Export limit exceeded: 346676 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 79023 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79023 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-10951 | 1 Firestormplugins | 1 Fs-shopping-cart | 2024-11-21 | 7.2 High |
| The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter. | ||||
| CVE-2016-10950 | 1 Sirv | 1 Sirv | 2024-11-21 | 8.8 High |
| The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter. | ||||
| CVE-2016-10949 | 1 Relevanssi | 1 Relevanssi | 2024-11-21 | 8.8 High |
| The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization. | ||||
| CVE-2016-10948 | 1 Post Indexer Project | 1 Post Indexer | 2024-11-21 | 8.1 High |
| The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function. | ||||
| CVE-2016-10947 | 1 Post Indexer Project | 1 Post Indexer | 2024-11-21 | 7.2 High |
| The Post Indexer plugin before 3.0.6.2 for WordPress has SQL injection via the period parameter by a super admin. | ||||
| CVE-2016-10946 | 1 Wp-d3 Project | 1 Wp-d3 | 2024-11-21 | 8.8 High |
| The wp-d3 plugin before 2.4.1 for WordPress has CSRF. | ||||
| CVE-2016-10945 | 1 Pagelines | 1 Pagelines | 2024-11-21 | 8.8 High |
| The PageLines theme 1.1.4 for WordPress has wp-admin/admin-post.php?page=pagelines CSRF. | ||||
| CVE-2016-10944 | 1 Wpmaz | 1 Multisite Post Duplicator | 2024-11-21 | 8.8 High |
| The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF. | ||||
| CVE-2016-10943 | 1 Zx-csv-upload Project | 1 Zx-csv-upload | 2024-11-21 | 7.2 High |
| The zx-csv-upload plugin 1 for WordPress has SQL injection via the id parameter. | ||||
| CVE-2016-10940 | 1 Zm-gallery Project | 1 Zm-gallery | 2024-11-21 | 7.2 High |
| The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter. | ||||
| CVE-2016-10939 | 1 Xtremelocator | 1 Xtremelocator | 2024-11-21 | 7.2 High |
| The xtremelocator plugin 1.5 for WordPress has SQL injection via the id parameter. | ||||
| CVE-2016-10937 | 4 Debian, Fedoraproject, Imapfilter Project and 1 more | 5 Debian Linux, Fedora, Imapfilter and 2 more | 2024-11-21 | 7.5 High |
| IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate. | ||||
| CVE-2016-10906 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.0 High |
| An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean. | ||||
| CVE-2016-10905 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High |
| An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2_clear_rgrpd and read_rindex_entry. | ||||
| CVE-2016-10884 | 1 Simple-membership-plugin | 1 Simple Membership | 2024-11-21 | 8.8 High |
| The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues. | ||||
| CVE-2016-10874 | 1 Wpseeds | 1 Wp Database Backup | 2024-11-21 | 8.8 High |
| The wp-database-backup plugin before 4.3.3 for WordPress has CSRF. | ||||
| CVE-2016-10766 | 1 Edx | 1 Edx-platform | 2024-11-21 | 8.8 High |
| edx-platform before 2016-06-06 allows CSRF. | ||||
| CVE-2016-10743 | 1 W1.fi | 1 Hostapd | 2024-11-21 | 7.5 High |
| hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call. | ||||
| CVE-2016-10707 | 1 Jquery | 1 Jquery | 2024-11-21 | 7.5 High |
| jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit. | ||||
| CVE-2016-10690 | 1 Openframe-ascii-image Project | 1 Openframe-ascii-image | 2024-11-21 | 8.1 High |
| openframe-ascii-image module is an openframe plugin which adds support for ascii images via fim. openframe-ascii-image downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | ||||