17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 14301-14350 of 17282 CVEs Page 287 of 346
CVE-2025-15100
Analyzed
8.8
WordPress is vulnerable

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2

2026-02-08
CVE-2025-15099
7.3
Unknown Multiple Products

A vulnerability was identified in simstudioai sim up to 0

2025-12-26
CVE-2025-15097
7.3
Alteryx Multiple Products

A vulnerability was found in Alteryx Server

2025-12-26
CVE-2025-15096
8.8
WordPress is vulnerable

The 'Videospirecore Theme Plugin' plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including...

2026-02-12
CVE-2025-15092
Analyzed
8.8
Unknown Multiple Products

A vulnerability was identified in UTT 进取 512W up to 1

2025-12-26
CVE-2025-15091
Analyzed
8.8
Unknown Multiple Products

A vulnerability was determined in UTT 进取 512W up to 1

2025-12-26
CVE-2025-15090
Analyzed
8.8
Unknown Multiple Products

A vulnerability was found in UTT 进取 512W up to 1

2025-12-26
CVE-2025-15089
Analyzed
8.8
Unknown Multiple Products

A vulnerability has been found in UTT 进取 512W up to 1

2025-12-26
CVE-2025-15078
7.3
Unknown Multiple Products

A vulnerability was detected in itsourcecode Student Management System 1

2025-12-26
CVE-2025-15077
7.3
Unknown Multiple Products

A security vulnerability has been detected in itsourcecode Student Management System 1

2025-12-26
CVE-2025-15076
7.3
Tenda Multiple Products

A weakness has been identified in Tenda CH22 1

2025-12-26
CVE-2025-15075
7.3
Unknown Multiple Products

A security flaw has been discovered in itsourcecode Student Management System 1

2025-12-26
CVE-2025-15074
7.3
Unknown Multiple Products

A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1

2025-12-26
CVE-2025-15073
7.3
Unknown Multiple Products

A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1

2025-12-26
CVE-2025-15069
Analyzed
7.1
Gmission Web Fax Multiple Products

Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation

2025-12-29
CVE-2025-15068
Analyzed
7.7
Gmission Web Fax Multiple Products

Missing Authorization vulnerability in Gmission Web Fax allows Privilege Abuse, Session Credential Falsification through Manipulation

2025-12-29
CVE-2025-15067
Analyzed
7.7
HP Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a Web Shell to a Web Server

2025-12-29
CVE-2025-15063
Analyzed
9.8
Unknown Multiple Products

Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary cod...

2026-01-23
CVE-2025-15062
7.8
Trimble Multiple Products

Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

2026-01-23
CVE-2025-15061
Analyzed
9.8
Unknown Multiple Products

Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...

2026-01-23
CVE-2025-15060
Analyzed
9.8
Unknown claude-hovercraft

A command injection vulnerability in the executeClaudeCode method of claude-hovercraft allows unauthenticated remote attackers to execute arbitrary co...

2026-03-17
CVE-2025-15059
7.8
GIMP Multiple Products

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

2026-01-23
CVE-2025-15057
7.2
WordPress Multiple Products

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `fh` (fingerprint) parameter in all versions up to, a...

2026-01-09
CVE-2025-15055
7.2
WordPress Multiple Products

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'notes' and 'resource' parameters in all versions up...

2026-01-09
CVE-2025-15047
Analyzed
9.8
Tenda Multiple Products

A vulnerability was found in Tenda WH450 1.0.0.18. This affects an unknown function of the file /goform/PPTPDClient of the component HTTP Request Hand...

2025-12-24
CVE-2025-15046
Analyzed
9.8
Tenda Multiple Products

A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HT...

2025-12-24
CVE-2025-15045
Analyzed
9.8
Tenda Multiple Products

A flaw has been found in Tenda WH450 1.0.0.18. The affected element is an unknown function of the file /goform/Natlimit of the component HTTP Request...

2025-12-24
CVE-2025-15044
Analyzed
9.8
Tenda Multiple Products

A vulnerability was detected in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/NatStaticSetting. The manipulation of the ar...

2025-12-24
CVE-2025-15036
Analyzed
9.6
Arch MLflow

A path traversal vulnerability in MLflow's archive extraction function allows attackers to overwrite arbitrary files and escape sandboxed directories...

2026-03-30
CVE-2025-15034
7.3
Unknown Multiple Products

A security flaw has been discovered in itsourcecode Student Management System 1

2025-12-23
CVE-2025-15032
Analyzed
7.4
Dia Multiple Products

Missing about:blank indicator in custom-sized new windows in Dia before 1

2026-01-18
CVE-2025-15031
8.1
Arch Multiple Products

A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file writes due to improper handling of tar archive entries

2026-03-19
CVE-2025-15030
Analyzed
9.8
WordPress Multiple Products

The User Profile Builder WordPress plugin before 3.15.2 does not have a proper password reset process, allowing a few unauthenticated requests to res...

2026-02-03
CVE-2025-15029
Analyzed
9.8
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon Infra Monitoring (Awie export modules)...

2026-01-06
CVE-2025-15027
Analyzed
9.8
WordPress is vulnerable

The JAY Login & Register plugin for WordPress allows unauthenticated privilege escalation to administrator by exploiting the 'jay_login_register_ajax_...

2026-02-08
CVE-2025-15026
Analyzed
9.8
Apache Multiple Products

Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie (Awie import module) allows Accessing Functional...

2026-01-06
CVE-2025-15025
8.8
Unknown Multiple Products

Authorization bypass through User-Controlled key vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry a...

2026-05-15
CVE-2025-15024
8.8
Unknown Multiple Products

Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems I...

2026-05-15
CVE-2025-15023
8.8
Unknown Multiple Products

Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc

2026-05-15
CVE-2025-15018
Analyzed
9.8
WordPress Multiple Products

The Optional Email plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in all versions up to, and including, 1.3.11. This...

2026-01-08
CVE-2025-15016
Analyzed
9.8
Unknown Multiple Products

Enterprise Cloud Database developed by Ragic has a Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit th...

2025-12-22
CVE-2025-15015
Analyzed
7.5
Intel Multiple Products

Enterprise Cloud Database developed by Ragic has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Pa...

2025-12-22
CVE-2025-15012
7.3
Unknown Multiple Products

A vulnerability was determined in code-projects Refugee Food Management System 1

2025-12-22
CVE-2025-15011
7.3
Stock Multiple Products

A vulnerability was found in code-projects Simple Stock System 1

2025-12-22
CVE-2025-15010
Analyzed
9.8
Tenda Multiple Products

A vulnerability has been found in Tenda WH450 1.0.0.18. This issue affects some unknown processing of the file /goform/SafeUrlFilter. The manipulation...

2025-12-22
CVE-2025-15008
7.3
Tenda Multiple Products

A vulnerability was detected in Tenda WH450 1

2025-12-22
CVE-2025-15007
Analyzed
9.8
Tenda Multiple Products

A security vulnerability has been detected in Tenda WH450 1.0.0.18. Affected by this issue is some unknown functionality of the file /goform/L7Im of t...

2025-12-22
CVE-2025-15006
Analyzed
9.8
Tenda Multiple Products

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of t...

2025-12-22
CVE-2025-15002
7.3
Unknown Multiple Products

A vulnerability has been found in SeaCMS up to 13

2025-12-22
CVE-2025-15001
Analyzed
9.8
WordPress Multiple Products

The FS Registration Password plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0...

2026-01-06