17783 Total CVEs
9072 AI Analyzed
270 CISA KEV
3625 Critical
All Vendors
Showing 7851-7900 of 17783 CVEs Page 158 of 356
CVE-2026-13019
Analyzed
9.8
Esri Portal for ArcGIS

Esri Portal for ArcGIS versions 12.1 and earlier contain a missing authentication vulnerability allowing remote, unauthenticated attackers to access a...

2026-07-08
CVE-2026-12975
Analyzed
8.5
Red Hat Apicurio Registry

A flaw was found in Apicurio Registry

2026-06-26
CVE-2026-12958
Analyzed
7.8
AWS Language Servers for AWS

Missing symlink validation in Language Servers for AWS may allow an arbitrary file write outside of the workspace trust boundary

2026-06-24
CVE-2026-12957
Analyzed
7.8
Intel Language Servers for AWS

Improper trust boundary enforcement in Language Servers for AWS before version 1

2026-06-24
CVE-2026-1294
7.2
WordPress is vulnerable

The All In One Image Viewer Block plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1

2026-02-06
CVE-2026-12923
Analyzed
7.5
WordPress Youtube Showcase

The Youtube Showcase plugin for WordPress is vulnerable to Arbitrary Function Call in versions up to and including 4

2026-07-01
CVE-2026-12921
Analyzed
8.4
AzeoTech DAQFactory

In AzeoTech DAQFactory versions 21

2026-06-26
CVE-2026-12912
Analyzed
7.3
Red Hat Red Hat Enterprise Linux 10

A flaw was found in libtiff

2026-06-30
CVE-2026-12897
Analyzed
8.4
Horner Automation Cscape

Horner Automation Cscape versions prior to 10

2026-06-26
CVE-2026-12866
Analyzed
9.8
Unknown expr-eval

The expr-eval package is vulnerable to arbitrary code execution via the toJSFunction() API due to insufficient sandboxing of user-supplied expressions...

2026-06-23
CVE-2026-12856
Analyzed
8.8
Red Hat OpenShift Dev Spaces

A flaw was found in the vscode-java extension, which provides Java language support for Visual Studio Code

2026-06-30
CVE-2026-12851
Analyzed
9.1
GeoVision GV-I/O Box 4E

An unauthenticated OS command injection vulnerability in the libNetSetObj.so library of GeoVision GV-I/O Box 4E allows remote code execution via a cra...

2026-06-24
CVE-2026-12850
Analyzed
9.1
GeoVision GV-I/O Box 4E

An unauthenticated OS command injection vulnerability in the libNetSetObj.so library of GeoVision GV-I/O Box 4E allows remote code execution via a cra...

2026-06-24
CVE-2026-1285
Analyzed
7.5
Unknown Multiple Products

An issue was discovered in 6

2026-02-04
CVE-2026-12849
Analyzed
9.1
GeoVision GV-I/O Box 4E

An unauthenticated OS command injection vulnerability in the libNetSetObj.so library of GeoVision GV-I/O Box 4E allows remote code execution via a cra...

2026-06-24
CVE-2026-12848
Analyzed
10
GeoVision GV-I/O Box 4E

The GeoVision GV-I/O Box 4E contains a stack-based buffer overflow vulnerability in the DVRSearch service, allowing remote code execution via crafted...

2026-06-24
CVE-2026-12847
Analyzed
10
GeoVision GV-I/O Box 4E

A stack-based buffer overflow vulnerability in the GeoVision GV-I/O Box 4E DVRSearch service allows unauthenticated remote attackers to execute arbitr...

2026-06-24
CVE-2026-12846
Analyzed
10
GeoVision GV-I/O Box 4E

A stack-based buffer overflow in the DVRSearch service allows unauthenticated remote attackers to execute arbitrary code via crafted UDP packets.

2026-06-24
CVE-2026-1284
7.8
Release Multiple Products

An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS 2025 through Release SO...

2026-01-27
CVE-2026-1283
Analyzed
7.8
Intel Multiple Products

A Heap-based Buffer Overflow vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS 2025 through Rele...

2026-01-27
CVE-2026-12819
Analyzed
9.3
Delta Electronics DVP-12SE PLC

The Delta Electronics DVP-12SE Modbus TCP service lacks authentication, allowing unauthenticated attackers to interact with security-sensitive functio...

2026-06-30
CVE-2026-12818
Analyzed
9.3
Delta Electronics DVP-12SE PLC

A resource allocation vulnerability in the Delta Electronics DVP-12SE PLC Modbus TCP service allows for potential denial-of-service conditions.

2026-06-30
CVE-2026-1281
KEV
9.8
Unknown Multiple Products

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

2026-01-30
CVE-2026-12806
Analyzed
8.8
Edimax BR-6478AC V2

A vulnerability has been found in Edimax BR-6478AC V2 1

2026-06-22
CVE-2026-1280
Analyzed
7.5
WordPress Multiple Products

The Frontend File Manager Plugin for WordPress is vulnerable to unauthorized file sharing due to a missing capability check on the 'wpfm_send_file_in_...

2026-01-29
CVE-2026-12795
Analyzed
7.3
BerriAI litellm

A vulnerability was determined in BerriAI litellm up to 1

2026-06-22
CVE-2026-12786
Analyzed
7.8
Ezbsystems UltraISO Premium Edition

A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9

2026-06-21
CVE-2026-12784
Analyzed
7.8
IM-Magic Partition Resizer

A weakness has been identified in IM-Magic Partition Resizer up to 7

2026-06-21
CVE-2026-12782
Analyzed
7.8
EaseUS Partition Master

A security flaw has been discovered in EaseUS Partition Master up to 14

2026-06-21
CVE-2026-12781
Analyzed
7.8
EaseUS Partition Master

A vulnerability was identified in EaseUS Partition Master up to 14

2026-06-21
CVE-2026-12780
Analyzed
7.8
AOMEI Backupper

A vulnerability was determined in AOMEI Backupper up to 8

2026-06-21
CVE-2026-12779
Analyzed
7.8
AOMEI Dynamic Disk Manager

A vulnerability was found in AOMEI Dynamic Disk Manager up to 10

2026-06-21
CVE-2026-12778
Analyzed
7.8
AOMEI Partition Assistant

A vulnerability has been found in AOMEI Partition Assistant up to 10

2026-06-21
CVE-2026-12775
Analyzed
7.3
Montodel House-Rental-Management

A vulnerability was detected in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863

2026-06-22
CVE-2026-12773
Analyzed
7.3
BerriAI litellm

A weakness has been identified in BerriAI litellm up to 1

2026-06-22
CVE-2026-12761
Analyzed
9.8
WordPress miniOrange Social Login and Register

The miniOrange Social Login and Register plugin for WordPress is vulnerable to unauthenticated account takeover via flawed OAuth email validation and...

2026-07-11
CVE-2026-1273
7.2
WordPress is vulnerable

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to Server-Side Request Forgery in all ver...

2026-03-04
CVE-2026-12686
Analyzed
9.3
Adiss Biloop

An authenticated cross-tenant authorization bypass in Adiss Biloop allows users to access or modify data belonging to other companies by manipulating...

2026-07-07
CVE-2026-12681
Analyzed
8.9
Google go-attestation

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Google go-attestation

2026-06-24
CVE-2026-1264
Analyzed
7.1
IBM Sterling B2B

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6

2026-03-19
CVE-2026-12628
Analyzed
8.1
IBM Storage Protect Client

IBM Storage Protect Client 8

2026-06-23
CVE-2026-12602
Analyzed
8.8
Aruba ArubaSign

Incorrect default permissions in ArubaSign, affecting versions prior to v4

2026-06-23
CVE-2026-12598
Analyzed
8.1
WordPress LoginPress Pro

The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in versions up to and including 6

2026-07-10
CVE-2026-12597
Analyzed
8.1
WordPress LoginPress Pro

The LoginPress Pro plugin for WordPress is vulnerable to Authentication Bypass via the GitHub OAuth callback in versions up to, and including, 6

2026-07-10
CVE-2026-12595
Analyzed
8.1
WordPress LoginPress Pro

The LoginPress Pro plugin for WordPress is vulnerable to Authentication Bypass via Unverified OAuth Email in all versions up to and including 6

2026-07-10
CVE-2026-12593
Analyzed
8.7
Qt Axivion

The implementation of an internal and undocumented Dashboard API endpoint (POST /api/users/~/{user}/tokens) forgot to ensure an HTTP request for creat...

2026-07-10
CVE-2026-12581
Analyzed
7.5
Digiwin EasyFlow .NET

EasyFlow

2026-06-23
CVE-2026-12578
Analyzed
8.4
Delta Electronics DTMSoft

The affected product is vulnerable to a deserialization of untrusted data, which may allow an attacker to execute arbitrary code

2026-06-30
CVE-2026-12577
Analyzed
8.7
Delta Electronics DVP80ES3

DVP80ES3 with Improperly Implemented Security Check for Standard vulnerability

2026-07-01
CVE-2026-12576
Analyzed
7.5
Delta Electronics DVP80ES3 PLC

DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability

2026-07-01