17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 10701-10750 of 17282 CVEs Page 215 of 346
CVE-2025-60090
Analyzed
9.8
HP Multiple Products

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gra...

2025-12-19
CVE-2025-60089
Analyzed
9.8
HP Multiple Products

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Object Injection.This issue affects...

2025-12-19
CVE-2025-60084
8.6
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in add-ons

2025-12-19
CVE-2025-60083
8.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in add-ons

2025-12-19
CVE-2025-60082
8.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in add-ons

2025-12-19
CVE-2025-60081
8.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in add-ons

2025-12-19
CVE-2025-60075
Analyzed
7.1
HP Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Allegro Marketing hpb seo plugin for WordPress hpbseo allows Reflected XSS

2025-10-29
CVE-2025-60074
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Processby Lazy Load Optimizer...

2025-11-06
CVE-2025-60072
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Processby Anchor smooth scrol...

2025-12-19
CVE-2025-60063
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Rosalinda rosalin...

2025-12-19
CVE-2025-60062
Analyzed
9.4
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mmetrodw tPlayer tplayer-html5-audio-player-with...

2025-12-19
CVE-2025-60055
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fabrica fabrica...

2025-12-19
CVE-2025-60054
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes OnLeash onleash...

2025-12-19
CVE-2025-60053
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes MaxCube maxcube...

2025-12-19
CVE-2025-60052
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes W&D wd allows PH...

2025-12-19
CVE-2025-60051
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Rare Radio rarer...

2025-12-19
CVE-2025-60050
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Panda panda allow...

2025-12-19
CVE-2025-60049
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Soleil soleil all...

2025-12-19
CVE-2025-60041
8.8
Iulia Cazan Emails Multiple Products

Authentication Bypass Using an Alternate Path or Channel vulnerability in Iulia Cazan Emails Catch All emails-catch-all allows Password Recovery Explo...

2025-10-23
CVE-2025-60039
Analyzed
9.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in rascals Noisa noisa allows Object Injection.This issue affects Noisa: from n/a through <= 2.6.0.

2025-10-23
CVE-2025-60038
7.8
Unknown Multiple Products

A vulnerability has been identified in Rexroth IndraWorks

2026-02-19
CVE-2025-60037
7.8
Unknown Multiple Products

A vulnerability has been identified in Rexroth IndraWorks

2026-02-19
CVE-2025-60036
7.8
Unknown Multiple Products

A vulnerability has been identified in the UA

2026-02-19
CVE-2025-60035
7.8
Unknown Multiple Products

A vulnerability has been identified in the OPC

2026-02-19
CVE-2025-60024
8.8
Fortinet Multiple Products

Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal') vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice...

2025-12-10
CVE-2025-60021
Analyzed
9.8
GitHub Multiple Products

Remote command injection vulnerability in heap profiler builtin service in Apache bRPC ((all versions < 1.15.0)) on all platforms allows attacker to i...

2026-01-17
CVE-2025-60017
8.2
Unknown Multiple Products

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapd_restart

2025-09-26
CVE-2025-60016
7.5
Unknown Multiple Products

When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and...

2025-10-16
CVE-2025-60004
Analyzed
7.5
Juniper Multiple Products

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS E...

2025-10-09
CVE-2025-60003
7.5
Juniper Multiple Products

A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, net...

2026-01-16
CVE-2025-6000
Analyzed
9.1
Unknown Multiple Products

A privileged Vault operator within the root namespace with write permission to {{sys/audit}} may obtain code execution on the underlying host if a plu...

2025-08-01
CVE-2025-5999
7.2
Unknown Multiple Products

A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileg...

2025-08-01
CVE-2025-59978
Analyzed
9
Juniper Multiple Products

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attack...

2025-10-09
CVE-2025-59975
Analyzed
7.5
Juniper Multiple Products

An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows an unauthenticated network-based...

2025-10-09
CVE-2025-59974
8.4
Unknown Multiple Products

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Junos Space Security Director allows an attac...

2025-10-09
CVE-2025-5997
Analyzed
8.8
HP Multiple Products

Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse

2025-07-28
CVE-2025-59968
Analyzed
8.6
Juniper Multiple Products

A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read o...

2025-10-09
CVE-2025-59964
Analyzed
7.5
Juniper Multiple Products

A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX4700 devices allows an unauthen...

2025-10-09
CVE-2025-59946
Analyzed
7.5
NanoMQ Multiple Products

NanoMQ MQTT Broker (NanoMQ) is an Edge Messaging Platform

2025-12-27
CVE-2025-59945
Analyzed
8.1
SysReptor Multiple Products

SysReptor is a fully customizable pentest reporting platform

2025-09-28
CVE-2025-59944
8
Cursor Multiple Products

Cursor is a code editor built for programming with AI

2025-10-03
CVE-2025-59943
Analyzed
8.1
HP Multiple Products

phpMyFAQ is an open source FAQ web application

2025-10-03
CVE-2025-59942
7.5
Unknown Multiple Products

go-f3 is a Golang implementation of Fast Finality for Filecoin (F3)

2025-09-30
CVE-2025-59939
Analyzed
8.8
HP Multiple Products

WeGIA is a Web manager for charitable institutions

2025-09-28
CVE-2025-59936
Analyzed
9.4
Unknown Multiple Products

get-jwks contains fetch utils for JWKS keys. In versions prior to 11.0.2, a vulnerability in get-jwks can lead to cache poisoning in the JWKS key-fetc...

2025-09-28
CVE-2025-59934
Analyzed
9.4
Unknown Multiple Products

Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems...

2025-09-26
CVE-2025-59932
Analyzed
8.6
Apache Multiple Products

Flag Forge is a Capture The Flag (CTF) platform

2025-09-28
CVE-2025-59890
Analyzed
7.3
Unknown Multiple Products

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attac...

2025-11-28
CVE-2025-59889
8.6
Unknown Multiple Products

Improper authentication of library files in the Eaton IPP software installer could lead to arbitrary code execution of an attacker with the access to...

2025-10-14
CVE-2025-59887
Analyzed
8.6
Unknown Multiple Products

Improper authentication of library files in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the...

2025-12-26