17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 14501-14550 of 17282 CVEs Page 291 of 346
CVE-2025-14503
7.2
Unknown Multiple Products

An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow authenticated users to escalate privileges via role assumption

2025-12-16
CVE-2025-14502
Analyzed
9.8
HP Multiple Products

The News and Blog Designer Bundle plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1 via the templat...

2026-01-14
CVE-2025-14500
Analyzed
9.8
Unknown Multiple Products

IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code...

2025-12-24
CVE-2025-14499
8.8
IceWarp Multiple Products

IceWarp gmaps Cross-Site Scripting Authentication Bypass Vulnerability

2025-12-24
CVE-2025-14498
7.8
TradingView Multiple Products

TradingView Desktop Electron Uncontrolled Search Path Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14497
7.8
RealDefense Multiple Products

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14496
7.8
RealDefense Multiple Products

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14495
7.8
RealDefense Multiple Products

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14494
7.8
RealDefense Multiple Products

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14493
7.8
RealDefense Multiple Products

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14492
7.8
RealDefense Multiple Products

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14491
7.8
RealDefense Multiple Products

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14490
7.8
RealDefense Multiple Products

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14489
7.8
RealDefense Multiple Products

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14488
7.8
RealDefense Multiple Products

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14478
Analyzed
7.5
WordPress Multiple Products

The Demo Importer Plus plugin for WordPress is vulnerable to XML External Entity Injection (XXE) in all versions up to, and including, 2

2026-01-18
CVE-2025-14476
Analyzed
8.8
HP Multiple Products

The Doubly – Cross Domain Copy Paste for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1

2025-12-14
CVE-2025-14475
Analyzed
8.1
WordPress Multiple Products

The Extensive VC Addons for WPBakery page builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1

2025-12-14
CVE-2025-14472
8.1
Drupal Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Acquia Content Hub allows Cross Site Request Forgery

2026-01-30
CVE-2025-14459
Analyzed
8.5
Kubernetes Multiple Products

A flaw was found in KubeVirt Containerized Data Importer (CDI)

2026-01-27
CVE-2025-14443
Analyzed
8.5
Red Hat Multiple Products

A flaw was found in ose-openshift-apiserver

2025-12-17
CVE-2025-14440
Analyzed
9.8
WordPress Multiple Products

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrec...

2025-12-14
CVE-2025-14437
Analyzed
7.5
WordPress Multiple Products

The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3

2025-12-20
CVE-2025-14436
Analyzed
7.2
WordPress Multiple Products

The Brevo for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user_connection_id’ parameter in all versions up...

2026-01-09
CVE-2025-14431
Analyzed
9.8
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in THEMELOGI Navian navian allow...

2026-01-09
CVE-2025-14430
Analyzed
9.8
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Brook - Agency Busi...

2026-01-09
CVE-2025-14429
Analyzed
9.8
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove AeroLand aeroland a...

2026-01-09
CVE-2025-14425
7.8
GIMP Multiple Products

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14424
7.8
GIMP Multiple Products

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14423
7.8
GIMP Multiple Products

GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14422
7.8
GIMP Multiple Products

GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14420
7.8
Unknown Multiple Products

pdfforge PDF Architect CBZ File Parsing Directory Traversal Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14419
7.8
Unknown Multiple Products

pdfforge PDF Architect PDF File Parsing Memory Corruption Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14417
7.8
Unknown Multiple Products

pdfforge PDF Architect Launch Insufficient UI Warning Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14414
7.8
Soda Multiple Products

Soda PDF Desktop Word File Insufficient UI Warning Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14413
7.8
Soda Multiple Products

Soda PDF Desktop CBZ File Parsing Directory Traversal Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14412
7.8
Soda Multiple Products

Soda PDF Desktop XLS File Insufficient UI Warning Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14409
7.8
Soda Multiple Products

Soda PDF Desktop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14406
7.8
Soda Multiple Products

Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-14403
7.8
PDFsam Multiple Products

PDFsam Enhanced Launch Insufficient UI Warning Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14401
7.8
PDFsam Multiple Products

PDFsam Enhanced App Out-Of-Bounds Read Remote Code Execution Vulnerability

2025-12-24
CVE-2025-14397
Analyzed
8.8
WordPress Multiple Products

The Postem Ipsum plugin for WordPress is vulnerable to unauthorized modification of data to Privilege Escalation due to a missing capability check on...

2025-12-14
CVE-2025-14390
Analyzed
8.8
WordPress Multiple Products

The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version <= 5

2025-12-11
CVE-2025-14388
Analyzed
9.8
HP Multiple Products

The PhastPress plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read via null byte injection in all versions up to, and including,...

2025-12-24
CVE-2025-14386
Analyzed
8.8
WordPress Multiple Products

The Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization plugin for WordPress is vulnerable to authenticatio...

2026-01-29
CVE-2025-14383
Analyzed
7.5
WordPress Multiple Products

The Booking Calendar plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'dates_to_check' parameter in all versions up to, an...

2025-12-16
CVE-2025-14364
Analyzed
8.8
WordPress Multiple Products

The Demo Importer Plus plugin for WordPress is vulnerable to unauthorized modification of data, loss of data, and privilege escalation due to a missin...

2025-12-19
CVE-2025-14360
Analyzed
9.8
Unknown Multiple Products

Missing Authorization vulnerability in Kaira Blockons blockons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bloc...

2026-01-09
CVE-2025-14359
Analyzed
9.8
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in brandexponents Oshine oshin a...

2026-01-09
CVE-2025-14358
Analyzed
9.8
Unknown Multiple Products

Missing Authorization vulnerability in sizam REHub Framework rehub-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issu...

2026-01-09