17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 14651-14700 of 17282 CVEs Page 294 of 346
CVE-2025-13927
7.5
GitLab Multiple Products

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11

2026-01-23
CVE-2025-13926
Analyzed
9.8
Unknown Multiple Products

An attacker could use data obtained by sniffing the network traffic to forge packets in order to make arbitrary requests to Contemporary Controls BA...

2026-04-10
CVE-2025-13917
7
Unknown Multiple Products

WSS Agent, prior to 9

2026-01-29
CVE-2025-13915
Analyzed
9.8
IBM Multiple Products

IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized acces...

2025-12-27
CVE-2025-13914
8.7
Microsoft Networks Apstra

A Key Exchange without Entity Authentication vulnerability in the SSH implementation of Juniper Networks Apstra allows a unauthenticated, MITM attac...

2026-04-10
CVE-2025-13888
Analyzed
9.1
HP Multiple Products

A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources (CRs) that trick the system into granting them elevated perm...

2025-12-16
CVE-2025-13886
Analyzed
7.5
WordPress Multiple Products

The LT Unleashed plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1

2025-12-13
CVE-2025-13878
7.5
Malformed Multiple Products

Malformed BRID/HHIT records can cause `named` to terminate unexpectedly

2026-01-22
CVE-2025-13855
7.6
IBM Storage Protect

IBM Storage Protect Server 8

2026-04-01
CVE-2025-13851
Analyzed
9.8
WordPress site

The Buyent Classified plugin for WordPress allows unauthenticated attackers to register as administrators due to a lack of role validation during REST...

2026-02-20
CVE-2025-1384
7
Least Multiple Products

Least Privilege Violation (CWE-272) Vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and the...

2025-07-14
CVE-2025-13814
7.3
Unknown Multiple Products

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5

2025-12-02
CVE-2025-13808
7.3
Unknown Multiple Products

A flaw has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1

2025-12-02
CVE-2025-13806
7.3
Unknown Multiple Products

A security vulnerability has been detected in nutzam NutzBoot up to 2

2025-12-02
CVE-2025-13803
7.3
Unknown Multiple Products

A vulnerability was identified in MediaCrush 1

2025-12-02
CVE-2025-13801
Analyzed
7.5
WordPress Multiple Products

The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3

2026-01-08
CVE-2025-13792
Analyzed
7.3
Unknown Multiple Products

A security flaw has been discovered in Qualitor 8

2025-12-01
CVE-2025-13788
Analyzed
7.3
Unknown Multiple Products

A vulnerability has been found in Chanjet CRM up to 20251106

2025-12-01
CVE-2025-13786
Analyzed
7.3
HP Multiple Products

A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665

2025-12-01
CVE-2025-13782
Analyzed
7.3
Unknown Multiple Products

A vulnerability was identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665

2025-12-01
CVE-2025-13780
Analyzed
9.1
Unknown Multiple Products

pgAdmin versions up to 9.10 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restore...

2025-12-12
CVE-2025-13779
8.3
ABB AWIN AWIN GW100

Missing authentication for critical function vulnerability in ABB AWIN GW100 rev

2026-03-14
CVE-2025-13777
8.3
ABB AWIN AWIN GW100

Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev

2026-03-14
CVE-2025-13774
8.8
Unknown Multiple Products

A vulnerability exists in Progress Flowmon ADS versions prior to 12

2026-01-14
CVE-2025-13773
Analyzed
9.8
HP Multiple Products

The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5...

2025-12-24
CVE-2025-13772
7.1
GitLab Multiple Products

GitLab has remediated an issue in GitLab EE affecting all versions from 18

2026-01-10
CVE-2025-13768
Analyzed
7.5
WebITR Multiple Products

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by m...

2025-11-29
CVE-2025-13764
Analyzed
9.8
WordPress Multiple Products

The WP CarDealer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.16. This is due to the 'WP_CarDe...

2025-12-12
CVE-2025-13761
8
GitLab Multiple Products

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18

2026-01-10
CVE-2025-13735
7.4
Linux Multiple Products

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR Lapwing_Linux on Linux (nr_fw modules)

2025-11-27
CVE-2025-13724
Analyzed
7.5
WordPress Multiple Products

The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all vers...

2025-12-03
CVE-2025-13721
Analyzed
7.5
Google Multiple Products

Race in v8 in Google Chrome prior to 143

2025-12-03
CVE-2025-13720
Analyzed
8.8
Google Multiple Products

Bad cast in Loader in Google Chrome prior to 143

2025-12-03
CVE-2025-13716
7.8
Tencent Multiple Products

Tencent MimicMotion create_pipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13715
7.8
Tencent Multiple Products

Tencent FaceDetection-DSFD resnet Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13714
7.8
Tencent Multiple Products

Tencent MedicalNet generate_model Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13713
7.8
Tencent Multiple Products

Tencent Hunyuan3D-1 load_pretrained Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13712
7.8
Tencent Multiple Products

Tencent HunyuanDiT merge Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13711
7.8
Tencent Multiple Products

Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13710
7.8
Tencent Multiple Products

Tencent HunyuanVideo load_vae Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13709
Analyzed
7.8
Tencent Multiple Products

Tencent TFace restore_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13708
Analyzed
7.8
Intel Multiple Products

Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13707
7.8
Tencent Multiple Products

Tencent HunyuanDiT model_resume Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13706
Analyzed
7.8
Tencent Multiple Products

Tencent PatrickStar merge_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability

2025-12-24
CVE-2025-13703
7.8
VIPRE Multiple Products

VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability

2025-12-24
CVE-2025-13692
Analyzed
7.2
WordPress Multiple Products

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and...

2025-11-28
CVE-2025-13691
Analyzed
8.1
IBM DataStage on

IBM DataStage on Cloud Pak for Data 5

2026-02-18
CVE-2025-13689
Analyzed
8.8
IBM DataStage on

IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to un...

2026-02-18
CVE-2025-13680
Analyzed
8.8
WordPress Multiple Products

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101

2025-11-28
CVE-2025-13675
Analyzed
9.8
HP Multiple Products

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. This is due to the 'paypal-submit.p...

2025-11-28