17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 15651-15700 of 17282 CVEs Page 314 of 346
CVE-2025-10374
Analyzed
7.3
Unknown Multiple Products

A security flaw has been discovered in Shenzhen Sixun Business Management System 7/11

2025-09-14
CVE-2025-10371
Analyzed
7.3
Salia Multiple Products

A security flaw has been discovered in eCharge Hardy Barth Salia PLCC 2

2025-09-14
CVE-2025-10359
Analyzed
7.3
Unknown Multiple Products

A vulnerability was detected in Wavlink WL-WN578W2 221110

2025-09-14
CVE-2025-10358
Analyzed
7.3
Unknown Multiple Products

A security vulnerability has been detected in Wavlink WL-WN578W2 221110

2025-09-14
CVE-2025-10324
7.3
Unknown Multiple Products

A vulnerability was determined in Wavlink WL-WN578W2 221110

2025-09-12
CVE-2025-10323
7.3
Unknown Multiple Products

A vulnerability was found in Wavlink WL-WN578W2 221110

2025-09-12
CVE-2025-10314
Analyzed
8.8
Microsoft FREQSHIP-mini

Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8

2026-02-05
CVE-2025-10313
Analyzed
7.2
WordPress Multiple Products

The Find And Replace content for WordPress plugin for WordPress is vulnerable to unauthorized Stored Cross-Site Scripting and Arbitrary Content Replac...

2025-10-16
CVE-2025-1031
7.5
Utarit Informatics Multiple Products

Authorization Bypass Through User-Controlled Key vulnerability in Utarit Informatics Services Inc

2025-12-20
CVE-2025-1030
7.5
Utarit Informatics Multiple Products

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc

2025-12-20
CVE-2025-10299
Analyzed
8.8
WordPress Multiple Products

The WPBifröst – Instant Passwordless Temporary Login Links plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability chec...

2025-10-15
CVE-2025-10294
Analyzed
9.8
WordPress Multiple Products

The OwnID Passwordless Login plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.3.4. This is due to t...

2025-10-15
CVE-2025-10293
Analyzed
8.8
WordPress Multiple Products

The Keyy Two Factor Authentication (like Clef) plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to,...

2025-10-15
CVE-2025-1029
7.5
Unknown Multiple Products

Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc

2025-12-20
CVE-2025-10284
Analyzed
9.6
Unknown Multiple Products

BBOT's unarchive module could be abused by supplying malicious archives files and when extracted can then perform an arbitrary file write, resulting i...

2025-10-09
CVE-2025-10283
Analyzed
9.6
Unknown Multiple Products

BBOT's gitdumper module could be abused to execute commands through a malicious git repository.

2025-10-09
CVE-2025-10280
7.1
IdentityIQ Multiple Products

IdentityIQ 8

2025-11-04
CVE-2025-10279
Analyzed
7
Unknown Multiple Products

In mlflow version 2

2026-02-02
CVE-2025-10269
Analyzed
7.5
WordPress Multiple Products

The Spirit Framework plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1

2025-09-12
CVE-2025-10266
Analyzed
9.8
Intel Multiple Products

NUP Pro developed by NewType Infortech has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands t...

2025-09-12
CVE-2025-10265
Analyzed
9.8
Unknown Multiple Products

Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary O...

2025-09-12
CVE-2025-10264
Analyzed
10
Unknown Multiple Products

Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to acce...

2025-09-12
CVE-2025-10244
8.7
Unknown Multiple Products

A maliciously crafted HTML payload, when rendered by the Autodesk Fusion desktop application, can trigger a Stored Cross-site Scripting (XSS) vulnerab...

2025-09-23
CVE-2025-10240
8.8
Unknown Multiple Products

A vulnerability exists in the Progress Flowmon web application prior to version 12

2025-10-09
CVE-2025-10239
7.2
Unknown Multiple Products

In Flowmon versions prior to 12

2025-10-09
CVE-2025-10230
Analyzed
10
Unknown Multiple Products

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validatio...

2025-11-08
CVE-2025-10228
Analyzed
8.8
Unknown Multiple Products

Session Fixation vulnerability in Rolantis Information Technologies Agentis allows Session Hijacking

2025-10-14
CVE-2025-10226
Analyzed
9.8
Microsoft Multiple Products

Dependency on Vulnerable Third-Party Component (CWE-1395) in the PostgreSQL backend in AxxonSoft Axxon One 2.0.8 and earlier on Windows and Linux allo...

2025-09-10
CVE-2025-10220
Analyzed
9.8
Microsoft Multiple Products

Use of Unmaintained Third Party Components (CWE-1104) in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows all...

2025-09-10
CVE-2025-10207
7.2
Unknown Multiple Products

Improper Validation of Specified Type of Input vulnerability in ABB FLXEON

2025-09-18
CVE-2025-10205
8.8
Unknown Multiple Products

Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON

2025-09-17
CVE-2025-10203
Analyzed
7.8
Intel Multiple Products

Relative path traversal vulnerability due to improper input validation in Digilent WaveForms that may result in arbitrary code execution

2025-09-15
CVE-2025-10201
Analyzed
8.8
Google Multiple Products

Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140

2025-09-10
CVE-2025-10200
Analyzed
8.8
Google Multiple Products

Use after free in Serviceworker in Google Chrome on Desktop prior to 140

2025-09-10
CVE-2025-10199
7.8
Microsoft Multiple Products

A local privilege escalation vulnerability exists in Sunshine for Windows (version v2025

2025-09-10
CVE-2025-10198
7.8
Microsoft Multiple Products

Sunshine for Windows, version v2025

2025-09-10
CVE-2025-10183
Analyzed
9.1
Unknown Multiple Products

A blind XML External Entity (XXE) injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate...

2025-09-09
CVE-2025-10176
Analyzed
7.2
WordPress Multiple Products

The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in th...

2025-09-12
CVE-2025-10174
8.3
Pan Software Multiple Products

Cleartext Transmission of Sensitive Information vulnerability in Pan Software & Information Technologies Ltd

2026-02-12
CVE-2025-10172
8.8
Unknown Multiple Products

A flaw has been found in UTT 750W up to 3

2025-09-09
CVE-2025-10171
8.8
Unknown Multiple Products

A vulnerability was detected in UTT 1250GW up to 3

2025-09-09
CVE-2025-10170
8.8
Unknown Multiple Products

A security vulnerability has been detected in UTT 1200GW up to 3

2025-09-09
CVE-2025-10169
8.8
Unknown Multiple Products

A weakness has been identified in UTT 1200GW up to 3

2025-09-09
CVE-2025-10162
Analyzed
7.5
WordPress Multiple Products

The Admin and Customer Messages After Order for WooCommerce: OrderConvo WordPress plugin before 14 does not validate the path of files to be downloade...

2025-10-07
CVE-2025-10159
Analyzed
9.8
Unknown Multiple Products

An authentication bypass vulnerability allows remote attackers to gain administrative privileges on Sophos AP6 Series Wireless Access Points older tha...

2025-09-09
CVE-2025-10147
Analyzed
9.8
WordPress Multiple Products

The Podlove Podcast Publisher plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'move_as_origina...

2025-09-23
CVE-2025-10145
Analyzed
7.7
WordPress Multiple Products

The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including,...

2025-10-28
CVE-2025-10143
Analyzed
7.5
WordPress Multiple Products

The Catch Dark Mode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2

2025-09-17
CVE-2025-10134
Analyzed
9.1
WordPress Multiple Products

The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in...

2025-09-09
CVE-2025-10127
7.3
Unknown Multiple Products

Daikin Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass...

2025-09-12