17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 14851-14900 of 17282 CVEs Page 298 of 346
CVE-2025-13188
Analyzed
9.8
D-Link Multiple Products

A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /auth...

2025-11-15
CVE-2025-13184
Analyzed
9.8
Unknown Multiple Products

Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root login with a blank password on factory/reset X5000R V9...

2025-12-11
CVE-2025-13170
7.3
Unknown Multiple Products

A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1

2025-11-15
CVE-2025-13169
7.3
Unknown Multiple Products

A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1

2025-11-15
CVE-2025-13165
Analyzed
7.5
EasyFlow Multiple Products

EasyFlow GP developed by Digiwin has a Denial of service vulnerability, allowing unauthenticated remote attackers to send specific requests that resul...

2025-11-18
CVE-2025-13161
Analyzed
7.5
Unknown Multiple Products

IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relati...

2025-11-15
CVE-2025-13159
Analyzed
7.1
WordPress Multiple Products

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions u...

2025-11-22
CVE-2025-13156
Analyzed
8.8
WordPress Multiple Products

The Vitepos – Point of Sale (POS) for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in...

2025-11-22
CVE-2025-13155
7.8
Baiying Multiple Products

An improper permissions vulnerability was reported in Lenovo Baiying Client that could allow a local authenticated user to execute code with elevated...

2025-12-11
CVE-2025-13152
7.8
One Multiple Products

A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticate...

2025-12-11
CVE-2025-13151
7.5
Unknown Multiple Products

Stack-based buffer overflow in libtasn1 version: v4

2026-01-08
CVE-2025-13148
8.1
IBM Multiple Products

IBM Aspera Orchestrator 4

2025-12-12
CVE-2025-13145
Analyzed
7.2
HP Multiple Products

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and includin...

2025-11-20
CVE-2025-13138
Analyzed
7.5
WordPress Multiple Products

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'columns_search' parameter of the select_2_ajax() function in all ver...

2025-11-22
CVE-2025-13132
7.4
Unknown Multiple Products

This vulnerability allowed a site to enter fullscreen, after a user click, without a full-screen notification (toast) appearing

2025-11-22
CVE-2025-13131
7.8
Unknown Multiple Products

A vulnerability was found in Sonarr 4

2025-11-14
CVE-2025-13130
7.8
Unknown Multiple Products

A vulnerability has been found in Radarr 5

2025-11-14
CVE-2025-13126
Analyzed
7.5
WordPress Multiple Products

The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the `post_args` and `topic_args` parameters in all versions up to, an...

2025-12-14
CVE-2025-13124
7.6
Unknown Multiple Products

Authorization Bypass Through User-Controlled Key vulnerability in Netiket Information Technologies Ltd

2025-12-12
CVE-2025-13122
7.3
Unknown Multiple Products

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1

2025-11-14
CVE-2025-13121
7.3
Unknown Multiple Products

A security vulnerability has been detected in cameasy Liketea 1

2025-11-14
CVE-2025-13096
Analyzed
7.1
IBM Multiple Products

IBM Business Automation Workflow containers V25

2026-02-03
CVE-2025-13094
Analyzed
8.8
WordPress Multiple Products

The WP3D Model Import Viewer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_import_fil...

2025-12-14
CVE-2025-13089
Analyzed
7.5
WordPress Multiple Products

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'hide_fields' and the 'attr_search' parameter in all versions up to,...

2025-12-14
CVE-2025-13088
Analyzed
8.8
WordPress Multiple Products

The Category and Product Woocommerce Tabs plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1

2025-11-19
CVE-2025-13084
Analyzed
7.6
Unknown Multiple Products

The users endpoint in the groov View API returns a list of all users and associated metadata including their API keys

2025-11-27
CVE-2025-13077
Analyzed
7.5
WordPress Multiple Products

The افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'col...

2025-12-14
CVE-2025-13073
7.1
WordPress Multiple Products

The HandL UTM Grabber / Tracker WordPress plugin before 2

2025-12-12
CVE-2025-13072
7.1
WordPress Multiple Products

The HandL UTM Grabber / Tracker WordPress plugin before 2

2025-12-12
CVE-2025-13069
8.8
WordPress Multiple Products

The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 1

2025-11-19
CVE-2025-13068
Analyzed
7.2
WordPress Multiple Products

The Telegram Bot & Channel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Telegram username in all versions up to, and incl...

2025-11-26
CVE-2025-13067
8.8
WordPress is vulnerable

The Royal Addons for Elementor plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 1

2026-03-11
CVE-2025-13066
Analyzed
8.8
WordPress Multiple Products

The Demo Importer Plus plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 2

2025-12-06
CVE-2025-13065
Analyzed
8.8
WordPress Multiple Products

The Starter Templates plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 4

2025-12-07
CVE-2025-13063
7.3
Dee Multiple Products

A flaw has been found in DinukaNavaratna Dee Store 1

2025-11-14
CVE-2025-13062
Analyzed
8.8
WordPress Multiple Products

The Supreme Modules Lite plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 2

2026-01-16
CVE-2025-13060
7.3
Unknown Multiple Products

A security vulnerability has been detected in SourceCodester Survey Application System 1

2025-11-14
CVE-2025-13047
7.5
Bacteriology Multiple Products

Bacteriology Laboratory Reporting System developed by ViewLead Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers...

2025-11-14
CVE-2025-13046
7.5
Bacteriology Multiple Products

Bacteriology Laboratory Reporting System developed by ViewLead Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers...

2025-11-14
CVE-2025-13042
8.8
Google Multiple Products

Inappropriate implementation in V8 in Google Chrome prior to 142

2025-11-13
CVE-2025-13035
Analyzed
8
HP Multiple Products

The Code Snippets plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3

2025-11-20
CVE-2025-13033
7.5
Unknown Multiple Products

A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses

2025-11-15
CVE-2025-13030
7.1
All Multiple Products

All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint

2026-05-01
CVE-2025-13027
8.1
Unknown Multiple Products

Memory safety bugs present in Firefox 144 and Thunderbird 144

2025-11-13
CVE-2025-13020
8.8
Unknown Multiple Products

Use-after-free in the WebRTC: Audio/Video component

2025-11-13
CVE-2025-13019
8.1
Unknown Multiple Products

Same-origin policy bypass in the DOM: Workers component

2025-11-13
CVE-2025-13018
8.1
Mitigation Multiple Products

Mitigation bypass in the DOM: Security component

2025-11-13
CVE-2025-13017
8.1
Unknown Multiple Products

Same-origin policy bypass in the DOM: Notifications component

2025-11-13
CVE-2025-13014
8.8
Unknown Multiple Products

Use-after-free in the Audio/Video component

2025-11-13
CVE-2025-13003
7.6
Aksis Computer Multiple Products

Authorization Bypass Through User-Controlled Key vulnerability in Aksis Computer Services and Consulting Inc

2025-12-12