Export limit exceeded: 359197 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359197 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-40752 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions. | ||||
| CVE-2026-40738 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Eldon <= 1.4.1 versions. | ||||
| CVE-2026-40733 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in ShiftUp <= 1.3 versions. | ||||
| CVE-2026-40720 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Royal Elementor Addons Pro < 1.7.1041 versions. | ||||
| CVE-2026-39590 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Atomlab <= 2.4.5 versions. | ||||
| CVE-2026-39576 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions. | ||||
| CVE-2026-39560 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions. | ||||
| CVE-2026-39559 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Uppercase < 1.2.2 versions. | ||||
| CVE-2026-39556 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Konsept <= 1.9 versions. | ||||
| CVE-2026-39523 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Solene Core <= 2.3.2 versions. | ||||
| CVE-2026-39445 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions. | ||||
| CVE-2026-39442 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in PressMart <= 1.2.26 versions. | ||||
| CVE-2025-69170 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Eventicity <= 1.5 versions. | ||||
| CVE-2025-69164 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Skyward <= 1.10 versions. | ||||
| CVE-2025-69144 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Preservation <= 1.10 versions. | ||||
| CVE-2026-54193 | 2026-06-17 | 7.7 High | ||
| Contributor Arbitrary File Deletion in Fusion Builder <= 3.15.4 versions. | ||||
| CVE-2024-37496 | 2026-06-17 | 4.3 Medium | ||
| Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Metro Magazine: from n/a through 1.3.7. | ||||
| CVE-2026-2604 | 2 Gnome, Redhat | 2 Evolution-data-server, Enterprise Linux | 2026-06-17 | 5.6 Medium |
| A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or modification. Later, during contact deletion, the URI is processed with a less strict check, leading to the deletion of arbitrary files on the host filesystem. This could potentially include critical Flatpak override files. | ||||
| CVE-2026-37281 | 1 Hitarth-gg | 1 Zenshin | 2026-06-17 | 9.8 Critical |
| An OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execute arbitrary commands via the url parameter. | ||||
| CVE-2026-22325 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions. | ||||