17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 151-200 of 17426 CVEs Page 4 of 349
CVE-2026-9003
Analyzed
7.5
Unknown Multiple Products

E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL...

2026-05-20
CVE-2026-8975
Analyzed
9.8
Unknown Multiple Products

Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with...

2026-05-20
CVE-2026-8974
Analyzed
9.8
Unknown Multiple Products

Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with...

2026-05-20
CVE-2026-8973
Analyzed
9.8
Unknown Multiple Products

Memory safety bugs present in Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of...

2026-05-20
CVE-2026-8972
Analyzed
8.8
Privilege Multiple Products

Privilege escalation in the WebRTC: Audio/Video component

2026-05-21
CVE-2026-8970
Analyzed
7.3
Privilege Multiple Products

Privilege escalation in the Security component

2026-05-20
CVE-2026-8969
Analyzed
8.1
Mitigation Multiple Products

Mitigation bypass in the DOM: Security component

2026-05-20
CVE-2026-8968
Analyzed
7.5
Unknown Multiple Products

Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

2026-05-20
CVE-2026-8967
Analyzed
7.5
Infor Multiple Products

Information disclosure in the Graphics: WebGPU component

2026-05-21
CVE-2026-8966
Analyzed
7.5
Infor Multiple Products

Information disclosure in the IP Protection component

2026-05-21
CVE-2026-8965
Analyzed
7.5
Infor Multiple Products

Information disclosure in the DOM: Security component

2026-05-21
CVE-2026-8964
Analyzed
7.5
Unknown Multiple Products

Spoofing issue in the Popup Blocker component

2026-05-20
CVE-2026-8963
Analyzed
7.5
Unknown Multiple Products

Spoofing issue in the Web Speech component

2026-05-20
CVE-2026-8962
Analyzed
8.1
Mitigation Multiple Products

Mitigation bypass in the DOM: Security component

2026-05-21
CVE-2026-8960
Analyzed
7.5
Unknown Multiple Products

Spoofing issue in WebExtensions

2026-05-20
CVE-2026-8959
Analyzed
9.6
Sandbox Multiple Products

Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, T...

2026-05-20
CVE-2026-8958
Analyzed
8.6
Infor Multiple Products

Information disclosure, sandbox escape in the Security: Process Sandboxing component

2026-05-20
CVE-2026-8957
Analyzed
8.8
Privilege Multiple Products

Privilege escalation in the Enterprise Policies component

2026-05-21
CVE-2026-8956
Analyzed
9.8
Integer Multiple Products

Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 1...

2026-05-20
CVE-2026-8955
Analyzed
8.8
Privilege Multiple Products

Privilege escalation in the DOM: Workers component

2026-05-21
CVE-2026-8954
Analyzed
7.5
Unknown Multiple Products

Incorrect boundary conditions, integer overflow in the Audio/Video component

2026-05-20
CVE-2026-8953
Analyzed
9.6
Mozilla Firefox / Thunderbird

A use-after-free vulnerability in the Disability Access APIs of Mozilla products can lead to a sandbox escape and potential arbitrary code execution.

2026-05-20
CVE-2026-8952
Analyzed
8.8
Privilege Multiple Products

Privilege escalation in the Application Update component

2026-05-21
CVE-2026-8950
Analyzed
9.3
Mozilla Firefox and Thunderbird

A same-origin policy bypass exists in the networking component of Mozilla Firefox and Thunderbird, potentially allowing unauthorized cross-origin data...

2026-05-20
CVE-2026-8949
Analyzed
7.5
Integer Multiple Products

Integer overflow in the Widget: Win32 component

2026-05-20
CVE-2026-8948
Analyzed
9.1
Mozilla Firefox and Thunderbird

A same-origin policy bypass in the DOM networking component of Mozilla Firefox and Thunderbird allows for unauthorized cross-origin interactions.

2026-05-20
CVE-2026-8947
Analyzed
7.3
Unknown Multiple Products

Use-after-free in the DOM: Bindings (WebIDL) component

2026-05-20
CVE-2026-8946
Analyzed
7.5
Unknown Multiple Products

Incorrect boundary conditions in the Audio/Video: Web Codecs component

2026-05-20
CVE-2026-8945
Analyzed
7.5
Google Multiple Products

Sandbox escape in Firefox and Firefox Focus for Android

2026-05-20
CVE-2026-8935
Analyzed
9.8
WordPress WP MAPS PRO Plugin

The WP MAPS PRO WordPress plugin allows unauthenticated attackers to create administrator accounts via an improperly secured AJAX action.

2026-06-16
CVE-2026-8924
Analyzed
9.1
Unknown curl

A flaw in curl's cookie parsing logic enables an attacker-controlled origin to inject "super cookies" by bypassing Public Suffix List checks, leading...

2026-07-05
CVE-2026-8921
Analyzed
8.5
Asus ASUS Business Manager

External Control of File Name or Path vulnerability in ASUS Business Manager allows a local user to execute arbitrary code with SYSTEM privileges via...

2026-07-03
CVE-2026-8918
Analyzed
7.1
Asus Armoury Crate

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a sy...

2026-06-22
CVE-2026-8915
Analyzed
8.8
Samsung Multiple Products

Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers

2026-05-28
CVE-2026-8912
Analyzed
7.5
WordPress is vulnerable

The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input' parameter in versions up to, and including, 28

2026-05-20
CVE-2026-8858
Analyzed
7.5
IBM i

IBM i 7

2026-06-23
CVE-2026-8851
Analyzed
8.1
Access Multiple Products

SOGo 5

2026-05-19
CVE-2026-8838
Analyzed
9.8
Unsafe Redshift Python Driver

The Amazon Redshift Python driver contains a critical vulnerability where `eval()` is used on server-received data, allowing a malicious server to tri...

2026-05-19
CVE-2026-8836
Analyzed
9.8
Unknown lwIP

The snmpv3 USM Handler in lwIP up to 2.2.1 is vulnerable to a stack-based buffer overflow in the snmp_parse_inbound_frame function, allowing remote co...

2026-05-19
CVE-2026-8832
Analyzed
8.8
WordPress Code Manager Plugin

The WPCode - Insert Headers and Footers + Custom Code Snippets - WordPress Code Manager plugin for WordPress is vulnerable to Remote Code Execution in...

2026-05-27
CVE-2026-8813
Analyzed
7.5
Unknown Multiple Products

This affects versions of the package exifreader before 4

2026-05-19
CVE-2026-8809
Analyzed
9.8
WordPress Advanced Custom Fields: Extended Plugin

The Advanced Custom Fields: Extended plugin for WordPress contains a validation bypass vulnerability that allows unauthenticated attackers to create n...

2026-05-29
CVE-2026-8797
Analyzed
8.5
Microsoft ExpressUpdate Agent for Windows

An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows

2026-06-26
CVE-2026-8787
Analyzed
8.8
WordPress Support & Chat Management Plugin

The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3

2026-05-27
CVE-2026-8785
Analyzed
7.3
HP of the

A flaw has been found in projectworlds hospital-management-system-in-php 1

2026-05-18
CVE-2026-8776
Analyzed
8.8
Edimax BR-6428NS

A vulnerability has been found in Edimax BR-6428NS 1

2026-05-18
CVE-2026-8775
Analyzed
8.8
Edimax BR-6428NS

A flaw has been found in Edimax BR-6428NS 1

2026-05-18
CVE-2026-8771
Analyzed
7.3
Unknown litemall

A security flaw has been discovered in linlinjava litemall up to 1

2026-05-18
CVE-2026-8768
Analyzed
7.3
Vercel AI

A vulnerability was found in vercel ai up to 3

2026-05-18
CVE-2026-8764
Analyzed
7.2
H3C Magic B3

A security vulnerability has been detected in H3C Magic B3 up to 100R002

2026-05-18