Export limit exceeded: 359296 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359296 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-40752 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions. | ||||
| CVE-2026-40641 | 2026-06-17 | 4.8 Medium | ||
| Dell PowerFlex Manager, version(s) 4.6.0.1, contain(s) an Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering. | ||||
| CVE-2026-39560 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions. | ||||
| CVE-2026-47340 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | 6.5 Medium |
| Allow authenticated users to access alert instances associated with alert groups they do not have permission to access. in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2026-40738 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Eldon <= 1.4.1 versions. | ||||
| CVE-2025-69158 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Granola <= 1.13 versions. | ||||
| CVE-2025-69189 | 2026-06-17 | 7.3 High | ||
| Missing Authorization vulnerability in EMV JobBank allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobBank: from n/a through 1.2.3. | ||||
| CVE-2026-9690 | 2026-06-17 | 7.5 High | ||
| Unauthenticated Arbitrary File Download in WP Media folder Addon <= 4.0.1 versions. | ||||
| CVE-2024-24709 | 2 Shareaholic, Wordpress | 2 Shareaholic, Wordpress | 2026-06-17 | 4.3 Medium |
| Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shareaholic: from n/a through 9.7.11. | ||||
| CVE-2026-32967 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | 6.5 Medium |
| Incorrect Authorization vulnerability of `/v2` experimental interface in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2026-42357 | 2026-06-17 | 6.5 Medium | ||
| Incorrect Authorization vulnerability allows users to access workflow instance information belonging to projects they do not have permission to access. This issue affects Apache DolphinScheduler versions prior to 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes this issue. | ||||
| CVE-2026-32966 | 2026-06-17 | 7.5 High | ||
| DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2026-34888 | 2 Bricksforge, Wordpress | 2 Bricksforge, Wordpress | 2026-06-17 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in Bricksforge <= 3.1.8.4 versions. | ||||
| CVE-2026-24611 | 2 Wordpress, Wpmet | 2 Wordpress, Metform Pro | 2026-06-17 | 9.1 Critical |
| Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions. | ||||
| CVE-2026-24610 | 2 Wordpress, Wpmet | 2 Wordpress, Metform Pro | 2026-06-17 | 4.3 Medium |
| Subscriber Broken Access Control in MetForm Pro <= 3.9.1 versions. | ||||
| CVE-2026-27410 | 2 Veronalabs, Wordpress | 2 Slimstat Analytics, Wordpress | 2026-06-17 | 6.5 Medium |
| Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions. | ||||
| CVE-2026-22339 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions. | ||||
| CVE-2024-49269 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in my flatonica <= 0.0.8 versions. | ||||
| CVE-2026-22338 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions. | ||||
| CVE-2025-59560 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Sonaar <= 4.27.4 versions. | ||||