Export limit exceeded: 359353 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359353 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (84171 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25425 | 2026-06-15 | 7.5 High | ||
| Unauthenticated Broken Access Control in User Registration <= 5.1.2 versions. | ||||
| CVE-2025-68840 | 2026-06-15 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in iRobots.txt SEO <= 1.1.2 versions. | ||||
| CVE-2026-52722 | 1 Redhat | 1 Enterprise Linux | 2026-06-15 | 7.1 High |
| A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a specially crafted VMnc file, potentially causing a crash or information disclosure. | ||||
| CVE-2016-20084 | 2026-06-15 | 7.2 High | ||
| WordPress appointment-booking-calendar 1.1.24 contains multiple privilege escalation vulnerabilities that allow unauthenticated attackers to modify calendar settings and inject persistent cross-site scripting payloads through the admin.php page parameters. Attackers can inject malicious JavaScript into the 'ict' and 'ics' options or the calendar 'name' parameter via GET requests to execute arbitrary scripts when the calendar is displayed or accessed in the administration interface. | ||||
| CVE-2016-20073 | 2026-06-15 | 8.2 High | ||
| Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' POST parameter. Attackers can submit crafted SQL statements to the modal.php endpoint to extract sensitive database information including WordPress terms and configuration data. | ||||
| CVE-2026-49061 | 2026-06-15 | 7.5 High | ||
| Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce <= 3.2.1 versions. | ||||
| CVE-2026-12200 | 1 Ritlabs | 1 Tinyweb Server | 2026-06-15 | 7.3 High |
| A security vulnerability has been detected in Ritlabs TinyWeb Server up to 1.94 on Win32. This impacts an unknown function in the library libeay32.dll.html of the component Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-12191 | 1 Comma Ai | 1 Openpilot | 2026-06-15 | 7.8 High |
| A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-49070 | 2026-06-15 | 7.5 High | ||
| Unauthenticated Broken Access Control in Knit Pay <= 9.4.0.0 versions. | ||||
| CVE-2026-53832 | 1 Openclaw | 1 Openclaw | 2026-06-15 | 7.7 High |
| OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply forged identity headers to assume operator identity and potentially escalate privileges. | ||||
| CVE-2026-53821 | 1 Openclaw | 1 Openclaw | 2026-06-15 | 8.8 High |
| OpenClaw before 2026.5.18 accepts WebSocket client-declared operator scopes before binding to server-approved pairing or trusted-proxy authorization baseline. Unpaired or restricted trusted-proxy Control UI clients can obtain cached operator.admin authority on live WebSocket connections to execute admin-gated Gateway RPCs. | ||||
| CVE-2026-52702 | 2026-06-15 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in SEO Redirection <= 9.17 versions. | ||||
| CVE-2026-42365 | 2 Geovision, Geovision Inc. | 5 Gv-lpc2011, Gv-lpc2011 Firmware, Gv-lpc2211 and 2 more | 2026-06-15 | 8.6 High |
| A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability. | ||||
| CVE-2026-41158 | 1 Imaginationtech | 1 Graphics Ddk | 2026-06-15 | 7.8 High |
| Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed the resource. | ||||
| CVE-2026-11527 | 2026-06-15 | 8.6 High | ||
| Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle. Config::IniFiles::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a filename that begins or ends with a pipe ("| cmd", "cmd |") or begins with a redirect ("> path", ">> path") is run as a command or redirect rather than opened as a file. The helper is the open path behind the documented -file argument: new(-file => $thing) reaches it through ReadConfig. An in-memory scalar reference (-file => \$text) does not open a path and is unaffected. Any caller that forwards untrusted input to the -file argument can run an arbitrary command or truncate a file under the process UID. | ||||
| CVE-2026-48547 | 1 Lingdojo | 1 Kana-dojo | 2026-06-15 | 7.3 High |
| KanaDojo contains a command injection vulnerability that allows an attacker with pull request access to execute arbitrary shell commands by inserting shell metacharacters into the version or changes fields of patchNotesData.json, which are interpolated unsanitized into a child_process.execSync() call in the release.yml workflow. Attackers can have a malicious pull request merged to trigger the GitHub Actions runner with contents write permissions and access to GITHUB_TOKEN. | ||||
| CVE-2026-54230 | 1 Redhat | 1 Enterprise Linux | 2026-06-15 | 7 High |
| A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and writes content to the symlink target, allowing arbitrary file overwrites on the system. | ||||
| CVE-2026-52720 | 1 Redhat | 1 Enterprise Linux | 2026-06-15 | 8.8 High |
| A heap buffer overflow vulnerability was found in GStreamer's librfb (RFB/VNC client). The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a malicious VNC server and trick a user into connecting, resulting in an out-of-bounds heap write that could lead to code execution or a crash. | ||||
| CVE-2026-6961 | 1 Mattermost | 1 Mattermost | 2026-06-15 | 7.6 High |
| Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Mattermost fails to sanitize FileInfo.Name received from federated peers during shared channel file sync, which allows an attacker who controls a federated server to write files to arbitrary locations within the target server's filestore via path traversal sequences in the filename field.. Mattermost Advisory ID: MMSA-2026-00661 | ||||
| CVE-2016-20069 | 2026-06-15 | 8.2 High | ||
| WordPress Booking Calendar Contact Form 1.0.23 contains an unauthenticated blind SQL injection vulnerability in the shortcode function that fails to sanitize the calendar parameter before using it in database queries. Attackers can inject SQL commands through the calendar shortcode parameter to execute arbitrary SQL queries and extract sensitive database information. | ||||