Export limit exceeded: 359242 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359242 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-54810 | 2026-06-17 | 7.5 High | ||
| Missing Authorization vulnerability in Nexi Payments Nexi XPay allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexi XPay: from n/a through 8.3.1. | ||||
| CVE-2026-22283 | 2026-06-17 | 7.5 High | ||
| Dell PowerFlex Manager, version(s) Version prior to 4.8, contain(s) an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2026-47340 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | 6.5 Medium |
| Allow authenticated users to access alert instances associated with alert groups they do not have permission to access. in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2025-69158 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Granola <= 1.13 versions. | ||||
| CVE-2025-69189 | 2026-06-17 | 7.3 High | ||
| Missing Authorization vulnerability in EMV JobBank allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobBank: from n/a through 1.2.3. | ||||
| CVE-2024-24709 | 2 Shareaholic, Wordpress | 2 Shareaholic, Wordpress | 2026-06-17 | 4.3 Medium |
| Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shareaholic: from n/a through 9.7.11. | ||||
| CVE-2026-32967 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | 6.5 Medium |
| Incorrect Authorization vulnerability of `/v2` experimental interface in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2026-42357 | 2026-06-17 | 6.5 Medium | ||
| Incorrect Authorization vulnerability allows users to access workflow instance information belonging to projects they do not have permission to access. This issue affects Apache DolphinScheduler versions prior to 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes this issue. | ||||
| CVE-2026-32966 | 2026-06-17 | 7.5 High | ||
| DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2026-22339 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions. | ||||
| CVE-2024-49269 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in my flatonica <= 0.0.8 versions. | ||||
| CVE-2026-22338 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions. | ||||
| CVE-2025-59560 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Sonaar <= 4.27.4 versions. | ||||
| CVE-2025-69117 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Ingenioso <= 1.14.0 versions. | ||||
| CVE-2026-22329 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions. | ||||
| CVE-2025-69161 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Snowy <= 1.13 versions. | ||||
| CVE-2025-69179 | 2026-06-17 | 9.8 Critical | ||
| Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions. | ||||
| CVE-2026-22326 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions. | ||||
| CVE-2026-22330 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Right Way <= 4.0 versions. | ||||
| CVE-2026-22332 | 2026-06-17 | 9.3 Critical | ||
| Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions. | ||||