17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 3701-3750 of 17426 CVEs Page 75 of 349
CVE-2026-3880
7.3
Microsoft Exchange Reporter

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permissions report

2026-04-05
CVE-2026-3879
7.3
Microsoft Exchange Reporter

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Details report

2026-04-05
CVE-2026-38751
7.2
HP Multiple Products

OpenSTAManager version 2

2026-05-06
CVE-2026-3873
7.2
Avantra Multiple Products

Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not Properly Constrained by ACLs

2026-03-15
CVE-2026-38728
Analyzed
7.5
Unknown Multiple Products

An issue in Nodemailer smtp_server before v

2026-05-17
CVE-2026-3872
Analyzed
7.3
Red Hat Keycloak

A flaw was found in Keycloak

2026-04-04
CVE-2026-38707
Analyzed
9.8
InHand Networks IR302, IR305, IR315, and IR615

A command injection vulnerability in the IPSec VPN feature of various InHand Networks devices allows remote unauthenticated attackers to execute arbit...

2026-05-29
CVE-2026-38704
Analyzed
9.8
InHand Networks IR302, IR305, IR315, and IR615

A command injection vulnerability in the WireGuard VPN feature of various InHand Networks devices allows remote unauthenticated attackers to execute a...

2026-05-29
CVE-2026-38703
Analyzed
9.8
InHand Networks Industrial Routers (IR302, IR305, IR315, IR615)

A command injection vulnerability in the ZeroTier VPN feature of InHand Networks industrial routers allows remote attackers to gain root privileges.

2026-05-29
CVE-2026-38702
Analyzed
9.8
InHand Networks Industrial Routers (IR302, IR305, IR315, IR615)

A command injection vulnerability in the Admin Access feature of InHand Networks industrial routers allows remote attackers to gain root privileges.

2026-05-29
CVE-2026-38651
8.2
Unknown Multiple Products

Authentication Bypass vulnerability exists in Netmaker versions prior to 1

2026-04-29
CVE-2026-38581
Analyzed
9.8
HP thaipalliative_lte

A SQL injection vulnerability in thaipalliative_lte allows remote attackers to execute arbitrary SQL commands via unsanitized input in the idFormMain...

2026-06-12
CVE-2026-3857
8.1
GitLab has remediated

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17

2026-03-26
CVE-2026-38568
8.1
Unknown Multiple Products

HireFlow v1

2026-05-12
CVE-2026-38566
8.1
Unknown Multiple Products

HireFlow v1

2026-05-13
CVE-2026-38532
8.1
HP endpoint of

A Broken Object-Level Authorization (BOLA) in the /Contact/Persons/PersonController

2026-04-15
CVE-2026-38530
8.1
HP endpoint of

A Broken Object-Level Authorization (BOLA) in the /Controllers/Lead/LeadController

2026-04-15
CVE-2026-38529
8.8
HP endpoint of

A Broken Object-Level Authorization (BOLA) in the /Settings/UserController

2026-04-15
CVE-2026-38527
8.5
Unknown Multiple Products

A Server-Side Request Forgery (SSRF) in the /settings/webhooks/create component of Webkul Krayin CRM v2

2026-04-15
CVE-2026-38526
Analyzed
9.9
HP file

An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x allows attackers to execute arb...

2026-04-15
CVE-2026-3847
8.8
Unknown Multiple Products

Memory safety bugs present in Firefox 148

2026-03-11
CVE-2026-3845
8.8
Google Multiple Products

Heap buffer overflow in the Audio/Video: Playback component in Firefox for Android

2026-03-11
CVE-2026-3844
Analyzed
9.8
WordPress is vulnerable

The Breeze Cache plugin for WordPress is vulnerable to unauthenticated arbitrary file uploads via the Gravatar fetching function.

2026-04-23
CVE-2026-3843
Analyzed
9.8
HP contains

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux contains a SQL Injection vulnerability (CWE-89) in the system configuration...

2026-03-11
CVE-2026-3839
7.3
HP file

Unraid Authentication Request Path Traversal Authentication Bypass Vulnerability

2026-03-17
CVE-2026-3838
8.8
HP file

Unraid Update Request Path Traversal Remote Code Execution Vulnerability

2026-03-17
CVE-2026-38361
7.5
Unknown Multiple Products

An issue in fohrloop dash-uploader v

2026-05-09
CVE-2026-38360
Analyzed
9.8
Unknown Multiple Products

Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the dash_...

2026-05-09
CVE-2026-3830
8.6
WordPress plugin before

The Product Filter for WooCommerce by WBW WordPress plugin before 3

2026-04-14
CVE-2026-3828
7.2
Hikvision switch products

Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input v...

2026-05-10
CVE-2026-3826
Analyzed
9.8
WellChoose IFTOP

A Local File Inclusion (LFI) vulnerability in WellChoose IFTOP allows unauthenticated remote attackers to execute arbitrary code on the server.

2026-03-11
CVE-2026-3823
Analyzed
8.8
Atop Technologies EHG2408 series switch

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to con...

2026-03-09
CVE-2026-3818
7.3
Microsoft Multiple Products

A flaw has been found in Tiandy Easy7 CMS Windows 7

2026-03-10
CVE-2026-3815
8.8
UTT Multiple Products

A weakness has been identified in UTT HiPER 810G up to 1

2026-03-10
CVE-2026-3814
8.8
UTT Multiple Products

A security flaw has been discovered in UTT HiPER 810G up to 1

2026-03-10
CVE-2026-3811
8.8
Tenda FH1202

A vulnerability was found in Tenda FH1202 1

2026-03-10
CVE-2026-3810
8.8
Tenda FH1202

A vulnerability has been found in Tenda FH1202 1

2026-03-09
CVE-2026-3809
8.8
Tenda FH1202

A flaw has been found in Tenda FH1202 1

2026-03-09
CVE-2026-3808
8.8
Tenda FH1202

A vulnerability was detected in Tenda FH1202 1

2026-03-09
CVE-2026-3807
8.8
Tenda FH1202

A security vulnerability has been detected in Tenda FH1202 1

2026-03-09
CVE-2026-3804
8.8
Tenda i3

A security flaw has been discovered in Tenda i3 1

2026-03-09
CVE-2026-3803
8.8
Tenda i3

A vulnerability was identified in Tenda i3 1

2026-03-09
CVE-2026-3802
8.8
Tenda i3

A vulnerability was determined in Tenda i3 1

2026-03-09
CVE-2026-3801
8.8
Tenda i3

A vulnerability was found in Tenda i3 1

2026-03-09
CVE-2026-3799
8.8
Tenda i3

A flaw has been found in Tenda i3 1

2026-03-09
CVE-2026-3794
7.3
Unknown Multiple Products

A vulnerability was identified in doramart DoraCMS 3

2026-03-09
CVE-2026-3787
7
Arch path

A weakness has been identified in UltraVNC 1

2026-03-09
CVE-2026-3780
7.3
Arch paths that

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-...

2026-04-01
CVE-2026-3779
7.8
Unknown Multiple Products

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows cra...

2026-04-01
CVE-2026-3775
7.8
Arch path that

The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by l...

2026-04-01