 3.2. An authenticated

CVE-2025-65805 - OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Un

CVE-2025-61489 - A command injection vulnerability in the shell_exec function of sonirico mcp-shell v0.3.1 allows att

CVE-2025-4676 - Incorrect Implementation of Authentication Algorithm vulnerability in ABB WebPro SNMP Card PowerValu

CVE-2025-4675 - Improper Check for Unusual or Exceptional Conditions vulnerability in ABB WebPro SNMP Card PowerValu

CVE-2025-12543 - A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Ja

CVE-2026-22542 - An attacker with access to the system's internal network can cause a denial of service on the system

CVE-2026-22541 - The massive sending of ICMP requests causes a denial of service on one of the boards from the EVChar

CVE-2025-66838 - In Aris v10.0.23.0.3587512 and before, the file upload functionality does not enforce any rate limit

CVE-2025-62327 - In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able t

CVE-2026-22540 - The massive sending of ARP requests causes a denial of service on one board of the charger that allo

CVE-2025-49335 - Server-Side Request Forgery (SSRF) vulnerability in minnur External Media external-media allows Serv

CVE-2025-6225 - Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB"

CVE-2025-15479 - Stored cross-site scripting (XSS, CWE-79) in the survey content and administration functionality in

CVE-2025-47552 - Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows Obje

CVE-2025-46494 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-46434 - Missing Authorization vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows

CVE-2025-46256 - Path Traversal: '.../...//' vulnerability in SigmaPlugin Advanced Database Cleaner PRO allows Path T

CVE-2025-32303 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2026-22162 - Rejected reason: Not used

CVE-2026-22161 - Rejected reason: Not used

CVE-2026-22160 - Rejected reason: Not used

CVE-2026-22159 - Rejected reason: Not used

CVE-2026-22158 - Rejected reason: Not used

CVE-2026-22157 - Rejected reason: Not used

CVE-2026-22156 - Rejected reason: Not used

CVE-2026-20893 - Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.

CVE-2026-0656 - The iPaymu Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authenticat

CVE-2026-0650 - OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in t

CVE-2026-0649 - A security vulnerability has been detected in invoiceninja up to 5.12.38. The affected element is th

CVE-2026-0643 - A flaw has been found in projectworlds House Rental and Property Listing 1.0. Impacted is an unknown

CVE-2026-0642 - A vulnerability was detected in projectworlds House Rental and Property Listing 1.0. This issue affe

CVE-2026-0628 - Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an a

CVE-2025-9611 - Microsoft Playwright MCP Server versions prior to 0.0.40 fails to validate the Origin header on inco

CVE-2025-69344 - Missing Authorization vulnerability in themehunk Oneline Lite oneline-lite allows Exploiting Incorre

CVE-2025-69333 - Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly

CVE-2025-69082 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69081 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69080 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-68637 - The Uniffle HTTP client is configured to trust all SSL certificates and disables hostname verificat

CVE-2025-47396 - Memory corruption occurs when a secure application is launched on a device with insufficient memory.

CVE-2025-47395 - Transient DOS while parsing a WLAN management frame with a Vendor Specific Information Element.

CVE-2025-47394 - Memory corruption when copying overlapping buffers during memory operations due to incorrect offset

CVE-2025-47393 - Memory corruption when accessing resources in kernel driver.

CVE-2025-47388 - Memory corruption while passing pages to DSP with an unaligned starting address.

CVE-2025-47380 - Memory corruption while preprocessing IOCTLs in sensors.

CVE-2025-47369 - Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL

CVE-2025-47356 - Memory Corruption when multiple threads concurrently access and modify shared resources.

CVE-2025-47348 - Memory corruption while processing identity credential operations in the trusted application.

CVE-2025-47346 - Memory corruption while processing a secure logging command in the trusted application.

CVE-2025-47345 - Cryptographic issue may occur while encrypting license data.

CVE-2025-47344 - Memory corruption while handling sensor utility operations.

CVE-2025-47343 - Memory corruption while processing a video session to set video parameters.

CVE-2025-47339 - Memory corruption while deinitializing a HDCP session.

CVE-2025-47337 - Memory corruption while accessing a synchronization object during concurrent operations.

CVE-2025-47336 - Memory corruption while performing sensor register read operations.

CVE-2025-47335 - Memory corruption while parsing clock configuration data for a specific hardware type.

CVE-2025-47334 - Memory corruption while processing shared command buffer packet between camera userspace and kernel.

CVE-2025-47333 - Memory corruption while handling buffer mapping operations in the cryptographic driver.

CVE-2025-47332 - Memory corruption while processing a config call from userspace.

CVE-2025-47331 - Information disclosure while processing a firmware event.

CVE-2025-47330 - Transient DOS while parsing video packets received from the video firmware.

CVE-2025-32300 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-31964 - Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2

CVE-2025-31963 - Improper authentication and missing CSRF protection in the local setup interface component in HCL Bi

CVE-2025-31962 - Insufficient session expiration in the Web UI authentication component in HCL BigFix IVR version 4.2

CVE-2025-31643 - Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.Th

CVE-2025-15474 - AuntyFey Smart Combination Lock firmware versions as of 2025-12-24 contain a vulnerability that allo

CVE-2025-15472 - A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL  of the

CVE-2025-15158 - The WP Enable WebP plugin for WordPress is vulnerable to arbitrary file uploads due to improper file

CVE-2025-15058 - The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via t

CVE-2025-15018 - The Optional Email plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover i

CVE-2025-15000 - The Page Keys plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘page_key’ p

CVE-2025-14999 - The Latest Tabs plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up

CVE-2025-14904 - The Newsletter Email Subscribe plugin for WordPress is vulnerable to Cross-Site Request Forgery in v

CVE-2025-14901 - The Bit Form – Contact Form Plugin plugin for WordPress is vulnerable to unauthorized workflow execu

CVE-2025-14891 - The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripti

CVE-2025-14888 - The Simple User Meta Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via th

CVE-2025-14887 - The twinklesmtp – Email Service Provider For WordPress plugin for WordPress is vulnerable to Stored

CVE-2025-14875 - The HBLPAY Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Sit

CVE-2025-14867 - The Flashcard plugin for WordPress is vulnerable to Path Traversal in all versions up to, and includ

CVE-2025-14845 - The NS IE Compatibility Fixer plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF

CVE-2025-14842 - The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to limite

CVE-2025-14835 - The WP Photo Album Plus plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the

CVE-2025-14804 - The Frontend File Manager Plugin WordPress plugin before 23.5 did not validate a path parameter and

CVE-2025-14802 - The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to unauthorized file deletion in v

CVE-2025-14796 - The My Album Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image tit

CVE-2025-14792 - The Key Figures plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kf_field_f

CVE-2025-14719 - The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do

CVE-2025-14631 - A NULL Pointer Dereference vulnerability in TP-Link Archer BE400 V1(802.11 modules) allows  an adja

CVE-2025-14626 - The QR Code for WooCommerce order emails, PDF invoices, packing slips plugin for WordPress is vulner

CVE-2025-14625 - Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II

CVE-2025-14614 - Insecure Temporary File vulnerability in Altera Quartus Prime Standard  Installer (SFX) on Window

CVE-2025-14468 - The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site Request F

CVE-2025-14465 - The Sticky Action Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all ve

CVE-2025-14460 - The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to unauthorized orde

CVE-2025-14453 - The My Album Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'styl

CVE-2025-14370 - The Quote Comments plugin for WordPress is vulnerable to Missing Authorization in all versions up to

CVE-2025-14352 - The Awesome Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data du

CVE-2025-14147 - The Easy GitHub Gist Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi

CVE-2025-14145 - The Niche Hero | Beautifully-designed blocks in seconds plugin for WordPress is vulnerable to Stored

CVE-2025-14144 - The Mstoic Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sta

CVE-2025-14131 - The WP Widget Changer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `

CVE-2025-14130 - The Post Like Dislike plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `

CVE-2025-14128 - The Stumble! for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via

CVE-2025-14127 - The Testimonial Master plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the

CVE-2025-14122 - The AD Sliding FAQ plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slidin

CVE-2025-14121 - The EDD Download Info plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'edd

CVE-2025-14118 - The Starred Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the PHP_

CVE-2025-14114 - The 1180px Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cla

CVE-2025-14113 - The Viitor Button Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via t

CVE-2025-14112 - The Snillrik Restaurant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'm

CVE-2025-14110 - The WP Js List Pages Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi

CVE-2025-14109 - The AH Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'column'

CVE-2025-14077 - The Simcast plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,

CVE-2025-14070 - The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missi

CVE-2025-14059 - The EmailKit plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in all ver

CVE-2025-14057 - The Multi-column Tag Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin

CVE-2025-14053 - The Wish To Go plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode attri

CVE-2025-14028 - The Contact Us Simple Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via adm

CVE-2025-13990 - The Mamurjor Employee Info plugin for WordPress is vulnerable to Cross-Site Request Forgery in all v

CVE-2025-13974 - The Email Customizer for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripti

CVE-2025-13887 - The AI BotKit – AI Chatbot & Live Support for WordPress plugin for WordPress is vulnerable to Stored

CVE-2025-13849 - The Cool YT Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'videoi

CVE-2025-13848 - The STM Gallery 1.9 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'compo

CVE-2025-13847 - The PhotoFade plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'time' param

CVE-2025-13841 - The Smart App Banners plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'siz

CVE-2025-13801 - The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and in

CVE-2025-13722 - The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin fo

CVE-2025-13694 - The AA Block Country plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, an

CVE-2025-13667 - The WP Recipe Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Ski

CVE-2025-13657 - The HelpDesk contact form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all ve

CVE-2025-13531 - The Stylish Order Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via

CVE-2025-13529 - The Unify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing c

CVE-2025-13527 - The xShare plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, a

CVE-2025-13521 - The WP Status Notifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versi

CVE-2025-13520 - The MTCaptcha WordPress Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all vers

CVE-2025-13519 - The SVG Map Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions

CVE-2025-13497 - The Recras WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'recr

CVE-2025-13496 - The Moosend Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data du

CVE-2025-13493 - The Latest Registered Users plugin for WordPress is vulnerable to unauthorized user data export in a

CVE-2025-13419 - The Guest posting / Frontend Posting / Front Editor – WP Front User Submit plugin for WordPress is v

CVE-2025-13418 - The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via t

CVE-2025-13371 - The MoneySpace plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions

CVE-2025-13369 - The Premmerce WooCommerce Customers Manager plugin for WordPress is vulnerable to Reflected Cross-Si

CVE-2025-12958 - The Rankology SEO and Analytics Tool plugin for WordPress is vulnerable to unauthorized modification

CVE-2025-12648 - The WP-Members Membership Plugin for WordPress is vulnerable to unauthorized file access in versions

CVE-2025-12540 - The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to Sensitive Informa

CVE-2025-12449 - The aBlocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modifica

CVE-2025-12030 - The ACF to REST API plugin for WordPress is vulnerable to Insecure Direct Object Reference in all ve

CVE-2025-11877 - The User Activity Log plugin is vulnerable to a limited options update in versions up to, and includ

CVE-2025-11235 - Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows (REST API modules).T

CVE-2025-0980 - Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the

CVE-2024-14020 - A weakness has been identified in carboneio carbone up to fbcd349077ad0e8748be73eab2a82ea92b6f8a7e.

CVE-2025-31642 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-31051 - Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EngoThem

CVE-2025-15471 - A vulnerability was detected in TRENDnet TEW-713RE 1.02. The impacted element is an unknown function

CVE-2025-14612 - Insecure Temporary File vulnerability in Altera Quartus Prime Pro  Installer (SFX) on Windows all

CVE-2025-14605 - Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Consol

CVE-2025-14599 - Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX) o

CVE-2025-14596 - Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Wi

CVE-2026-21492 - iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and appli

CVE-2025-30996 - Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress

CVE-2025-30631 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-29004 - Incorrect Privilege Assignment vulnerability in AA-Team Premium Age Verification / Restriction for W

CVE-2025-13744 - An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHu

CVE-2025-7048 - On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can c

CVE-2023-5069 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2026-21494 - iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and appli

CVE-2026-21491 - iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and appli

CVE-2026-21490 - iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and appli

CVE-2026-0641 - A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112_B20190227. This vulnerabilit

CVE-2025-32304 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-15382 - A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An auth

CVE-2025-14942 - wolfSSH’s key exchange state machine can be manipulated to leak the client’s password in the clear,

CVE-2025-69364 - Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configu

CVE-2025-69363 - Missing Authorization vulnerability in CyberChimps Responsive Addons for Elementor responsive-addons

CVE-2025-69362 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69361 - Missing Authorization vulnerability in PublishPress Post Expirator post-expirator allows Exploiting

CVE-2025-69360 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69359 - Missing Authorization vulnerability in WPFunnels Creator LMS creatorlms allows Exploiting Incorrectl

CVE-2025-69357 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69356 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69355 - Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploit

CVE-2025-69354 - Missing Authorization vulnerability in BBR Plugins Better Business Reviews better-business-reviews a

CVE-2025-69353 - Missing Authorization vulnerability in Proxy &amp; VPN Blocker Proxy &amp; VPN Blocker proxy-vpn-blo

CVE-2025-69352 - Missing Authorization vulnerability in StellarWP The Events Calendar the-events-calendar allows Expl

CVE-2025-69351 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2025-69350 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69349 - Missing Authorization vulnerability in Fahad Mahmood RSS Feed Widget rss-feed-widget allows Exploiti

CVE-2025-69348 - Missing Authorization vulnerability in CoolHappy The Events Calendar Countdown Addon countdown-for-t

CVE-2025-69346 - Missing Authorization vulnerability in WPCenter AffiliateX affiliatex allows Exploiting Incorrectly

CVE-2025-69345 - Missing Authorization vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-buil

CVE-2025-69342 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69341 - Missing Authorization vulnerability in BuddhaThemes WeDesignTech Ultimate Booking Addon wedesigntech

CVE-2025-69336 - Missing Authorization vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-k

CVE-2025-69335 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69334 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69331 - Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting

CVE-2025-69327 - Missing Authorization vulnerability in magepeopleteam Car Rental Manager car-rental-manager allows E

CVE-2025-69086 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69085 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69084 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69083 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-63083 - Lack of output escaping leads to a XSS vector in the pagebreak plugin.

CVE-2025-63082 - Lack of input filtering leads to an XSS vector in the HTML filter code related to data URLs in img t

CVE-2025-60534 - Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an

CVE-2025-47553 - Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows Obje

CVE-2025-39477 - Missing Authorization vulnerability in Sfwebservice InWave Jobs allows Exploiting Incorrectly Config

CVE-2025-36589 - Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML External

CVE-2024-31088 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab

CVE-2024-30547 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab

CVE-2026-0640 - A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the fi

CVE-2025-65212 - An issue was discovered in NJHYST HY511 POE core before 2.1 and plugins before 0.1. The vulnerabilit

CVE-2025-60262 - An issue in H3C M102G HM1A0V200R010 wireless controller and BA1500L SWBA1A0V100R006 wireless access

CVE-2025-59379 - DwyerOmega Isensix Advanced Remote Monitoring System (ARMS) 1.5.7 allows an attacker to retrieve sen

CVE-2025-14979 - AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to esca

CVE-2020-36925 - Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID co

CVE-2020-36924 - Sony BRAVIA Digital Signage 1.7.8 contains a remote file inclusion vulnerability that allows attacke

CVE-2020-36923 - Sony BRAVIA Digital Signage 1.7.8 contains an insecure direct object reference vulnerability that al

CVE-2020-36922 - Sony BRAVIA Digital Signage 1.7.8 contains an information disclosure vulnerability that allows unaut

CVE-2020-36921 - RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allow

CVE-2020-36920 - iDS6 DSSPro Digital Signage System 6.2 contains an improper access control vulnerability that allows

CVE-2020-36918 - iDS6 DSSPro Digital Signage System 6.2 contains a cross-site request forgery vulnerability that allo

CVE-2020-36917 - iDS6 DSSPro Digital Signage System 6.2 contains a sensitive information disclosure vulnerability tha

CVE-2020-36916 - TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows

CVE-2020-36915 - Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentia

CVE-2020-36914 - QiHang Media Web Digital Signage 3.0.9 contains a sensitive information disclosure vulnerability tha

CVE-2020-36913 - All-Dynamics Software enlogic:show 2.0.2 contains a session fixation vulnerability that allows attac

CVE-2020-36912 - Plexus anblick Digital Signage Management 3.1.13 contains an open redirect vulnerability in the 'Pan

CVE-2020-36910 - Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in s

CVE-2020-36909 - SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authe

CVE-2020-36908 - SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability

CVE-2020-36907 - Aerohive HiveOS contains a denial of service vulnerability in the NetConfig UI that allows unauthent

CVE-2020-36906 - P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerability that allows attac

CVE-2020-36905 - FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented p

CVE-2026-21493 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2025-46696 - Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, c

CVE-2025-14026 - Forcepoint One DLP Client, version 23.04.5642 (and possibly newer versions), includes a restricted v

CVE-2026-21489 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2026-21488 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2025-9637 - The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to

CVE-2025-9318 - The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to

CVE-2025-14552 - The MediaPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mp

CVE-2025-9294 - The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to

CVE-2025-5919 - The Appointment Booking and Scheduling Calendar Plugin – WP Timetics plugin for WordPress is vulnera

CVE-2025-13964 - The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized modificatio