Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8794 | 2 Ba-booking, Booking Algorithms | 2 Ba Book Everything, Ba Book Everything | 2026-04-08 | 5.3 Medium |
| The BA Book Everything plugin for WordPress is vulnerable to arbitrary password reset in all versions up to, and including, 1.6.20. This is due to the reset_user_password() function not verifying a user's identity prior to setting a password. This makes it possible for unauthenticated attackers to reset any user's passwords, including administrators. It's important to note that the attacker will not have access to the generated password, therefore, privilege escalation is not possible. | ||||
| CVE-2024-7626 | 1 Wpdelicious | 2 Wp Delicious, Wpdelicious | 2026-04-08 | 8.1 High |
| The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress is vulnerable to arbitrary file movement and reading due to insufficient file path validation in the save_edit_profile_details() function in all versions up to, and including, 1.6.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php). This can also lead to the reading of arbitrary files that may contain sensitive information like wp-config.php. | ||||
| CVE-2024-13409 | 1 Wpwax | 1 Post Grid\, Slider \& Carousel Ultimate | 2026-04-08 | 7.5 High |
| The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.10 via the 'theme' parameter of the post_type_ajax_handler() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. | ||||
| CVE-2024-6637 | 2 Wpwebelite, Yithemes | 2 Woocommerce Social Login, Yith Woocommerce Social Login | 2026-04-08 | 7.3 High |
| The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthenticated privilege escalation in all versions up to, and including, 2.7.3. This is due to a lack of brute force controls on a weak one-time password. This makes it possible for unauthenticated attackers to brute force the one-time password for any user, except an Administrator, if they know the email of user. | ||||
| CVE-2024-12041 | 1 Wpwax | 1 Directorist | 2026-04-08 | 5.3 Medium |
| The Directorist: AI-Powered WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.0.12 via the /wp-json/directorist/v1/users/ endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including including usernames, email addresses, names, and more information about users. | ||||
| CVE-2023-5106 | 1 Gitlab | 1 Gitlab | 2026-04-07 | 8.2 High |
| An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports. | ||||
| CVE-2005-3937 | 1 Softbizscripts | 1 B2b Trading Marketplace Script | 2026-04-06 | N/A |
| SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffers.php, (3) products.php, or (4) profiles.php. | ||||
| CVE-2006-3607 | 1 Softbizscripts | 1 Banner Exchange Script | 2026-04-06 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Banner Exchange Script (aka Banner Exchange Network Script) 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the city parameter in (a) insertmember.php, and (2) a PHPSESSID cookie in (b) lostpassword.php, (c) gen_confirm_mem.php, and (d) index.php. | ||||
| CVE-2001-0631 | 1 Opentext | 1 Firstclass | 2026-04-06 | N/A |
| Centrinity First Class Internet Services 5.50 allows for the circumventing of the default 'spam' filters via the presence of '<@>' in the 'From:' field, which allows remote attackers to send spoofed email with the identity of local users. | ||||
| CVE-2026-0977 | 1 Ibm | 1 Cics Transaction Gateway | 2026-04-02 | 5.1 Medium |
| IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls. | ||||
| CVE-2024-27855 | 1 Apple | 4 Ipad Os, Ipados, Iphone Os and 1 more | 2026-04-02 | 8.8 High |
| The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. A shortcut may be able to use sensitive data with certain actions without prompting the user. | ||||
| CVE-2021-26262 | 1 Philips | 4 Mri 1.5t, Mri 1.5t Firmware, Mri 3t and 1 more | 2026-04-02 | 5.5 Medium |
| Philips MRI 1.5T and MRI 3T Version 5.3 through 5.8.1 does not restrict or incorrectly restricts access to a resource from an unauthorized actor. | ||||
| CVE-2024-53804 | 2 Brandtoss, Wpmailster | 2 Wpmailster, Wp Mailster | 2026-04-01 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through <= 1.8.16.0. | ||||
| CVE-2024-49217 | 2 Madiri Salman Aashish, Madirisalmanaashish | 2 User-drop-down-roles-in-registration, Adding Drop Down Roles In Registration | 2026-04-01 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in madiriaashish Adding drop down roles in registration user-drop-down-roles-in-registration allows Privilege Escalation.This issue affects Adding drop down roles in registration: from n/a through <= 1.1. | ||||
| CVE-2023-6080 | 2 Lakeside Software, Lakesidesoftware | 2 Systrack Lsiagent Installer, Systrack Lsiagent | 2026-04-01 | 7.8 High |
| Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access. | ||||
| CVE-2005-0012 | 1 Dillo | 1 Dillo | 2026-03-27 | N/A |
| Format string vulnerability in the a_Interface_msg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page. | ||||
| CVE-2024-0208 | 1 Wireshark | 1 Wireshark | 2026-03-27 | 7.8 High |
| GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2025-71090 | 1 Linux | 1 Linux Kernel | 2026-03-25 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg() nfsd4_add_rdaccess_to_wrdeleg() unconditionally overwrites fp->fi_fds[O_RDONLY] with a newly acquired nfsd_file. However, if the client already has a SHARE_ACCESS_READ open from a previous OPEN operation, this action overwrites the existing pointer without releasing its reference, orphaning the previous reference. Additionally, the function originally stored the same nfsd_file pointer in both fp->fi_fds[O_RDONLY] and fp->fi_rdeleg_file with only a single reference. When put_deleg_file() runs, it clears fi_rdeleg_file and calls nfs4_file_put_access() to release the file. However, nfs4_file_put_access() only releases fi_fds[O_RDONLY] when the fi_access[O_RDONLY] counter drops to zero. If another READ open exists on the file, the counter remains elevated and the nfsd_file reference from the delegation is never released. This potentially causes open conflicts on that file. Then, on server shutdown, these leaks cause __nfsd_file_cache_purge() to encounter files with an elevated reference count that cannot be cleaned up, ultimately triggering a BUG() in kmem_cache_destroy() because there are still nfsd_file objects allocated in that cache. | ||||
| CVE-2023-53533 | 1 Linux | 1 Linux Kernel | 2026-03-25 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe rpi_firmware_get() take reference, we need to release it in error paths as well. Use devm_rpi_firmware_get() helper to handling the resources. Also remove the existing rpi_firmware_put(). | ||||
| CVE-2022-50505 | 1 Linux | 1 Linux Kernel | 2026-03-25 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in ppr_notifier() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling pci_dev_put(). So call it before returning from ppr_notifier() to avoid refcount leak. | ||||