17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 11151-11200 of 17282 CVEs Page 224 of 346
CVE-2025-58059
Analyzed
9.1
Unknown Multiple Products

Valtimo is a platform for Business Process Automation. In versions before 12.16.0.RELEASE, and from 13.0.0.RELEASE to before 13.1.2.RELEASE, any admin...

2025-08-28
CVE-2025-58048
Analyzed
9.9
HP Multiple Products

Paymenter is a free and open-source webshop solution for hostings. Prior to version 1.2.11, the ticket attachments functionality in Paymenter allows a...

2025-08-28
CVE-2025-58047
Analyzed
7.5
Volto Multiple Products

Volto is a React based frontend for the Plone Content Management System

2025-08-28
CVE-2025-5804
7.5
HP Program

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Case Themes Case Theme User a...

2026-04-12
CVE-2025-58034
KEV Analyzed
7.2
Fortinet Multiple Products

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb 8

2025-11-19
CVE-2025-58013
Analyzed
8.8
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in pebas CouponXxL allows Privilege Escalation

2025-09-22
CVE-2025-57977
Analyzed
7.1
WordPress Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible PDF Invoices for WooCommerce & WordPress allows Cross Site Request Forgery

2025-09-22
CVE-2025-57968
7.1
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp VikRestaurants Table Reservations and T...

2025-09-22
CVE-2025-57925
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in immonex immonex Kickstart Tea...

2025-09-22
CVE-2025-57919
Analyzed
7.2
WordPress Multiple Products

Deserialization of Untrusted Data vulnerability in ConveyThis Language Translate Widget for WordPress – ConveyThis allows Object Injection

2025-09-22
CVE-2025-57918
7.1
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in ERA404 LinkedInclude allows Stored XSS

2025-09-22
CVE-2025-57889
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RealMag777 InPost Gallery all...

2025-09-05
CVE-2025-57870
Analyzed
10
Microsoft Multiple Products

A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on Windows, Linux and Kubernetes. This vulnerability allows a...

2025-10-22
CVE-2025-57846
7.8
Unknown Multiple Products

Multiple i-フィルター products contain an issue with incorrect default permissions

2025-08-27
CVE-2025-57836
7.8
Samsung Multiple Products

An issue was discovered in Samsung Magician 6

2026-01-06
CVE-2025-57834
7.5
Samsung Mobile Processor

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem (Exynos 980, 850, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 24...

2026-04-07
CVE-2025-57819
KEV
9.5
Sangoma FreePBX

Sangoma FreePBX Authentication Bypass Vulnerability - Active in CISA KEV catalog.

2025-08-29
CVE-2025-57808
Analyzed
8.1
ESPHome Multiple Products

ESPHome is a system to control microcontrollers remotely through Home Automation systems

2025-09-02
CVE-2025-57803
7.5
ImageMagick Multiple Products

ImageMagick is free and open-source software used for editing and manipulating digital images

2025-08-26
CVE-2025-57800
8.8
Unknown Multiple Products

Audiobookshelf is an open-source self-hosted audiobook server

2025-08-23
CVE-2025-57797
7.8
ScanSnap Multiple Products

Incorrect privilege assignment vulnerability exists in ScanSnap Manager installers versions prior to V6

2025-08-27
CVE-2025-57795
Analyzed
9.9
Unknown Multiple Products

Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service component. In default configura...

2026-01-29
CVE-2025-57794
Analyzed
9.1
HP Multiple Products

Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload vulnerability in the administrative interface. The applicat...

2026-01-29
CVE-2025-57793
8.6
Unknown Multiple Products

Explorance Blue versions prior to 8

2026-01-29
CVE-2025-57792
Analyzed
10
Unknown Multiple Products

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user input in a web application en...

2026-01-29
CVE-2025-57790
8.8
Commvault Multiple Products

An issue was discovered in Commvault before 11

2025-08-21
CVE-2025-57781
7.8
Unknown Multiple Products

The installers of DENSO TEN drive recorder viewer contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Librari...

2025-10-06
CVE-2025-57780
8.8
F5 Multiple Products

A vulnerability exists in F5OS-A and F5OS-C system that may allow an authenticated attacker with local access to escalate their privileges

2025-10-15
CVE-2025-57778
7.8
Unknown Multiple Products

There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid source address when parsing a DSB file with Digi...

2025-09-02
CVE-2025-57777
7.8
Unknown Multiple Products

There is an out of bounds write vulnerability due to improper bounds checking in displ2

2025-09-02
CVE-2025-57776
7.8
Unknown Multiple Products

There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid address when parsing a DSB file with Digilent DA...

2025-09-02
CVE-2025-57775
7.8
Unknown Multiple Products

There is a heap-based Buffer Overflow vulnerability due to improper bounds checking when parsing a DSB file with Digilent DASYLab

2025-09-02
CVE-2025-57774
7.8
Unknown Multiple Products

There is an out of bounds write vulnerability due to improper bounds checking resulting in invalid data when parsing a DSB file with Digilent DASYLab

2025-09-02
CVE-2025-57771
8.1
Roo Multiple Products

Roo Code is an AI-powered autonomous coding agent that lives in users' editors

2025-08-23
CVE-2025-57767
Analyzed
7.5
Asterisk Multiple Products

Asterisk is an open source private branch exchange and telephony toolkit

2025-08-28
CVE-2025-57761
8.8
Web Multiple Products

WeGIA is a Web manager for charitable institutions

2025-08-23
CVE-2025-57760
8.8
Langflow Multiple Products

Langflow is a tool for building and deploying AI-powered agents and workflows

2025-08-25
CVE-2025-57754
Analyzed
9.8
Unknown Multiple Products

eslint-ban-moment is an Eslint plugin for final assignment in VIHU. In 3.0.0 and earlier, a sensitive Supabase URI is exposed in .env. A valid Supabas...

2025-08-21
CVE-2025-57741
7.8
Unknown Multiple Products

An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in FortiClientMac 7

2025-10-14
CVE-2025-57738
Analyzed
7.2
Apache Multiple Products

Apache Syncope offers the ability to extend / customize the base behavior on every deployment by allowing to provide custom implementations of a few J...

2025-10-20
CVE-2025-57735
Analyzed
9.1
Unknown Multiple Products

When user logged out, the JWT token the user had authtenticated with was not invalidated, which could lead to reuse of that token in case it was inter...

2026-04-10
CVE-2025-57732
7.5
TeamCity Multiple Products

In JetBrains TeamCity before 2025

2025-08-20
CVE-2025-57731
8.7
YouTrack Multiple Products

In JetBrains YouTrack before 2025

2025-08-20
CVE-2025-57713
7.5
File Multiple Products

A weak authentication vulnerability has been reported to affect File Station 5

2026-02-13
CVE-2025-57709
8.1
Unknown Multiple Products

A buffer overflow vulnerability has been reported to affect Qsync Central

2026-02-13
CVE-2025-57707
8.8
File Multiple Products

An improper neutralization of directives in statically saved code ('Static Code Injection') vulnerability has been reported to affect File Station 5

2026-02-13
CVE-2025-57644
Analyzed
9.1
Unknown Multiple Products

Accela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script feature. An authenticated administrative user can exec...

2025-09-19
CVE-2025-57638
7.5
Tenda Multiple Products

Buffer overflow vulnerability in Tenda AC9 1

2025-09-24
CVE-2025-57637
7.5
D-Link Multiple Products

Buffer overflow vulnerability in D-Link DI-7100G 2020-02-21 in the sub_451754 function of the jhttpd service in the viav4 parameter allowing attackers...

2025-09-24
CVE-2025-57633
Analyzed
9.8
Unknown Multiple Products

A command injection vulnerability in FTP-Flask-python through 5173b68 allows unauthenticated remote attackers to execute arbitrary OS commands. The /f...

2025-09-10