Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14634 | 6 Canonical, F5, Linux and 3 more | 35 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 32 more | 2026-01-27 | N/A |
| An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable. | ||||
| CVE-2012-2571 | 1 Winwebmail | 1 Winwebmail Server | 2026-01-27 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS expression property in the STYLE attribute of an arbitrary element, (4) a crafted SRC attribute of an IFRAME element, or (5) UTF-7 text in an HTTP-EQUIV="CONTENT-TYPE" META element. | ||||
| CVE-2025-62056 | 1 Wordpress | 1 Wordpress | 2026-01-27 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes News Event news-event.This issue affects News Event: from n/a through <= 1.0.1. | ||||
| CVE-2023-43944 | 1 Oretnom23 | 1 Task Management System | 2026-01-27 | 5.4 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list. | ||||
| CVE-2025-62050 | 1 Wordpress | 1 Wordpress | 2026-01-27 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic.This issue affects Blogmatic: from n/a through <= 1.0.3. | ||||
| CVE-2025-50004 | 2 Artbees, Wordpress | 2 Jupiter X Core, Wordpress | 2026-01-27 | 8.5 High |
| Deserialization of Untrusted Data vulnerability in artbees JupiterX Core jupiterx-core allows Object Injection.This issue affects JupiterX Core: from n/a through <= 4.10.1. | ||||
| CVE-2025-49050 | 1 Wordpress | 1 Wordpress | 2026-01-27 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through <= 2.5. | ||||
| CVE-2025-49049 | 1 Wordpress | 1 Wordpress | 2026-01-27 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ZoomIt DZS Video Gallery dzs-videogallery allows SQL Injection.This issue affects DZS Video Gallery: from n/a through <= 12.37. | ||||
| CVE-2025-58898 | 2 Ancorathemes, Wordpress | 2 Healthhub, Wordpress | 2026-01-27 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes HealthHub healthhub allows PHP Local File Inclusion.This issue affects HealthHub: from n/a through <= 1.3.0. | ||||
| CVE-2025-58929 | 2 Axiomthemes, Wordpress | 2 Pantry, Wordpress | 2026-01-27 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Pantry pantry allows PHP Local File Inclusion.This issue affects Pantry: from n/a through <= 1.4. | ||||
| CVE-2025-58930 | 2 Axiomthemes, Wordpress | 2 Fitflex, Wordpress | 2026-01-27 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes FitFlex fitflex allows PHP Local File Inclusion.This issue affects FitFlex: from n/a through <= 1.6. | ||||
| CVE-2025-58931 | 2 Axiomthemes, Wordpress | 2 Palatio, Wordpress | 2026-01-27 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Palatio palatio allows PHP Local File Inclusion.This issue affects Palatio: from n/a through <= 1.6. | ||||
| CVE-2025-58932 | 2 Axiomthemes, Wordpress | 2 Prisma, Wordpress | 2026-01-27 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Prisma prisma allows PHP Local File Inclusion.This issue affects Prisma: from n/a through <= 1.10. | ||||
| CVE-2025-58938 | 2 Themeatelier, Wordpress | 2 Idonate, Wordpress | 2026-01-27 | 7.6 High |
| Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonatePro: from n/a through <= 2.1.9. | ||||
| CVE-2022-28975 | 1 Infoblox | 1 Nios | 2026-01-27 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field. | ||||
| CVE-2025-58940 | 2 Axiomthemes, Wordpress | 2 Basil, Wordpress | 2026-01-27 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Basil basil allows PHP Local File Inclusion.This issue affects Basil: from n/a through <= 1.3.12. | ||||
| CVE-2025-58941 | 2 Axiomthemes, Wordpress | 2 Fabric, Wordpress | 2026-01-27 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Fabric fabric allows PHP Local File Inclusion.This issue affects Fabric: from n/a through <= 1.5.0. | ||||
| CVE-2025-58942 | 2 Axiomthemes, Wordpress | 2 Dwell, Wordpress | 2026-01-27 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Dwell dwell allows PHP Local File Inclusion.This issue affects Dwell: from n/a through <= 1.7.0. | ||||
| CVE-2025-58943 | 2 Axiomthemes, Wordpress | 2 Agricola, Wordpress | 2026-01-27 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Agricola agricola allows PHP Local File Inclusion.This issue affects Agricola: from n/a through <= 1.1.0. | ||||
| CVE-2025-11687 | 1 Gnome | 1 Gi-docgen | 2026-01-27 | 6.1 Medium |
| A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter (reflected DOM XSS). | ||||