17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 10101-10150 of 17282 CVEs Page 203 of 346
CVE-2025-62891
8.8
Jory Hogeveen Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) off-canvas-sidebars allows Cross Site Request...

2025-10-28
CVE-2025-62890
Analyzed
8.8
Premmerce Premmerce Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request F...

2025-10-28
CVE-2025-62889
8.8
Unknown Multiple Products

Missing Authorization vulnerability in KingAddons

2025-10-28
CVE-2025-62886
8.8
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Pricing Table builder wpdevart-pricing-table allows Stored XSS

2025-10-28
CVE-2025-62878
Analyzed
9.9
HP HP Multiple Products

A parameter manipulation vulnerability in HP products allows users to create PersistentVolumes in unauthorized locations, leading to host file overwri...

2026-02-26
CVE-2025-62877
Analyzed
9.8
Unknown Multiple Products

Projects using the SUSE Virtualization (Harvester) environment may expose the OS default ssh login password  if they are using the 1.5.x or 1.6.x inte...

2026-01-09
CVE-2025-62868
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Edge CPT allows P...

2025-10-24
CVE-2025-62817
7.5
Samsung Mobile Processor

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500

2026-03-05
CVE-2025-62814
7.5
Samsung Mobile Processor

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400

2026-03-05
CVE-2025-62795
7.1
JumpServer Multiple Products

JumpServer is an open source bastion host and an operation and maintenance security audit system

2025-10-30
CVE-2025-62777
8.8
Unknown Multiple Products

Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1

2025-10-28
CVE-2025-62776
Analyzed
7.8
Microsoft Multiple Products

The installer of WTW EAGLE (for Windows) 3

2025-10-29
CVE-2025-62775
8
Unknown Multiple Products

Mercku M6a devices through 2

2025-10-22
CVE-2025-62771
7.5
Unknown Multiple Products

Mercku M6a devices through 2

2025-10-22
CVE-2025-62765
Analyzed
7.5
General Multiple Products

General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow an attacker to observe network tra...

2025-11-15
CVE-2025-62753
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in MadrasThemes MAS Videos allow...

2025-12-31
CVE-2025-62727
7.5
Starlette Multiple Products

Starlette is a lightweight ASGI framework/toolkit

2025-10-28
CVE-2025-62726
8.8
Unknown Multiple Products

n8n is an open source workflow automation platform

2025-10-30
CVE-2025-62716
8.1
Plane Multiple Products

Plane is open-source project management software

2025-10-24
CVE-2025-62712
Analyzed
9.6
Intel Multiple Products

JumpServer is an open source bastion host and an operation and maintenance security audit system. In JumpServer versions prior to v3.10.20-lts and v4....

2025-10-30
CVE-2025-62703
Analyzed
8.8
Fugue Multiple Products

Fugue is a unified interface for distributed computing that lets users execute Python, Pandas, and SQL code on Spark, Dask, and Ray with minimal rewri...

2025-11-26
CVE-2025-62691
Analyzed
9.8
Microsoft Multiple Products

Security Point (Windows) of MaLion and MaLionCloud contains a stack-based buffer overflow vulnerability in processing HTTP headers. Receiving a specia...

2025-11-26
CVE-2025-62689
7.5
IBM Multiple Products

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1

2025-11-11
CVE-2025-62688
7.1
Unknown Multiple Products

An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4

2025-10-24
CVE-2025-62650
Analyzed
8.3
Unknown Multiple Products

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen

2025-10-17
CVE-2025-6265
7.2
Zyxel Multiple Products

A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware version 7

2025-07-15
CVE-2025-62645
Analyzed
9.9
Unknown Multiple Products

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote authenticated attacker to obtain a token with administ...

2025-10-17
CVE-2025-62641
Analyzed
8.2
Oracle Multiple Products

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)

2025-10-21
CVE-2025-6264
KEV
9.5
Rapid7 Velociraptor

Rapid7 Velociraptor Incorrect Default Permissions Vulnerability - Active in CISA KEV catalog.

2025-10-14
CVE-2025-62630
8.8
Unknown Multiple Products

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code exec...

2025-11-06
CVE-2025-62618
8
ELOG Multiple Products

ELOG allows an authenticated user to upload arbitrary HTML files

2025-10-31
CVE-2025-62617
7.2
Admidio Multiple Products

Admidio is an open-source user management solution

2025-10-22
CVE-2025-62610
Analyzed
8.1
Intel Multiple Products

Hono is a Web application framework that provides support for any JavaScript runtime

2025-10-22
CVE-2025-62606
Analyzed
8.8
HP Multiple Products

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view

2025-10-22
CVE-2025-6260
Analyzed
9.8
Unknown Multiple Products

The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local are...

2025-07-25
CVE-2025-62590
Analyzed
8.2
Oracle Multiple Products

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)

2025-10-21
CVE-2025-62589
Analyzed
8.2
Oracle Multiple Products

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)

2025-10-21
CVE-2025-62588
Analyzed
8.2
Oracle Multiple Products

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)

2025-10-21
CVE-2025-62587
Analyzed
8.2
Oracle Multiple Products

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)

2025-10-21
CVE-2025-62586
Analyzed
9.8
Unknown Multiple Products

OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password. Fixed in FOIAXpress version 11.13.2.0.

2025-10-16
CVE-2025-62585
7.5
Unknown Multiple Products

Whale browser before 4

2025-10-16
CVE-2025-62584
7.5
Unknown Multiple Products

Whale browser before 4

2025-10-16
CVE-2025-62583
Analyzed
9.8
Whale Browser before Multiple Products

Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.

2025-10-16
CVE-2025-62582
Analyzed
9.8
Unknown Multiple Products

Delta Electronics DIAView has multiple vulnerabilities.

2026-01-16
CVE-2025-62581
Analyzed
9.8
Unknown Multiple Products

Delta Electronics DIAView has multiple vulnerabilities.

2026-01-16
CVE-2025-62580
Analyzed
7.8
Unknown Multiple Products

ASDA-Soft Stack-based Buffer Overflow Vulnerability

2025-10-16
CVE-2025-62579
Analyzed
7.8
Unknown Multiple Products

ASDA-Soft Stack-based Buffer Overflow Vulnerability

2025-10-16
CVE-2025-62577
Analyzed
8.8
Unknown Multiple Products

ETERNUS SF provided by Fsas Technologies Inc

2025-10-20
CVE-2025-62575
8.3
Unknown Multiple Products

NMIS/BioDose V22

2025-12-03
CVE-2025-62572
7.8
Unknown Multiple Products

Out-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally

2025-12-10