17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 11601-11650 of 17282 CVEs Page 233 of 346
CVE-2025-54756
8.4
Infor Multiple Products

BrightSign players running BrightSign OS series 4 prior to v8

2026-02-13
CVE-2025-54754
8
Unknown Multiple Products

An attacker with adjacent access, without authentication, can exploit this vulnerability to retrieve a hard-coded password embedded in publicly avai...

2025-09-18
CVE-2025-54750
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FunnelKit Funnel Builder by F...

2025-08-20
CVE-2025-54742
Analyzed
8.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object Injection

2025-08-28
CVE-2025-54741
8.6
Tyler Moore Super Multiple Products

Missing Authorization vulnerability in Tyler Moore Super Blank super-blank allows Exploiting Incorrectly Configured Access Control Security Levels

2025-12-19
CVE-2025-54738
Analyzed
9.8
Unknown Multiple Products

Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobmonster allows Authentication Abuse. This issue affects Jobmonst...

2025-08-28
CVE-2025-54737
7.1
NooTheme Jobmonster Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster noo-jobmonster allows Reflec...

2025-11-06
CVE-2025-54735
8.8
Emraan Cheema CubeWP Multiple Products

Incorrect Privilege Assignment vulnerability in Emraan Cheema CubeWP Framework allows Privilege Escalation

2025-08-20
CVE-2025-54731
Analyzed
8.1
Unknown Multiple Products

Improper Control of Generation of Code ('Code Injection') vulnerability in emarket-design YouTube Showcase allows Object Injection

2025-08-28
CVE-2025-54726
Analyzed
9.3
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Miguel Useche JS Archive List allows SQL Injecti...

2025-08-20
CVE-2025-54725
Analyzed
9.8
Intel Multiple Products

Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo allows Authentication Abuse. This issue affects Golo: from n/a th...

2025-08-28
CVE-2025-54724
Analyzed
7.1
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Golo allows Reflected XSS

2025-08-28
CVE-2025-54723
Analyzed
9.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in BoldThemes DentiCare denticare allows Object Injection.This issue affects DentiCare: from n/a throu...

2025-12-19
CVE-2025-54722
7.1
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ex-Themes WooTour woo-tour allows Reflected XSS

2025-11-06
CVE-2025-54721
7.1
ThimPress Resca resca Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Resca resca allows Reflected XSS

2025-11-06
CVE-2025-54720
Analyzed
9.3
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SteelThemes Nest Addons allows SQL Injection. Th...

2025-08-28
CVE-2025-54719
8.8
NooTheme Yogi Multiple Products

Deserialization of Untrusted Data vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi allows Object Injection

2025-11-06
CVE-2025-54718
7.1
NooTheme Yogi Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi al...

2025-11-06
CVE-2025-54716
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Ireca allows PHP Loc...

2025-08-28
CVE-2025-54714
Analyzed
7.1
Project Multiple Products

Missing Authorization vulnerability in Dylan James Zephyr Project Manager allows Exploiting Incorrectly Configured Access Control Security Levels

2025-08-28
CVE-2025-54713
Analyzed
9.8
HP Multiple Products

Authentication Bypass Using an Alternate Path or Channel vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce allows Authentication Ab...

2025-08-20
CVE-2025-54711
7.1
Unknown Multiple Products

Missing Authorization vulnerability in bPlugins Info Cards info-cards allows Accessing Functionality Not Properly Constrained by ACLs

2025-11-08
CVE-2025-54710
Analyzed
7.1
Unknown Multiple Products

Missing Authorization vulnerability in bPlugins Tiktok Feed allows Accessing Functionality Not Properly Constrained by ACLs

2025-08-28
CVE-2025-54709
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Sala

2025-09-09
CVE-2025-54707
Analyzed
9.3
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 MDTF allows SQL Injection. This issue...

2025-08-14
CVE-2025-54701
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Unicamp allows PHP...

2025-08-14
CVE-2025-54700
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Makeaholic allows P...

2025-08-14
CVE-2025-54693
Analyzed
9
HP Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in epiphyt Form Block allows Upload a Web Shell to a Web Server. This issue affects Form...

2025-08-14
CVE-2025-54692
7.5
WP Swings Membership Multiple Products

Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs

2025-08-14
CVE-2025-54690
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themeStek Xinterio allows PHP...

2025-08-14
CVE-2025-54689
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna allows PHP Local...

2025-08-14
CVE-2025-54686
Analyzed
9.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in scriptsbundle Exertio allows Object Injection. This issue affects Exertio: from n/a through 1.3.2.

2025-08-14
CVE-2025-54679
7.5
Unknown Multiple Products

Missing Authorization vulnerability in vertim Neon Channel Product Customizer Free allows Exploiting Incorrectly Configured Access Control Security Le...

2025-08-14
CVE-2025-54678
Analyzed
9.3
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder allows Blind SQ...

2025-08-14
CVE-2025-54677
Analyzed
9.1
WordPress Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita allows Using Malici...

2025-08-20
CVE-2025-54669
Analyzed
9.3
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RomanCode MapSVG allows SQL Injection. This issu...

2025-08-14
CVE-2025-54658
Analyzed
7.8
Fortinet Multiple Products

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plu...

2025-10-16
CVE-2025-54655
8.1
Unknown Multiple Products

Race condition vulnerability in the virtualization base module

2025-08-07
CVE-2025-54653
8.4
Unknown Multiple Products

Path traversal vulnerability in the virtualization file module

2025-08-07
CVE-2025-54652
8.4
Unknown Multiple Products

Path traversal vulnerability in the virtualization base module

2025-08-07
CVE-2025-54634
8
Unknown Multiple Products

Vulnerability of improper processing of abnormal conditions in huge page separation

2025-08-07
CVE-2025-54627
8.8
Unknown Multiple Products

Out-of-bounds write vulnerability in the skia module

2025-08-07
CVE-2025-54622
8.3
Unknown Multiple Products

Binding authentication bypass vulnerability in the devicemanager module

2025-08-07
CVE-2025-54611
7.3
Gallery Multiple Products

EXTRA_REFERRER resource read vulnerability in the Gallery module

2025-08-07
CVE-2025-54607
7.7
ArkWeb Multiple Products

Authentication management vulnerability in the ArkWeb module

2025-08-07
CVE-2025-54606
7.3
Unknown Multiple Products

Status verification vulnerability in the lock screen module

2025-08-07
CVE-2025-54605
Analyzed
7.5
Core Multiple Products

Bitcoin Core through 29

2025-10-29
CVE-2025-54604
Analyzed
7.5
Core Multiple Products

Bitcoin Core through 29

2025-10-29
CVE-2025-54599
7.5
Unknown Multiple Products

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows account takeover, if SSO is used, when a victim...

2025-09-02
CVE-2025-54597
7.2
Linux Multiple Products

LinuxServer

2025-07-28