17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 15951-16000 of 17282 CVEs Page 320 of 346
CVE-2024-25183
7.5
Unknown Multiple Products

givanz VvvebJs 1

2025-12-31
CVE-2024-24909
Analyzed
8.8
Microsoft OpenManage Integration with Microsoft Windows Admin Center

Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin

2026-06-17
CVE-2024-24844
7.5
IdeaBox Creations Multiple Products

Missing Authorization vulnerability in IdeaBox Creations PowerPack Pro for Elementor allows Exploiting Incorrectly Configured Access Control Security...

2025-12-24
CVE-2024-2374
7.5
Unknown Multiple Products

The XML parsers within multiple WSO2 products accept user-supplied XML data without properly configuring to prevent the resolution of external entitie...

2026-04-17
CVE-2024-2356
Analyzed
9.6
Unknown Multiple Products

A Local File Inclusion (LFI) vulnerability exists in the '/reinstall_extension' endpoint of the parisneo/lollms-webui application, specifically within...

2026-02-02
CVE-2024-21947
7.5
Unknown Multiple Products

Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in...

2025-09-07
CVE-2024-21923
Analyzed
7.3
AMD Multiple Products

Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code executio...

2025-11-23
CVE-2024-21922
Analyzed
7.3
AMD Multiple Products

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code executi...

2025-11-23
CVE-2024-21182
KEV Analyzed
9.5
Oracle WebLogic Server

Oracle WebLogic Server contains an unspecified vulnerability that is currently being exploited in the wild.

2026-06-02
CVE-2024-2104
8.8
GATT Multiple Products

Due to improper BLE security configurations on the device's GATT server, an adjacent unauthenticated attacker can read and write device control comman...

2025-12-11
CVE-2024-1708
KEV
9.5
ConnectWise ScreenConnect

ConnectWise ScreenConnect Path Traversal Vulnerability - Active in CISA KEV catalog.

2026-04-29
CVE-2024-1524
7.7
Infor Multiple Products

When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider (IDP) there is a risk that a local user store user's...

2026-02-24
CVE-2024-14037
Analyzed
9.8
Unknown Red Sea Cloud eHR

Guangzhou Red Sea Cloud eHR contains an arbitrary file upload vulnerability in the PtFjk.mob servlet, allowing unauthenticated attackers to achieve re...

2026-07-03
CVE-2024-14034
Analyzed
9.8
Unknown HiEOS

An authentication bypass in the Hirschmann HiEOS HTTP(S) management module allows unauthenticated attackers to gain administrative access and modify d...

2026-04-03
CVE-2024-14033
Analyzed
7.5
HiLCOS web Multiple Products

Hirschmann Industrial IT products (BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual) contain a heap overflow vulnerability in t...

2026-04-03
CVE-2024-14032
7.8
Studio Multiple Products

Twitch Studio version 0

2026-04-07
CVE-2024-14031
8.1
Unknown Multiple Products

Sereal::Encoder versions from 4

2026-04-01
CVE-2024-14030
8.1
Unknown Multiple Products

Sereal::Decoder versions from 4

2026-04-01
CVE-2024-14015
Analyzed
7.1
WordPress Multiple Products

The WordPress eCommerce Plugin WordPress plugin through 2

2025-11-25
CVE-2024-14010
Analyzed
9.8
HP Multiple Products

Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Atta...

2025-12-13
CVE-2024-13974
8.1
Unknown Multiple Products

A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21

2025-07-22
CVE-2024-13972
Analyzed
8.8
Microsoft Multiple Products

A vulnerability related to registry permissions in the Intercept X for Windows updater prior to version 2024

2025-07-17
CVE-2024-13807
Analyzed
7.5
WordPress Multiple Products

The Xagio SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7

2025-08-28
CVE-2024-13786
Analyzed
9.8
HP Multiple Products

The education theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.10 via deserialization of untrusted...

2025-07-05
CVE-2024-13507
Analyzed
7.5
WordPress Multiple Products

The GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin for WordPress is vulnerable to time-based SQL Injection via t...

2025-07-28
CVE-2024-13342
Analyzed
8.1
WordPress Multiple Products

The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'add_files_to_orde...

2025-08-29
CVE-2024-13174
Analyzed
8.6
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E1 Informatics Web Application allows SQL Inject...

2025-09-16
CVE-2024-13151
Analyzed
10
Unknown Multiple Products

Authorization Bypass Through User-Controlled SQL Primary Key, CWE - 89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Inje...

2025-09-18
CVE-2024-13150
Analyzed
9.8
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Fayton Software and Consulting Services fayton.P...

2025-09-29
CVE-2024-13149
Analyzed
9.8
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized...

2025-09-16
CVE-2024-13068
Analyzed
7.3
Akinsoft LimonDesk Multiple Products

Origin Validation Error vulnerability in Akinsoft LimonDesk allows Forceful Browsing

2025-09-03
CVE-2024-12925
7.3
Unknown Multiple Products

Improper Validation of Certificate with Host Mismatch vulnerability in Akınsoft QR Menü allows HTTP Response Splitting

2025-09-02
CVE-2024-12918
Analyzed
8.8
Agito Computer Health4All

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Health4All allows SQL Injection

2026-06-02
CVE-2024-12916
Analyzed
8.8
Agito Computer Life4All

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Life4All allows SQL Injection

2026-06-02
CVE-2024-12913
Analyzed
8.8
Megatek Communication Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Megatek Communication System Azora Wireless Netw...

2025-09-16
CVE-2024-12651
Analyzed
8.5
PTT Inc. HGS Mobile App

Exposed Dangerous Method or Function vulnerability in PTT Inc

2026-06-02
CVE-2024-12612
Analyzed
7.5
WordPress Multiple Products

The School Management System for Wordpress plugin for WordPress is vulnerable to SQL Injection via several parameters across multiple AJAX action in a...

2025-08-17
CVE-2024-12367
Analyzed
8.6
Vegagrup Software Multiple Products

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vegagrup Software Vega Master allows Directory Indexing

2025-09-16
CVE-2024-11976
Analyzed
7.3
WordPress Multiple Products

The The BuddyPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 14

2026-01-24
CVE-2024-11142
Analyzed
8.8
Gosoft Software Proticaret E-Commerce

Cross-Site Request Forgery (CSRF) vulnerability in Gosoft Software Proticaret E-Commerce allows Cross Site Request Forgery

2026-06-02
CVE-2024-0769
KEV Analyzed
9.5
D-Link DIR-859 Router

D-Link DIR-859 Router Path Traversal Vulnerability - Active in CISA KEV catalog.

2025-07-10
CVE-2023-7343
Analyzed
7.8
Unknown Multiple Products

HiSecOS web server versions 05

2026-04-03
CVE-2023-7342
Analyzed
8.8
Unknown Multiple Products

HiSecOS web server versions 03

2026-04-03
CVE-2023-7337
7.5
WordPress is vulnerable

The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus...

2026-03-05
CVE-2023-54359
8.2
WordPress adivaha Travel

WordPress adivaha Travel Plugin 2

2026-04-10
CVE-2023-54353
Analyzed
7.8
Personify ChromaCam

Chromacam 4

2026-06-21
CVE-2023-54352
Analyzed
9.8
HP Seotheme

WordPress Seotheme contains a critical remote code execution vulnerability allowing unauthenticated attackers to upload and execute arbitrary PHP file...

2026-06-08
CVE-2023-54351
Analyzed
7.2
WordPress Sonaar Music Plugin

WordPress Sonaar Music Plugin 4

2026-06-08
CVE-2023-54350
Analyzed
7.5
HP Augmented-Reality plugin

WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to u...

2026-06-08
CVE-2023-54348
Analyzed
8.8
ERPGo Multiple Products

ERPGo SaaS 3

2026-05-06