17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 13551-13600 of 17282 CVEs Page 272 of 346
CVE-2025-31952
7.1
HCL Multiple Products

HCL iAutomate is affected by an insufficient session expiration

2025-07-25
CVE-2025-31951
Analyzed
8.8
HCL BigFix RunBookAI

HCL BigFix RunBookAI is affected by a Unvalidated Command Input / Potential Command Smuggling vulnerability

2026-05-06
CVE-2025-31718
Analyzed
9.8
Unknown Multiple Products

In modem, there is a possible system crash due to improper input validation. This could lead to remote escalation of privilege with no additional exec...

2025-10-12
CVE-2025-31717
Analyzed
9.8
Unknown Multiple Products

In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution...

2025-10-12
CVE-2025-31715
Analyzed
9.8
Unknown Multiple Products

In vowifi service, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no a...

2025-08-18
CVE-2025-31713
Analyzed
8.4
Unknown Multiple Products

In engineer mode service, there is a possible command injection due to improper input validation

2025-08-18
CVE-2025-31701
8.1
Unknown Multiple Products

A vulnerability has been found in Dahua products

2025-07-23
CVE-2025-31700
8.1
Unknown Multiple Products

A vulnerability has been found in Dahua products

2025-07-23
CVE-2025-31649
Analyzed
8.7
Dell Multiple Products

A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5

2025-11-18
CVE-2025-31643
8.8
Dasinfomedia WPCHURCH Multiple Products

Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation

2026-01-08
CVE-2025-31642
7.1
Dasinfomedia WPCHURCH Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dasinfomedia WPCHURCH allows Reflected XSS

2026-01-07
CVE-2025-31634
8.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in designthemes Insurance insurance allows Object Injection

2025-10-23
CVE-2025-31512
7.3
AlertEnterprise Multiple Products

An issue was discovered in AlertEnterprise Guardian 4

2025-07-23
CVE-2025-31511
7.3
AlertEnterprise Multiple Products

An issue was discovered in AlertEnterprise Guardian 4

2025-07-23
CVE-2025-31510
7.2
Unknown Multiple Products

In the portal in LemonLDAP::NG before 2

2026-01-18
CVE-2025-31427
Analyzed
7.1
WordPress Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes Invico - WordPress Consulting Busin...

2025-07-16
CVE-2025-31425
7.5
Unknown Multiple Products

Missing Authorization vulnerability in kamleshyadav WP Lead Capturing Pages allows Exploiting Incorrectly Configured Access Control Security Levels

2025-08-14
CVE-2025-31422
Analyzed
8.8
WordPress Multiple Products

Deserialization of Untrusted Data vulnerability in designthemes Visual Art | Gallery WordPress Theme allows Object Injection

2025-07-16
CVE-2025-31361
Analyzed
8.7
Dell Multiple Products

A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD functionality of Dell ControlVault3 prior to 5

2025-11-18
CVE-2025-31355
7.2
Tenda Multiple Products

A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5

2025-08-20
CVE-2025-31281
Analyzed
9.1
Apple Multiple Products

An input validation issue was addressed with improved memory handling. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 an...

2025-07-31
CVE-2025-31280
7.8
Unknown Multiple Products

A memory corruption issue was addressed with improved validation

2025-07-31
CVE-2025-3128
Analyzed
9.8
Unknown Multiple Products

A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS commands to disclose, tamper with, destroy or delete in...

2025-08-21
CVE-2025-31279
Analyzed
9.8
Apple Multiple Products

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Sonoma 14.7.7, macOS V...

2025-07-31
CVE-2025-31278
8.8
Unknown Multiple Products

The issue was addressed with improved memory handling

2025-07-31
CVE-2025-31277
KEV
8.8
Unknown Multiple Products

The issue was addressed with improved memory handling

2025-07-31
CVE-2025-31273
8.8
Unknown Multiple Products

The issue was addressed with improved memory handling

2025-07-31
CVE-2025-31271
7.5
Unknown Multiple Products

This issue was addressed through improved state management

2025-09-16
CVE-2025-31243
7.8
Unknown Multiple Products

A permissions issue was addressed with additional restrictions

2025-07-31
CVE-2025-31229
Analyzed
9.1
Apple Multiple Products

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may be read aloud by VoiceOver.

2025-07-31
CVE-2025-31125
KEV
9.5
Vite Vitejs

Vite Vitejs Improper Access Control Vulnerability - Active in CISA KEV catalog.

2026-01-23
CVE-2025-31072
Analyzed
7.1
WordPress Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes Ofiz - WordPress Business Consultin...

2025-07-16
CVE-2025-31070
7.5
LambertGroup Multiple Products

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in LambertGroup HTML5 Radio Player - WPBakery Page Builde...

2025-07-16
CVE-2025-31055
Analyzed
7.1
WordPress Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vergatheme Electrician - Electrical Service Word...

2025-07-16
CVE-2025-31054
7.1
Themefy Bloggie Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Themefy Bloggie allows Reflected XSS

2026-01-01
CVE-2025-31048
Analyzed
9.9
HP Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: fro...

2026-01-06
CVE-2025-31047
Analyzed
8.8
Themify Themify Edmin Multiple Products

Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection

2026-01-06
CVE-2025-31044
Analyzed
8.5
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team Premium SEO Pack allows SQL Injection

2026-01-06
CVE-2025-30998
8.5
Rico Macchi WP Links Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rico Macchi WP Links Page allows SQL Injection

2025-08-14
CVE-2025-30996
Analyzed
9.9
WordPress Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo...

2026-01-07
CVE-2025-30979
8.5
Google Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Pixelating image slideshow gallery allo...

2025-07-06
CVE-2025-30975
7.5
SaifuMak Add Custom Multiple Products

Improper Control of Generation of Code ('Code Injection') vulnerability in SaifuMak Add Custom Codes allows Code Injection

2025-08-20
CVE-2025-30973
Analyzed
9.8
Intel Multiple Products

Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS allows Object Injection. This issue affects CoSchool LMS: from n/a thro...

2025-07-16
CVE-2025-30969
8.5
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus iFrame Images Gallery allows SQL Inject...

2025-07-06
CVE-2025-30955
7.1
Unknown Multiple Products

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GT3themes ListingEasy allows Reflected XSS

2025-07-16
CVE-2025-30949
Analyzed
9.8
HP Multiple Products

Deserialization of Untrusted Data vulnerability in Guru Team Site Chat on Telegram allows Object Injection. This issue affects Site Chat on Telegram:...

2025-07-16
CVE-2025-30947
8.5
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Cool fade popup allows Blind SQL Inject...

2025-07-06
CVE-2025-30944
7.5
Essekia Tablesome Multiple Products

Missing Authorization vulnerability in Essekia Tablesome Table Premium tablesome-premium allows Accessing Functionality Not Properly Constrained by AC...

2025-10-23
CVE-2025-30936
Analyzed
9.3
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Torod Company for Information Technology Torod a...

2025-07-16
CVE-2025-30933
Analyzed
10
Unknown Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes LogisticsHub allows Upload a Web Shell to a Web Server. This issue affec...

2025-07-06