17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 9851-9900 of 17282 CVEs Page 198 of 346
CVE-2025-64460
7.5
Unknown Multiple Products

An issue was discovered in 5

2025-12-03
CVE-2025-64458
7.5
Unknown Multiple Products

An issue was discovered in 5

2025-11-06
CVE-2025-64456
8.4
ReSharper Multiple Products

In JetBrains ReSharper before 2025

2025-11-11
CVE-2025-64447
8.1
Fortinet Multiple Products

A reliance on cookies without validation and integrity checking vulnerability in Fortinet FortiWeb 8

2025-12-10
CVE-2025-64446
KEV
9.8
Fortinet Multiple Products

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb...

2025-11-15
CVE-2025-64444
7.2
Unknown Multiple Products

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in NCP-HG100 1

2025-11-15
CVE-2025-64430
7.5
Parse Multiple Products

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node

2025-11-08
CVE-2025-64427
7.1
Unknown Multiple Products

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI

2026-03-03
CVE-2025-64420
Analyzed
9.9
Unknown Multiple Products

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions prior to and including v4.0.0-...

2026-01-06
CVE-2025-64419
Analyzed
9.6
Docker Multiple Products

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.445, parameters coming...

2026-01-06
CVE-2025-6441
Analyzed
9.8
WordPress Multiple Products

The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition plugin for WordPress is vulnerable to...

2025-07-25
CVE-2025-64405
7.5
Microsoft Multiple Products

Apache OpenOffice documents can contain links

2025-11-14
CVE-2025-64404
7.5
Microsoft Multiple Products

Apache OpenOffice documents can contain links to other files

2025-11-14
CVE-2025-64403
Analyzed
8.1
Microsoft Multiple Products

Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of "external data sources"

2025-11-13
CVE-2025-64401
7.5
Microsoft Multiple Products

Apache OpenOffice documents can contain links

2025-11-14
CVE-2025-6440
Analyzed
9.8
WordPress Multiple Products

The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary...

2025-10-24
CVE-2025-6439
Analyzed
9.8
WordPress Multiple Products

The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary...

2025-10-12
CVE-2025-64374
Analyzed
9.9
Unknown Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in StylemixThemes Motors motors allows Using Malicious Files.This issue affects Motors:...

2025-12-19
CVE-2025-64371
8.5
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler allows Blind SQL In...

2025-12-19
CVE-2025-6437
Analyzed
7.5
WordPress Multiple Products

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘oid’ parameter in all ve...

2025-07-05
CVE-2025-64366
7.6
Stylemix MasterStudy Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learnin...

2025-10-31
CVE-2025-64360
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Consulting Ele...

2025-10-31
CVE-2025-64359
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Consulting con...

2025-10-31
CVE-2025-64353
8.8
Chouby Polylang Multiple Products

Deserialization of Untrusted Data vulnerability in Chouby Polylang polylang allows Object Injection

2025-10-31
CVE-2025-64349
8.8
ELOG Multiple Products

ELOG allows an authenticated user to modify another user's profile

2025-10-31
CVE-2025-64348
7.1
ELOG Multiple Products

ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service

2025-10-31
CVE-2025-64347
Analyzed
7.5
Apollo Multiple Products

Apollo Router Core is a configurable Rust graph router written to run a federated supergraph using Apollo Federation 2

2025-11-08
CVE-2025-64344
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-11-27
CVE-2025-64343
7.8
Unknown Multiple Products

(conda) Constructor is a tool that enables users to create installers for conda package collections

2025-11-08
CVE-2025-64335
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-11-27
CVE-2025-64334
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-11-27
CVE-2025-64333
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-11-27
CVE-2025-64332
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-11-27
CVE-2025-64331
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-11-27
CVE-2025-64330
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-11-27
CVE-2025-64328
KEV
9.5
Sangoma FreePBX

Sangoma FreePBX OS Command Injection Vulnerability - Active in CISA KEV catalog.

2026-02-04
CVE-2025-64314
Analyzed
9.3
Intel Multiple Products

Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect confidentiality.

2025-11-29
CVE-2025-64310
Analyzed
9.8
Unknown Multiple Products

EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's p...

2025-11-22
CVE-2025-64309
8.6
Brightpick Multiple Products

Brightpick Mission Control discloses device telemetry, configuration, and credential information via WebSocket traffic to unauthenticated users when...

2025-11-15
CVE-2025-64308
Analyzed
7.5
Unknown Multiple Products

The Brightpick Mission Control web application exposes hardcoded credentials in its client-side JavaScript bundle

2025-11-15
CVE-2025-64301
7.8
Unknown Multiple Products

An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity

2026-03-18
CVE-2025-64298
8.4
Unknown Multiple Products

NMIS/BioDose V22

2025-12-03
CVE-2025-64293
7.6
Golemiq Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Golemiq 0 Day Analytics allows SQL Injection

2025-11-13
CVE-2025-64287
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Alloggio - Hotel...

2025-11-06
CVE-2025-64284
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Majestic Support Majestic Sup...

2025-10-29
CVE-2025-64266
8.8
Rental Multiple Products

Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Object...

2025-12-19
CVE-2025-64236
Analyzed
9.8
Unknown Multiple Products

Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Tuturn allows Authentication Abuse.This issue affects Tuturn: fro...

2025-12-19
CVE-2025-64233
Analyzed
9.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in BoldThemes Codiqa codiqa allows Object Injection.This issue affects Codiqa: from n/a through < 1.2....

2025-12-19
CVE-2025-64232
7.1
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icopydoc Import from YML import-from-yml allows...

2025-11-06
CVE-2025-64231
Analyzed
9.8
Google Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in RedefiningTheWeb WordPress Contact Form 7 PDF, Google Sheet & Database rtwwcfp-wordpr...

2025-12-19