Export limit exceeded: 359632 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359632 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-54193 | 2 Themefusion, Wordpress | 2 Fusion Builder, Wordpress | 2026-06-17 | 7.7 High |
| Contributor Arbitrary File Deletion in Fusion Builder <= 3.15.4 versions. | ||||
| CVE-2026-54417 | 1 Rxi | 1 Microtar | 2026-06-17 | 7.5 High |
| An integer overflow in the mtar_next() function in src/microtar.c in rxi microtar 0.1.0 allows a remote attacker to cause a denial of service (uncontrolled CPU consumption / infinite loop) via a crafted tar archive. mtar_next() computes the offset to the next record as round_up(h.size, 512) + sizeof(mtar_raw_header_t) using 32-bit arithmetic. When the header size field is a multiple of 512 in the range 0xFFFFFC01-0xFFFFFE00 (e.g. 0xFFFFFE00), the addition wraps to 0, so mtar_next() seeks to the current record position instead of advancing. As a result, mtar_find() and any loop that iterates entries with mtar_next() repeat indefinitely over the same record, hanging the process at 100% CPU with no recovery. | ||||
| CVE-2026-54816 | 2 Monetizemore, Wordpress | 2 Advanced Ads, Wordpress | 2026-06-17 | 7.5 High |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21. | ||||
| CVE-2025-15657 | 2 Mojoomla, Wordpress | 2 School Management, Wordpress | 2026-06-17 | 5.3 Medium |
| Unauthenticated Insecure Direct Object References (IDOR) in School Management <= 93.1.0 versions. | ||||
| CVE-2026-52716 | 2 Purethemes, Wordpress | 2 Workscout Core, Wordpress | 2026-06-17 | 6.5 Medium |
| Unauthenticated Arbitrary File Deletion in WorkScout-Core <= 1.7.11 versions. | ||||
| CVE-2026-54818 | 2 Veronalabs, Wordpress | 2 Slimstat Analytics, Wordpress | 2026-06-17 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs Slimstat Analytics allows Blind SQL Injection. This issue affects Slimstat Analytics: from n/a through 5.4.11. | ||||
| CVE-2026-54817 | 2 Fluxbuilder, Wordpress | 2 Mstore Api, Wordpress | 2026-06-17 | 6.5 Medium |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API allows Password Recovery Exploitation. This issue affects MStore API: from n/a through 4.18.4. | ||||
| CVE-2026-55738 | 1 Rxi | 1 Microtar | 2026-06-17 | 8.8 High |
| A stack-based buffer overflow exists in the raw_to_header() function in src/microtar.c in rxi microtar 0.1.0. The function copies the 100-byte name and linkname fields of a TAR header with strcpy() without guaranteeing null termination of the source. The POSIX ustar format permits these fixed-width fields to be fully populated with non-null bytes, so a crafted archive whose linkname field (followed by the trailing padding of the 512-byte raw header) contains no null terminator causes strcpy() to read past the end of the 512-byte raw header stack buffer and to write past the destination header buffer. A remote attacker who supplies a crafted TAR archive that the victim opens or parses (via mtar_open(), mtar_read_header(), or mtar_find()) can cause an out-of-bounds read and a stack buffer overflow, resulting in denial of service (crash) and potentially arbitrary code execution. Confirmed with AddressSanitizer: stack-buffer-overflow READ of size 356 in raw_to_header at src/microtar.c:112. | ||||
| CVE-2026-10641 | 1 Zephyrproject | 1 Zephyr | 2026-06-17 | 7.1 High |
| Zephyr's Bluetooth Classic Hands-Free Profile (HFP) Hands-Free role parser (subsys/bluetooth/host/classic/hfp_hf.c) contains an out-of-bounds write. During Service Level Connection setup the HF sends AT+CIND=? and parses the AG's +CIND: response in cind_handle(), which assigns a per-entry counter index and calls cind_handle_values() for each list element. cind_handle_values() then wrote hf-ind_table[index] = i without verifying that index is within the 20-element int8_t ind_table[] array of struct bt_hfp_hf. Because the parser places no cap on the number of +CIND: list entries, a remote Attendant Gateway (a malicious, compromised, or spoofed peer the device connects to over Bluetooth) can send a response with more than 20 recognized indicator entries and drive index arbitrarily large, writing a small attacker-positioned value past the array into adjacent struct fields (feature masks, SDP/version state, the calls[] array, work/atomic bookkeeping) and potentially beyond the static connection pool slot. This yields memory corruption and at least denial of service of the Bluetooth host, triggered by a single malformed AT response with no user interaction. The sibling consumer ag_indicator_handle_values() already performed the equivalent bounds check; this commit adds the same index = ARRAY_SIZE(hf-ind_table) guard to close the gap. Affects builds with CONFIG_BT_HFP_HF enabled; introduced with the original HFP HF CIND parser (~v1.7) and present through v4.4.0. | ||||
| CVE-2026-54415 | 2026-06-17 | 8.1 High | ||
| Missing Authorization in the server management routes (routes/admin.php) in Azuriom Azuriom CMS before 1.2.11 on all platforms allows an authenticated attacker with the admin.access permission to create AzLink server tokens and take over non-admin user accounts by changing their passwords and email addresses via crafted HTTP requests to /admin/servers/create and the AzLink API endpoints (/api/azlink/password, /api/azlink/email, /api/azlink/user/{id}). | ||||
| CVE-2026-10850 | 1 Plane | 1 Plane | 2026-06-17 | N/A |
| Plane CE 1.3.1 allows a low-privileged project member to submit arbitrary HTML/JS in the description_html field when creating an intake work item through the API v1 intake endpoint. | ||||
| CVE-2026-54812 | 2026-06-17 | 9.3 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109. | ||||
| CVE-2026-22283 | 2026-06-17 | 7.5 High | ||
| Dell PowerFlex Manager, version(s) Version prior to 4.8, contain(s) an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2026-39560 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions. | ||||
| CVE-2026-47340 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | 6.5 Medium |
| Allow authenticated users to access alert instances associated with alert groups they do not have permission to access. in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2025-69158 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Granola <= 1.13 versions. | ||||
| CVE-2026-9690 | 2026-06-17 | 7.5 High | ||
| Unauthenticated Arbitrary File Download in WP Media folder Addon <= 4.0.1 versions. | ||||
| CVE-2024-24709 | 2 Shareaholic, Wordpress | 2 Shareaholic, Wordpress | 2026-06-17 | 4.3 Medium |
| Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shareaholic: from n/a through 9.7.11. | ||||
| CVE-2026-32967 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | 6.5 Medium |
| Incorrect Authorization vulnerability of `/v2` experimental interface in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2026-34888 | 2 Bricksforge, Wordpress | 2 Bricksforge, Wordpress | 2026-06-17 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in Bricksforge <= 3.1.8.4 versions. | ||||