17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 14951-15000 of 17282 CVEs Page 300 of 346
CVE-2025-12775
8.8
WordPress Multiple Products

The WP Dropzone plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 1

2025-11-19
CVE-2025-12771
Analyzed
7.8
IBM Multiple Products

IBM Concert 1

2025-12-27
CVE-2025-12765
7.5
Unknown Multiple Products

pgAdmin <= 9

2025-11-14
CVE-2025-12764
7.5
Unknown Multiple Products

pgAdmin <= 9

2025-11-14
CVE-2025-12762
Analyzed
9.1
Unknown Multiple Products

pgAdmin versions up to 9.9 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores...

2025-11-14
CVE-2025-12758
Analyzed
7.5
Unknown Multiple Products

Versions of the package validator before 13

2025-11-28
CVE-2025-12744
Analyzed
8.8
Unknown Multiple Products

A flaw was found in the ABRT daemon’s handling of user-supplied mount information

2025-12-03
CVE-2025-12733
Analyzed
8.8
WordPress Multiple Products

The Import any XML, CSV or Excel File to WordPress (WP All Import) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to,...

2025-11-14
CVE-2025-12726
Analyzed
7.5
Microsoft Multiple Products

Inappropriate implementation in Views in Google Chrome on Windows prior to 142

2025-11-11
CVE-2025-1272
7.7
Linux Kernel lockdown

The Linux Kernel lockdown mode for kernel versions starting on 6

2026-02-19
CVE-2025-12716
8.7
GitLab Multiple Products

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18

2025-12-12
CVE-2025-12707
7.5
WordPress is vulnerable

The Library Management System plugin for WordPress is vulnerable to SQL Injection via the 'bid' parameter in all versions up to, and including, 3

2026-02-20
CVE-2025-12686
Analyzed
9.8
Synology BeeStation OS

A classic buffer overflow in Synology BeeStation OS AdminCenter allows remote attackers to execute arbitrary code via unspecified vectors.

2026-05-28
CVE-2025-12684
Analyzed
7.1
WordPress Multiple Products

The URL Shortify WordPress plugin before 1

2025-12-16
CVE-2025-12682
Analyzed
9.8
WordPress Multiple Products

The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript file uploads due to missing file type validation in t...

2025-11-04
CVE-2025-12664
7.5
GitLab has remediated

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13

2026-04-10
CVE-2025-12646
Analyzed
7.5
WordPress Multiple Products

The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'dayofyear' parameter in all versions up to, and including, 1

2025-11-20
CVE-2025-12638
Analyzed
8
Intel Multiple Products

Keras version 3

2025-11-29
CVE-2025-12637
Analyzed
8.8
WordPress Multiple Products

The Elastic Theme Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a dynamic code generation feature in the process_theme fu...

2025-11-13
CVE-2025-12633
7.5
WordPress Multiple Products

The Booking Calendar | Appointment Booking | Bookit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capabilit...

2025-11-14
CVE-2025-12629
Analyzed
7.1
WordPress Multiple Products

The Broken Link Manager WordPress plugin through 0

2025-11-25
CVE-2025-12622
Analyzed
8.8
Tenda Multiple Products

A vulnerability was determined in Tenda AC10 16

2025-11-04
CVE-2025-12619
Analyzed
8.8
Tenda Multiple Products

A vulnerability was found in Tenda A15 15

2025-11-04
CVE-2025-12618
Analyzed
8.8
Tenda Multiple Products

A vulnerability has been found in Tenda AC8 16

2025-11-04
CVE-2025-12617
Analyzed
7.3
Billing Multiple Products

A flaw has been found in itsourcecode Billing System 1

2025-11-04
CVE-2025-12613
8.6
Unknown Multiple Products

Versions of the package cloudinary before 2

2025-11-11
CVE-2025-12611
Analyzed
8.8
Tenda Multiple Products

A vulnerability was identified in Tenda AC21 16

2025-11-04
CVE-2025-12608
Analyzed
7.3
Unknown Multiple Products

A security flaw has been discovered in itsourcecode Online Loan Management System 1

2025-11-04
CVE-2025-12607
Analyzed
7.3
Unknown Multiple Products

A vulnerability was identified in itsourcecode Online Loan Management System 1

2025-11-04
CVE-2025-12606
Analyzed
7.3
Unknown Multiple Products

A vulnerability was determined in itsourcecode Online Loan Management System 1

2025-11-03
CVE-2025-12605
Analyzed
7.3
Unknown Multiple Products

A vulnerability was found in itsourcecode Online Loan Management System 1

2025-11-03
CVE-2025-12604
Analyzed
7.3
Unknown Multiple Products

A vulnerability has been found in itsourcecode Online Loan Management System 1

2025-11-03
CVE-2025-12596
Analyzed
8.8
Tenda Multiple Products

A security vulnerability has been detected in Tenda AC23 16

2025-11-03
CVE-2025-12595
Analyzed
8.8
Tenda Multiple Products

A weakness has been identified in Tenda AC23 16

2025-11-03
CVE-2025-12571
Analyzed
7.5
GitLab Multiple Products

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17

2025-11-27
CVE-2025-12562
7.5
GitLab Multiple Products

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11

2025-12-12
CVE-2025-12556
8.8
Unknown Multiple Products

An argument injection vulnerability exists in the affected product that could allow an attacker to execute arbitrary code within the context of the ho...

2025-11-06
CVE-2025-12550
Analyzed
9.8
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes OchaHouse ochahouse...

2026-01-09
CVE-2025-12549
Analyzed
9.8
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech Rozy - Flower Shop...

2026-01-09
CVE-2025-12548
Analyzed
9
Intel Multiple Products

A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration...

2026-01-14
CVE-2025-12543
Analyzed
9.6
Apache Multiple Products

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to pro...

2026-01-08
CVE-2025-12531
7.1
IBM Multiple Products

IBM InfoSphere Information Server 11

2025-11-04
CVE-2025-12529
Analyzed
8.8
WordPress Multiple Products

The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrders...

2025-12-03
CVE-2025-12528
8.1
WordPress Multiple Products

The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1

2025-11-19
CVE-2025-12514
Analyzed
7.2
Centreon Infra Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon Infra Monitoring - Open-tickets (Notifi...

2025-12-23
CVE-2025-12510
Analyzed
7.2
Google Multiple Products

The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 13

2025-12-07
CVE-2025-12509
8.4
Unknown Multiple Products

On a client with an admin user, a Global_Shipping script can be implemented

2025-10-31
CVE-2025-12508
8.4
Unknown Multiple Products

When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted

2025-10-31
CVE-2025-12507
8.8
Communication Multiple Products

The service Bizerba Communication Server (BCS) has an unquoted service path

2025-10-31
CVE-2025-12504
Analyzed
9.8
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TalentSoft Software UNIS allows SQL Injection.Th...

2025-12-10