Search

Expected end of text, found ':' (at char 21), (line:1, col:22)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (359050 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-69179 2026-06-17 9.8 Critical
Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions.
CVE-2026-22326 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions.
CVE-2026-22330 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Right Way <= 4.0 versions.
CVE-2026-22332 2026-06-17 9.3 Critical
Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.
CVE-2026-22342 2026-06-17 8.8 High
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
CVE-2025-69145 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Gat <= 1.16 versions.
CVE-2025-69127 2026-06-17 9.8 Critical
Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions.
CVE-2025-59554 2026-06-17 9.3 Critical
Unauthenticated SQL Injection in Advanced Ads – Tracking < 3.0.7 versions.
CVE-2025-69106 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Imba <= 1.5.0 versions.
CVE-2024-35648 2026-06-17 4.3 Medium
Cross-Site request forgery (CSRF) vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery. This issue affects Emergency Password Reset: from n/a through 8.0.
CVE-2024-32729 2 Quantumcloud, Wordpress 2 Conversational Forms For Chatbot, Wordpress 2026-06-17 7.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal. This issue affects Conversational Forms for ChatBot: from n/a through 1.1.8.
CVE-2024-37210 2026-06-17 6.5 Medium
Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AliNext: from n/a through 3.3.5.
CVE-2025-58953 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Joly <= 1.22.0 versions.
CVE-2025-69115 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions.
CVE-2025-69130 2026-06-17 8.8 High
Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions.
CVE-2025-69166 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Gunslinger <= 1.7 versions.
CVE-2025-60230 2026-06-17 9.8 Critical
Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection. This issue affects The Barber Shop: from n/a through 1.9.
CVE-2025-60223 2026-06-17 7.7 High
Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot <= 13.6.5 versions.
CVE-2024-47477 2026-06-17 6.5 Medium
Dell PowerFlex Manager, versions prior to 4.5.1.1, contain an improper certificate validation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability leading to man-in-the-middle attack in tandem with DNS cache poisoning.
CVE-2025-62340 2026-06-17 3.1 Low
HCL iControl was affected by Inadequate Session Timeout vulnerability. The vulnerability involves a security risk where a web application fails to automatically terminate user sessions after a period of inactivity