17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 8751-8800 of 17282 CVEs Page 176 of 346
CVE-2025-7779
Analyzed
8.8
Unknown Multiple Products

Local privilege escalation due to insecure XPC service configuration

2025-09-30
CVE-2025-7778
Analyzed
9.8
WordPress Multiple Products

The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within...

2025-08-15
CVE-2025-7775
KEV
9.5
Citrix NetScaler

Citrix NetScaler Memory Overflow Vulnerability - Active in CISA KEV catalog.

2025-08-26
CVE-2025-7766
8
Provisioning Multiple Products

Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthentic...

2025-07-23
CVE-2025-7765
7.3
Unknown Multiple Products

A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1

2025-07-17
CVE-2025-7764
7.3
Unknown Multiple Products

A vulnerability classified as critical has been found in code-projects Online Appointment Booking System 1

2025-07-17
CVE-2025-7762
8.8
D-Link Multiple Products

A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16

2025-07-17
CVE-2025-7760
Analyzed
7.6
Ofisimo Multiple Products

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ofisimo Web-Based Software Technologies A...

2026-02-04
CVE-2025-7758
8.8
TOTOLINK Multiple Products

A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4

2025-07-17
CVE-2025-7757
Analyzed
7.3
HP Multiple Products

A vulnerability classified as critical was found in PHPGurukul Land Record System 1

2025-07-17
CVE-2025-7753
7.3
Unknown Multiple Products

A vulnerability was found in code-projects Online Appointment Booking System 1

2025-07-17
CVE-2025-7752
7.3
Unknown Multiple Products

A vulnerability was found in code-projects Online Appointment Booking System 1

2025-07-17
CVE-2025-7751
7.3
Unknown Multiple Products

A vulnerability has been found in code-projects Online Appointment Booking System 1

2025-07-17
CVE-2025-7750
7.3
Unknown Multiple Products

A vulnerability, which was classified as critical, was found in code-projects Online Appointment Booking System 1

2025-07-17
CVE-2025-7749
7.3
Unknown Multiple Products

A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1

2025-07-17
CVE-2025-7747
8.8
Tenda Multiple Products

A vulnerability classified as critical has been found in Tenda FH451 1

2025-07-17
CVE-2025-7744
Analyzed
9.8
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dolusoft Omaspot allows SQL Injection.This issue...

2025-09-16
CVE-2025-7743
Analyzed
9.6
Unknown Multiple Products

Cleartext Transmission of Sensitive Information vulnerability in Dolusoft Omaspot allows Interception, Privilege Escalation.This issue affects Omaspot...

2025-09-16
CVE-2025-7739
8.7
GitLab Multiple Products

An issue has been discovered in GitLab CE/EE affecting all versions from 18

2025-08-13
CVE-2025-7737
Analyzed
8.6
Hitachi Virtual Storage Platform

DoS Vulnerability in 10G iSCSI Interface of Hitachi Virtual Storage Platform

2026-06-20
CVE-2025-7735
Analyzed
7.5
Hospital Multiple Products

The Hospital Information System developed by UNIMAX has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary S...

2025-07-17
CVE-2025-7734
8.7
GitLab Multiple Products

An issue has been discovered in GitLab CE/EE affecting all versions from 14

2025-08-13
CVE-2025-7731
Analyzed
7.5
Mitsubishi Electric Multiple Products

Cleartext Transmission of Sensitive Information vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthe...

2025-09-02
CVE-2025-7725
Analyzed
7.2
WordPress Multiple Products

The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, Ope...

2025-08-01
CVE-2025-7722
Analyzed
8.8
WordPress Multiple Products

The Social Streams plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1

2025-07-23
CVE-2025-7721
Analyzed
9.8
WordPress Multiple Products

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, a...

2025-10-03
CVE-2025-7718
Analyzed
8.8
WordPress Multiple Products

The Resideo Plugin for Resideo - Real Estate WordPress Theme plugin for WordPress is vulnerable to privilege escalation via account takeover in all ve...

2025-09-10
CVE-2025-7714
Analyzed
7.5
Global Interactive Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc

2026-01-30
CVE-2025-7713
7.5
Global Interactive Multiple Products

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Interactive Design Media Software...

2026-01-30
CVE-2025-7712
Analyzed
9.1
WordPress Multiple Products

The Madara - Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wp_manga_delete_zip()...

2025-07-17
CVE-2025-7710
9.8
WordPress Multiple Products

The Brave Conversion Engine (PRO) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.7.7. This is due...

2025-08-04
CVE-2025-7707
7.1
Unknown Multiple Products

The llama_index library version 0

2025-10-13
CVE-2025-7695
Analyzed
8.8
WordPress Multiple Products

The Dataverse Integration plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks within its reset_password_lin...

2025-07-25
CVE-2025-7692
Analyzed
8.1
WordPress Multiple Products

The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1

2025-07-23
CVE-2025-7689
Analyzed
8.8
WordPress Multiple Products

The Hydra Booking plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the tfhb_reset_password_callback() f...

2025-07-29
CVE-2025-7679
7.4
Unknown Multiple Products

Missing Authentication for Critical Function vulnerability in ABB Aspect

2025-08-11
CVE-2025-7675
7.8
Unknown Multiple Products

A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability

2025-07-29
CVE-2025-7673
Analyzed
9.8
Zyxel Multiple Products

A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allo...

2025-07-16
CVE-2025-7670
Analyzed
7.5
WordPress Multiple Products

The JS Archive List plugin for WordPress is vulnerable to time-based SQL Injection via the build_sql_where() function in all versions up to, and inclu...

2025-08-19
CVE-2025-7667
Analyzed
8.1
WordPress Multiple Products

The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1

2025-07-15
CVE-2025-7665
Analyzed
8.1
WordPress Multiple Products

The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the 'han...

2025-09-19
CVE-2025-7664
Analyzed
7.5
WordPress Multiple Products

The AL Pack plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the check_activate_permission() permission...

2025-08-17
CVE-2025-7659
8
GitLab has remediated

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18

2026-02-12
CVE-2025-7657
Analyzed
8.8
Google Multiple Products

Use after free in WebRTC in Google Chrome prior to 138

2025-07-15
CVE-2025-7656
Analyzed
8.8
Google Multiple Products

Integer overflow in V8 in Google Chrome prior to 138

2025-07-15
CVE-2025-7654
Analyzed
8.8
WordPress Multiple Products

Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie shortcode

2025-08-19
CVE-2025-7650
7.5
WordPress Multiple Products

The BizCalendar Web plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1

2025-08-15
CVE-2025-7647
Analyzed
7.3
Unknown Multiple Products

The llama-index-core package, up to version 0

2025-09-28
CVE-2025-7645
Analyzed
8.1
WordPress Multiple Products

The Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) plugin for WordPress is vulnerable to arbitrary file deletion due...

2025-07-23
CVE-2025-7642
Analyzed
9.8
WordPress Multiple Products

The Simpler Checkout plugin for WordPress is vulnerable to Authentication Bypass in versions 0.7.0 to 1.1.9. This is due to the plugin not properly ve...

2025-08-24