17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 11901-11950 of 17282 CVEs Page 239 of 346
CVE-2025-53694
Analyzed
7.5
Experience Multiple Products

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (X...

2025-09-03
CVE-2025-53693
Analyzed
9.8
Unknown Multiple Products

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecor...

2025-09-03
CVE-2025-53692
Analyzed
7.1
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sitecore Sitecore Experience Manager (XM)...

2025-09-22
CVE-2025-53691
Analyzed
8.8
Intel Multiple Products

Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (R...

2025-09-03
CVE-2025-53690
KEV Analyzed
9
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.This issu...

2025-09-03
CVE-2025-53689
Analyzed
8.8
Apache Multiple Products

Blind XXE Vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit < 2

2025-07-14
CVE-2025-53652
Analyzed
8.2
Jenkins Multiple Products

Jenkins Git Parameter Plugin 439

2025-07-10
CVE-2025-53650
Analyzed
7.3
Jenkins Multiple Products

Jenkins Credentials Binding Plugin 687

2025-07-11
CVE-2025-53645
7.5
Zimbra Multiple Products

Zimbra Collaboration Suite (ZCS) before 9

2025-07-11
CVE-2025-53629
7.5
Unknown Multiple Products

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library

2025-07-11
CVE-2025-53624
Analyzed
10
GitHub Multiple Products

The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists ver...

2025-07-10
CVE-2025-53619
7.4
Grassroot Multiple Products

An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3

2025-12-17
CVE-2025-53618
7.4
Grassroot Multiple Products

An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3

2025-12-17
CVE-2025-53606
Analyzed
9.8
Apache Multiple Products

Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): 2.4.0. Users are recomme...

2025-08-08
CVE-2025-53603
7.5
Unknown Multiple Products

In Alinto SOPE SOGo 2

2025-07-06
CVE-2025-53599
Analyzed
9.8
Apple Multiple Products

Whale browser for iOS before 3.9.1.4206 allow an attacker to execute malicious scripts in the browser via a crafted javascript scheme.

2025-07-08
CVE-2025-53588
Analyzed
7.7
Dmitry Multiple Products

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Dmitry V

2025-08-28
CVE-2025-53587
8.8
ApusTheme Findgo Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo allows Cross Site Request Forgery

2025-08-14
CVE-2025-53585
7.1
NooTheme WeMusic Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme WeMusic noo-wemusic allows Reflected XS...

2025-11-08
CVE-2025-53584
Analyzed
8.1
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System allows Object Injection

2025-08-28
CVE-2025-53583
Analyzed
8.1
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in emarket-design Employee Spotlight allows Object Injection

2025-08-28
CVE-2025-53580
Analyzed
9.8
Unknown Multiple Products

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows Privilege Escalation. This issue affects Simple Busi...

2025-08-20
CVE-2025-53579
Analyzed
7.1
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in captcha

2025-08-28
CVE-2025-53578
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kipso allows PHP Local...

2025-08-28
CVE-2025-53577
Analyzed
10
HP Multiple Products

Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS allows Remote Code Inclusion. This issue affects Global DN...

2025-08-20
CVE-2025-53576
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Ovatheme Events allo...

2025-08-28
CVE-2025-53573
7.1
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jegtheme Epic Review epic-review allows Reflecte...

2025-11-08
CVE-2025-53572
Analyzed
8.1
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in emarket-design WP Easy Contact allows Object Injection

2025-08-28
CVE-2025-53567
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nK Ghost Kit allows PHP Local...

2025-08-20
CVE-2025-53565
Analyzed
8.1
Google Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Widget for Google...

2025-08-20
CVE-2025-53560
8.8
Deserialization Multiple Products

Deserialization of Untrusted Data vulnerability in rascals Noisa allows Object Injection

2025-08-20
CVE-2025-53559
7.1
LambertGroup Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player - Addon for...

2025-08-20
CVE-2025-53558
8.8
ZTE Multiple Products

ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K

2025-07-31
CVE-2025-53557
Analyzed
9.8
Intel Multiple Products

A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa)...

2025-08-25
CVE-2025-53548
7.5
Clerk Multiple Products

Clerk helps developers build user management

2025-07-11
CVE-2025-53547
8.5
Kubernetes Multiple Products

Helm is a package manager for Charts for Kubernetes

2025-07-08
CVE-2025-53546
Analyzed
9.1
GitHub Multiple Products

Folo organizes feeds content into one timeline. Using pull_request_target on .github/workflows/auto-fix-lint-format-commit.yml can be exploited by att...

2025-07-10
CVE-2025-53544
7.5
Trilium Multiple Products

Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases

2025-08-05
CVE-2025-53542
Analyzed
7.7
Kubernetes Multiple Products

Headlamp is an extensible Kubernetes web UI

2025-07-11
CVE-2025-53538
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-07-23
CVE-2025-53537
7.5
LibHTP Multiple Products

LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces

2025-07-23
CVE-2025-53529
Analyzed
9.8
HP Multiple Products

WeGIA is a web manager for charitable institutions. An SQL Injection vulnerability was identified in the /html/funcionario/profile_funcionario.php end...

2025-07-07
CVE-2025-53524
7.8
Fuji Multiple Products

Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attack...

2025-12-17
CVE-2025-53521
KEV
7.5
Unknown Multiple Products

When a BIG-IP APM Access Policy is configured on a virtual server, undisclosed traffic can cause TMM to terminate

2025-10-16
CVE-2025-53520
Analyzed
8.8
Unknown Multiple Products

The affected product allows firmware updates to be downloaded from EG4's website, transferred via USB dongles, or installed through EG4's Monitoring...

2025-08-08
CVE-2025-5352
Analyzed
8.1
Unknown Multiple Products

A critical stored Cross-Site Scripting (XSS) vulnerability exists in the Analytics component of lunary-ai/lunary versions up to 1

2025-08-24
CVE-2025-53518
Analyzed
9.8
Unknown Multiple Products

An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specia...

2025-08-25
CVE-2025-53515
Analyzed
8.8
Unknown Multiple Products

A vulnerability exists in Advantech iView that allows for SQL injection and remote code execution through NetworkServlet

2025-07-11
CVE-2025-53513
8.8
Unknown Multiple Products

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a char...

2025-07-10
CVE-2025-53511
Analyzed
9.8
Unknown Multiple Products

A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa)...

2025-08-25