Export limit exceeded: 363127 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (354 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-57753 2 Nathanbarry, Wordpress 2 Kit (formerly Convertkit) For Woocommerce, Wordpress 2026-07-06 5.3 Medium
Unauthenticated Sensitive Data Exposure in Kit (formerly ConvertKit) for WooCommerce <= 2.1.5 versions.
CVE-2026-14808 2026-07-06 9.8 Critical
Prog Management System developed by PROG MIS has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtain the database account and password.
CVE-2026-55726 2026-07-06 5.3 Medium
The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to access any device log file available in the blob storage container.
CVE-2025-46421 1 Redhat 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2026-06-25 6.8 Medium
A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.
CVE-2026-40796 2 Ollybach, Wordpress 2 Wppizza, Wordpress 2026-06-23 6.5 Medium
Subscriber Sensitive Data Exposure in WPPizza <= 3.19.9 versions.
CVE-2026-42660 2 Wasiliy Strecker, Wordpress 2 Contest Gallery, Wordpress 2026-06-23 6.5 Medium
Subscriber Sensitive Data Exposure in Contest Gallery <= 28.1.7 versions.
CVE-2026-49066 2 Conekta Group, Wordpress 2 Conekta Payment Gateway, Wordpress 2026-06-23 7.5 High
Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions.
CVE-2026-52694 2 Wordpress, Wp E-signature 2 Wordpress, Signature Add-on For Woocommerce 2026-06-23 7.5 High
Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce <= 2.0 versions.
CVE-2026-0466 1 Amd 2 Amd Uprof, Uprof 2026-06-16 5.5 Medium
Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service.
CVE-2026-9307 1 Rockwellautomation 1 Compactlogix 5370 2026-06-16 N/A
A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be leveraged by an attacker to construct malicious packets, leading to Denial-of-Service.
CVE-2026-34891 2026-06-16 7.5 High
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce <= 2.2.5 versions.
CVE-2026-49056 2 Webtoffee, Wordpress 2 Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels, Wordpress 2026-06-16 7.5 High
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions.
CVE-2026-49068 2 Relywp, Wordpress 2 Coupon Affiliates, Wordpress 2026-06-16 7.5 High
Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions.
CVE-2026-48878 2026-06-15 6.5 Medium
Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.4.1 versions.
CVE-2026-24618 2 Hashthemes, Wordpress 2 Hash Elements, Wordpress 2026-06-13 4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HashThemes Hash Elements allows Retrieve Embedded Sensitive Data. This issue affects Hash Elements: from n/a through 1.5.4.
CVE-2026-44743 1 Sap 1 Business Objects 2026-06-09 3.7 Low
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application.
CVE-2026-11168 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-08 6.5 Medium
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11250 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-05 9.6 Critical
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-9986 1 Vadi Corporate Information Systems 1 Digikent 2026-06-05 8.2 High
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vadi Corporate Information Systems Ltd. Co. DIGIKENT allows Excavation. This issue affects DIGIKENT: through 13092025.
CVE-2026-49077 2 Tipsandtricks-hq, Wordpress 2 Wp Emember, Wordpress 2026-06-05 5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data. This issue affects WP eMember: from n/a through v10.2.2.