17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 11101-11150 of 17282 CVEs Page 223 of 346
CVE-2025-58281
8.4
Unknown Multiple Products

Out-of-bounds read vulnerability in the runtime interpreter module

2025-09-05
CVE-2025-58280
8.4
Unknown Multiple Products

Vulnerability of exposing object heap addresses in the Ark eTS module

2025-09-05
CVE-2025-58270
7.1
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows Cross Site Request Forgery

2025-09-22
CVE-2025-58268
7.1
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in WPMK WPMK PDF Generator allows Stored XSS

2025-09-22
CVE-2025-58267
7.1
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Aftabul Islam Stock Message allows Stored XSS

2025-09-22
CVE-2025-58262
7.1
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in wpdirectorykit Sweet Energy Efficiency allows Stored XSS

2025-09-22
CVE-2025-58261
7.1
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc Mavis HTTPS to HTTP Redirection allows Stored XSS

2025-09-22
CVE-2025-58259
7.1
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in scriptsbundle Nokri allows Cross Site Request Forgery

2025-09-22
CVE-2025-58255
Analyzed
9.6
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in yonisink Custom Post Type Images allows Code Injection. This issue affects Custom Post Type Images:...

2025-09-22
CVE-2025-58250
Analyzed
8.8
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo allows Authentication Bypass

2025-09-22
CVE-2025-58244
8.8
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Anps Constructo allows Object Injection

2025-09-22
CVE-2025-58218
7.2
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition allows Object Injection

2025-08-27
CVE-2025-58217
7.1
GeroNikolov Instant Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in GeroNikolov Instant Breaking News allows Stored XSS

2025-08-27
CVE-2025-58215
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Ziston allows PHP Loca...

2025-09-09
CVE-2025-58214
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Indutri allows PHP Loc...

2025-09-05
CVE-2025-5821
Analyzed
9.8
WordPress Multiple Products

The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.3. This is due to the plugin...

2025-08-24
CVE-2025-58207
8.2
WP Messiah Ai Image Multiple Products

Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly...

2025-11-06
CVE-2025-58206
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MaxCoach allows PHP...

2025-09-05
CVE-2025-58188
7.5
Validating Multiple Products

Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal...

2025-10-30
CVE-2025-58178
7.8
SonarQube Multiple Products

SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection

2025-09-02
CVE-2025-58176
Analyzed
8.8
Dive Multiple Products

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs

2025-09-03
CVE-2025-58159
Analyzed
9.9
HP Multiple Products

WeGIA is a Web manager for charitable institutions. Prior to version 3.4.11, a remote code execution vulnerability was identified, caused by improper...

2025-08-29
CVE-2025-58158
Analyzed
8.8
Harness Multiple Products

Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact R...

2025-08-29
CVE-2025-58157
Analyzed
7.5
Unknown Multiple Products

gnark is a zero-knowledge proof system framework

2025-08-29
CVE-2025-58150
8.8
Shadow Multiple Products

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing

2026-01-29
CVE-2025-58149
7.5
Unknown Multiple Products

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have

2025-10-31
CVE-2025-58148
7.5
Unknown Multiple Products

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE

2025-10-31
CVE-2025-58147
7.5
Unknown Multiple Products

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE

2025-10-31
CVE-2025-58145
7.5
Unknown Multiple Products

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE

2025-09-12
CVE-2025-58144
7.5
Unknown Multiple Products

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE

2025-09-12
CVE-2025-58143
Analyzed
9.8
Unknown Multiple Products

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple i...

2025-09-12
CVE-2025-58142
Analyzed
9.8
Intel Multiple Products

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple i...

2025-09-12
CVE-2025-58137
Analyzed
8.1
Apache Multiple Products

Authorization Bypass Through User-Controlled Key vulnerability in Apache Fineract

2025-12-13
CVE-2025-58136
Analyzed
7.5
Apache Traffic Server

A bug in POST request handling causes a crash under a certain condition

2026-04-03
CVE-2025-58130
Analyzed
9.1
Apache Multiple Products

Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in vers...

2025-12-13
CVE-2025-58120
7.5
Unknown Multiple Products

When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate

2025-10-16
CVE-2025-58116
7.2
Unknown Multiple Products

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in WN-7D36QR and WN-7D36QR/UE

2025-09-18
CVE-2025-58112
8.8
Microsoft Dynamics

Microsoft Dynamics 365 Customer Engagement (on-premises) 1612 (9

2026-03-20
CVE-2025-58107
Analyzed
7.5
Microsoft Exchange through

In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile de...

2026-03-03
CVE-2025-58098
Analyzed
8.3
Apache Multiple Products

Apache HTTP Server 2

2025-12-06
CVE-2025-58096
Analyzed
7.5
Unknown Multiple Products

When the database variable tm

2025-10-16
CVE-2025-58083
Analyzed
10
Unknown Multiple Products

General Industrial Controls Lynx+ Gateway  is missing critical authentication in the embedded web server which could allow an attacker to remotely re...

2025-11-15
CVE-2025-58081
Analyzed
7.5
Unknown Multiple Products

Use of hard-coded password issue/vulnerability in SS1 Ver

2025-08-28
CVE-2025-58078
7.5
Unknown Multiple Products

A relative path traversal vulnerability was discovered in Productivity Suite software version 4

2025-10-23
CVE-2025-58075
8.1
Mattermost Multiple Products

Mattermost versions 10

2025-10-16
CVE-2025-58074
Analyzed
8.8
Microsoft Store

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store

2026-05-05
CVE-2025-58073
8.1
Mattermost Multiple Products

Mattermost versions 10

2025-10-16
CVE-2025-58072
Analyzed
7.5
Unknown Multiple Products

Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 Ver

2025-08-28
CVE-2025-58071
7.5
Unknown Multiple Products

When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate

2025-10-16
CVE-2025-58060
8
Linux Multiple Products

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems

2025-09-12