Export limit exceeded: 359236 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359236 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25108 | 2 Soliton, Soliton Systems K.k. | 2 Filezen, Filezen | 2026-06-17 | 8.8 High |
| FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command. | ||||
| CVE-2026-22769 | 1 Dell | 1 Recoverpoint For Virtual Machines | 2026-06-17 | 10 Critical |
| Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible. | ||||
| CVE-2026-54811 | 2026-06-17 | 9.3 Critical | ||
| Unauthenticated SQL Injection in WP eMember < v10.9.4 versions. | ||||
| CVE-2026-54806 | 2026-06-17 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions. | ||||
| CVE-2026-54804 | 2026-06-17 | 7.6 High | ||
| Subscriber Broken Authentication in Melhor Envio <= 2.16.3 versions. | ||||
| CVE-2026-54803 | 2026-06-17 | 9.8 Critical | ||
| Subscriber Privilege Escalation in SMS Alert Order Notifications <= 3.9.4 versions. | ||||
| CVE-2026-54802 | 2026-06-17 | 7.5 High | ||
| Unauthenticated Broken Authentication in SMS Alert Order Notifications <= 3.9.3 versions. | ||||
| CVE-2026-54195 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions. | ||||
| CVE-2026-54188 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions. | ||||
| CVE-2026-54187 | 2026-06-17 | 9.3 Critical | ||
| Unauthenticated SQL Injection in JetEngine <= 3.8.10.1 versions. | ||||
| CVE-2026-54185 | 2026-06-17 | 8.5 High | ||
| Subscriber SQL Injection in Cornerstone < 7.8.8 versions. | ||||
| CVE-2026-52705 | 2026-06-17 | 9 Critical | ||
| Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms <= 1.4.5 versions. | ||||
| CVE-2026-52698 | 2026-06-17 | 7.4 High | ||
| Subscriber Sensitive Data Exposure in PushEngage – Web Push Notifications, eCommerce Automation & Chat Widget <= 4.2.3 versions. | ||||
| CVE-2026-49778 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in WPFunnels Pro <= 2.9.4 versions. | ||||
| CVE-2026-49081 | 2026-06-17 | 8.2 High | ||
| Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.12 versions. | ||||
| CVE-2026-49076 | 2026-06-17 | 9.3 Critical | ||
| Unauthenticated SQL Injection in JetEngine <= 3.8.9.1 versions. | ||||
| CVE-2026-45436 | 2026-06-17 | 6.5 Medium | ||
| Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions. | ||||
| CVE-2026-42629 | 2026-06-17 | 8.8 High | ||
| Unauthenticated Broken Authentication in PowerPack Pro for Elementor < v2.13.0 versions. | ||||
| CVE-2026-42385 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Profile Builder Pro <= 3.15.0 versions. | ||||
| CVE-2026-41557 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions. | ||||