17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 11251-11300 of 17282 CVEs Page 226 of 346
CVE-2025-57213
7.5
Unknown Multiple Products

Incorrect access control in the component orderService

2025-12-06
CVE-2025-57212
7.5
Unknown Multiple Products

Incorrect access control in the component ApiOrderService

2025-12-06
CVE-2025-57210
7.5
Unknown Multiple Products

Incorrect access control in the component ApiPayController

2025-12-06
CVE-2025-57201
Analyzed
8.8
SMB Multiple Products

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB...

2025-12-03
CVE-2025-57199
8.8
NetFailDetectD Multiple Products

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetF...

2025-12-03
CVE-2025-57198
8.8
AVTECH Multiple Products

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the Mach...

2025-12-03
CVE-2025-57174
Analyzed
9.8
Unknown Multiple Products

An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous version...

2025-09-15
CVE-2025-57156
7.5
Unknown Multiple Products

NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp

2026-01-22
CVE-2025-57155
7.5
Unknown Multiple Products

NULL pointer dereference in the daap_reply_groups function in src/httpd_daap

2026-01-22
CVE-2025-57151
Analyzed
8.8
HP Multiple Products

phpgurukul Complaint Management System 2

2025-09-03
CVE-2025-57150
Analyzed
7.2
HP Multiple Products

phpgurukul Complaint Management System in PHP 2

2025-09-04
CVE-2025-57148
Analyzed
9.1
HP Multiple Products

phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.

2025-09-03
CVE-2025-57147
Analyzed
7.5
HP Multiple Products

A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2

2025-09-03
CVE-2025-57146
Analyzed
8.1
HP Multiple Products

phpgurukul Complaint Management System in PHP 2

2025-09-04
CVE-2025-57141
Analyzed
9.8
Intel Multiple Products

rsbi-os 4.7 is vulnerable to Remote Code Execution (RCE) in sqlite-jdbc.

2025-09-08
CVE-2025-57140
Analyzed
9.8
Unknown Multiple Products

rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path.

2025-09-02
CVE-2025-57130
8.3
Unknown Multiple Products

An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13

2025-11-06
CVE-2025-57119
Analyzed
9.8
HP Multiple Products

An issue in Online Library Management System v.3.0 allows an attacker to escalate privileges via the adminlogin.php component and the Login function

2025-09-17
CVE-2025-57108
Analyzed
9.8
Kitware VTK Multiple Products

Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests d...

2025-10-31
CVE-2025-57107
7.1
Kitware Multiple Products

Kitware VTK (Visualization Toolkit) through 9

2025-10-31
CVE-2025-57106
7.5
Kitware Multiple Products

Kitware VTK (Visualization Toolkit) up to 9

2025-10-31
CVE-2025-57052
Analyzed
9.8
Intel Multiple Products

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to...

2025-09-03
CVE-2025-5692
Analyzed
8.8
WordPress Multiple Products

The Lead Form Data Collection to CRM plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due...

2025-07-05
CVE-2025-56819
Analyzed
9.8
Unknown Multiple Products

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter.

2025-09-24
CVE-2025-56816
8.8
Datart Multiple Products

Datart 1

2025-09-24
CVE-2025-56815
7.1
Datart Multiple Products

Datart 1

2025-09-24
CVE-2025-56803
Analyzed
8.4
Microsoft Multiple Products

Figma Desktop for Windows version 125

2025-09-03
CVE-2025-56752
Analyzed
9.4
Ruijie Multiple Products

A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providi...

2025-09-03
CVE-2025-56749
Analyzed
9.4
Unknown Multiple Products

Creativeitem Academy LMS up to and including 6.14 uses a hardcoded default JWT secret for token signing. This predictable secret allows attackers to f...

2025-10-15
CVE-2025-56710
Analyzed
7.3
HP Multiple Products

A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Profile Page of the PHPGurukul Student-Result-Management-System-Using-PHP-V2

2025-09-15
CVE-2025-56706
8
Edimax Multiple Products

Edimax BR-6473AX v1

2025-09-16
CVE-2025-56704
8.8
LeptonCMS Multiple Products

LeptonCMS version 7

2025-12-11
CVE-2025-56630
7.3
FoxCMS Multiple Products

FoxCMS v1

2025-09-08
CVE-2025-5662
Analyzed
9.8
Unknown Multiple Products

A deserialization vulnerability exists in the H2O-3 REST API (POST /99/ImportSQLTable) that affects all versions up to 3.46.0.7. This vulnerability al...

2025-09-02
CVE-2025-56588
8.8
Dolibarr Multiple Products

Dolibarr ERP & CRM v21

2025-10-01
CVE-2025-56577
Analyzed
8.4
Unknown Multiple Products

An issue in Evope Core v

2025-08-29
CVE-2025-56562
7.5
Wiz Multiple Products

An incorrect API discovered in Signify Wiz Connected 1

2025-09-17
CVE-2025-56558
7.5
Unknown Multiple Products

An issue discovered in Dyson App v6

2025-10-29
CVE-2025-56557
Analyzed
9.1
Unknown Multiple Products

An issue discovered in the Tuya Smart Life App 5.6.1 allows attackers to unprivileged control Matter devices via the Matter protocol.

2025-09-17
CVE-2025-56551
8.2
Unknown Multiple Products

An issue in DirectAdmin v1

2025-10-03
CVE-2025-56527
7.5
Plaintext Multiple Products

Plaintext password storage in Kotaemon 0

2025-11-19
CVE-2025-56515
8.8
Fiora chat Multiple Products

File upload vulnerability in Fiora chat application 1

2025-10-01
CVE-2025-56447
Analyzed
9.8
Intel Multiple Products

TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.

2025-10-22
CVE-2025-56427
7.5
Unknown Multiple Products

Directory Traversal vulnerability in ComposioHQ v

2025-12-06
CVE-2025-56424
7.5
Unknown Multiple Products

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a craft...

2026-01-09
CVE-2025-56422
Analyzed
9.8
LimeSurvey before Multiple Products

A deserialization vulnerability in LimeSurvey before v6.15.0+250623 allows a remote attacker to execute arbitrary code on the server.

2026-03-11
CVE-2025-56413
8.8
Unknown Multiple Products

OS Command injection vulnerability in function OperateSSH in 1panel 2

2025-09-10
CVE-2025-56407
8.8
Unknown Multiple Products

A vulnerability has been found in HuangDou UTCMS V9 and classified as critical

2025-09-10
CVE-2025-56401
7.6
Group Multiple Products

ZIRA Group WBRM 7

2025-11-25
CVE-2025-56400
8.8
OAuth Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in the OAuth implementation of the Tuya SDK 6

2025-11-25