Export limit exceeded: 359197 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359197 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359197 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22331 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions. | ||||
| CVE-2025-59563 | 2026-06-17 | 8.8 High | ||
| Subscriber Privilege Escalation in Sonaar <= 4.27.4 versions. | ||||
| CVE-2025-69129 | 2026-06-17 | 10 Critical | ||
| Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site <= 1.0.7 versions. | ||||
| CVE-2025-69171 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Orpheus <= 1.3 versions. | ||||
| CVE-2026-22327 | 2026-06-17 | 9.9 Critical | ||
| Subscriber Arbitrary File Upload in Restaurt <= 1.0.4 versions. | ||||
| CVE-2026-39589 | 2026-06-17 | 9.9 Critical | ||
| Subscriber Arbitrary File Upload in Webenvo <= 0.0.6 versions. | ||||
| CVE-2026-22334 | 2026-06-17 | 7.5 High | ||
| Subscriber Arbitrary File Download in Woocommerce Book Price <= 1.3 versions. | ||||
| CVE-2026-22343 | 2026-06-17 | 8.6 High | ||
| Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions. | ||||
| CVE-2026-40747 | 2026-06-17 | 9.9 Critical | ||
| Subscriber Arbitrary File Upload in Ecommerce Zone <= 0.9.7 versions. | ||||
| CVE-2026-27041 | 2026-06-17 | 9.9 Critical | ||
| Contributor Arbitrary File Upload in Unlimited Elements for Elementor (Premium) <= 2.0.6 versions. | ||||
| CVE-2026-39596 | 2026-06-17 | 9.3 Critical | ||
| Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions. | ||||
| CVE-2026-40726 | 2026-06-17 | 8.2 High | ||
| Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.14 versions. | ||||
| CVE-2026-40749 | 2026-06-17 | 9.9 Critical | ||
| Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions. | ||||
| CVE-2026-40783 | 2026-06-17 | 9.9 Critical | ||
| Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.37 versions. | ||||
| CVE-2025-43300 | 1 Apple | 7 Ios, Ipados, Iphone Os and 4 more | 2026-06-17 | 10 Critical |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals. | ||||
| CVE-2026-48875 | 2026-06-17 | 9.3 Critical | ||
| Unauthenticated SQL Injection in JetSmartFilters <= 3.8.1 versions. | ||||
| CVE-2026-49075 | 2026-06-17 | 9.8 Critical | ||
| Contributor PHP Object Injection in JetEngine <= 3.8.9.1 versions. | ||||
| CVE-2026-42380 | 2026-06-17 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions. | ||||
| CVE-2026-50263 | 2 Redhat, X.org | 3 Enterprise Linux, X Server, Xwayland | 2026-06-17 | 5.5 Medium |
| A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure. | ||||
| CVE-2026-50262 | 2 Redhat, X.org | 4 Enterprise Linux, X Server, Xorg-server and 1 more | 2026-06-17 | 5.5 Medium |
| An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapped clients which is disabled by default. | ||||