17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 11801-11850 of 17282 CVEs Page 237 of 346
CVE-2025-54072
7.5
Unknown Multiple Products

yt-dlp is a feature-rich command-line audio/video downloader

2025-07-23
CVE-2025-54068
KEV
9.5
Laravel Livewire

Laravel Livewire Code Injection Vulnerability - Active in CISA KEV catalog.

2026-03-21
CVE-2025-54065
7.9
Doom Multiple Products

GZDoom is a feature centric port for all Doom engine games

2025-12-03
CVE-2025-54063
8
Unknown Multiple Products

Cherry Studio is a desktop client that supports for multiple LLM providers

2025-08-11
CVE-2025-54052
7.5
HP Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Realtyna Realtyna Organic IDX plugin allows PHP Local File Inclusion

2025-08-20
CVE-2025-54049
Analyzed
9.9
WordPress Multiple Products

Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP allows Privilege Escalation. This issue affects Custom API for WP: from n...

2025-08-20
CVE-2025-54048
Analyzed
9.3
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniOrange Custom API for WP allows SQL Injectio...

2025-08-20
CVE-2025-54043
7.6
YayCommerce SMTP Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce SMTP for Amazon SES allows SQL Injec...

2025-07-16
CVE-2025-54034
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Tribulant Software Newsletter...

2025-08-20
CVE-2025-54031
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Schiocco Support Board allows...

2025-08-20
CVE-2025-54029
Analyzed
7.7
Unknown Multiple Products

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in extendons WooCommerce csv import export allows Path Tr...

2025-08-28
CVE-2025-54028
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Saleswonder Team Tobias CF7 W...

2025-08-20
CVE-2025-54026
8.5
QuanticaLabs GymBase Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuanticaLabs GymBase Theme Classes allows SQL In...

2025-07-16
CVE-2025-54021
7.5
Mitchell Bennis Multiple Products

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mitchell Bennis Simple File List allows Path Traversal

2025-08-20
CVE-2025-54017
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cozmoslabs Paid Member Subscr...

2025-08-20
CVE-2025-54014
Analyzed
9.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in QuanticaLabs MediCenter - Health Medical Clinic allows Object Injection. This issue affects MediCen...

2025-08-20
CVE-2025-54012
7.2
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in nanbu Welcart e-Commerce allows Object Injection

2025-08-20
CVE-2025-54010
Analyzed
9.6
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel FluentSnippets allows Cross Site Request Forgery. This issue affects FluentSnippets...

2025-07-16
CVE-2025-54007
8.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in PickPlugins Post Grid and Gutenberg Blocks allows Object Injection

2025-08-20
CVE-2025-54001
Analyzed
9.8
ThemeREX Classter Multiple Products

Deserialization of Untrusted Data vulnerability in ThemeREX Classter classter allows Object Injection.This issue affects Classter: from n/a through <=...

2026-03-06
CVE-2025-53990
7.2
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in jetmonsters JetFormBuilder allows Object Injection

2025-07-16
CVE-2025-53970
Analyzed
9.8
HP Multiple Products

SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS co...

2025-08-28
CVE-2025-5397
Analyzed
9.8
WordPress Multiple Products

The Noo JobMonster theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 4.8.1. This is due to the check_lo...

2025-10-31
CVE-2025-53969
8.8
Unknown Multiple Products

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary protocol on TCP port 1069 to allow the client-side...

2025-09-18
CVE-2025-53968
7.5
Unknown Multiple Products

This vulnerability arises because there are no limitations on the number of authentication attempts a user can make

2026-01-23
CVE-2025-53967
8
MCP Multiple Products

Framelink Figma MCP Server before 0

2025-10-08
CVE-2025-53966
8.4
Samsung Multiple Products

An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580

2026-01-06
CVE-2025-53964
Analyzed
9.6
GoldenDict Multiple Products

GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then sear...

2025-07-17
CVE-2025-53963
Analyzed
9.8
Unknown Multiple Products

An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The ro...

2025-12-06
CVE-2025-5396
Analyzed
9.8
WordPress Multiple Products

The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackup_a...

2025-07-17
CVE-2025-53959
7.6
YouTrack Multiple Products

In JetBrains YouTrack before 2025

2025-07-15
CVE-2025-53948
Analyzed
7.5
PACS Multiple Products

The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a denial-of-service condition

2025-08-19
CVE-2025-53947
Analyzed
7.7
Microsoft Multiple Products

A local attacker with low privileges on the Windows system where the software is installed can exploit this vulnerability to corrupt sensitive data

2025-09-18
CVE-2025-53944
7.7
Intel Multiple Products

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents

2025-07-30
CVE-2025-5394
Analyzed
9.8
WordPress Multiple Products

The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability ch...

2025-07-15
CVE-2025-5393
Analyzed
9.1
WordPress Multiple Products

The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path...

2025-07-15
CVE-2025-53923
8.2
Emlog Multiple Products

Emlog is an open source website building system

2025-07-16
CVE-2025-53919
Analyzed
7.8
Dell Multiple Products

An issue was discovered in the Portrait Dell Color Management application through 3

2025-12-18
CVE-2025-53912
Analyzed
9.6
Unknown Multiple Products

An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTP request...

2026-01-21
CVE-2025-5391
Analyzed
8.1
WordPress Multiple Products

The WooCommerce Purchase Orders plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_f...

2025-08-12
CVE-2025-53909
Analyzed
9.1
Docker Multiple Products

mailcow: dockerized is an open source groupware/email suite based on docker. A Server-Side Template Injection (SSTI) vulnerability exists in versions...

2025-07-17
CVE-2025-53899
Analyzed
7.2
Intel Multiple Products

Kiteworks MFT orchestrates end-to-end file transfer workflows

2025-11-30
CVE-2025-53896
Analyzed
7.1
Kiteworks Multiple Products

Kiteworks MFT orchestrates end-to-end file transfer workflows

2025-11-30
CVE-2025-53890
Analyzed
9.8
Unknown Multiple Products

pyload is an open-source Download Manager written in pure Python. An unsafe JavaScript evaluation vulnerability in pyLoad’s CAPTCHA processing code al...

2025-07-15
CVE-2025-53882
Analyzed
9.1
Unknown Multiple Products

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the logrotate configuration for openSUSEs mailman3 package allows potential esc...

2025-07-23
CVE-2025-53868
8.7
Unknown Multiple Products

When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictio...

2025-10-15
CVE-2025-53856
7.5
Unknown Multiple Products

When a virtual server, network address translation (NAT) object, or secure network address translation (SNAT) object uses the embedded Packet Velocity...

2025-10-16
CVE-2025-53855
7.8
Unknown Multiple Products

An out-of-bounds write vulnerability exists in the XML parser functionality of GCC Productions Inc

2025-10-28
CVE-2025-53853
Analyzed
9.8
Unknown Multiple Products

A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa...

2025-08-25
CVE-2025-53844
Analyzed
8.8
Apple FortiOS

A out-of-bounds write vulnerability in Fortinet FortiOS 7

2026-05-13