Export limit exceeded: 359387 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359387 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31013 | 2026-06-17 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Folo allows Reflected XSS. This issue affects Themify Folo: from n/a through 1.9.6. | ||||
| CVE-2025-69123 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Snow Club <= 1.1 versions. | ||||
| CVE-2025-69174 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Etude <= 1.6 versions. | ||||
| CVE-2025-60236 | 2026-06-17 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in EMV Creatify allows Object Injection. This issue affects Creatify: from n/a through 1.5. | ||||
| CVE-2024-33685 | 2026-06-17 | 4.3 Medium | ||
| Missing Authorization vulnerability in Jegstudio Startupzy startupzy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Startupzy: from n/a through 1.1.1. | ||||
| CVE-2025-68524 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5 versions. | ||||
| CVE-2025-69111 | 2026-06-17 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in Reisen <= 1.4.1 versions. | ||||
| CVE-2025-69126 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Fortius <= 2.3.0 versions. | ||||
| CVE-2025-69157 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Gamic <= 1.15 versions. | ||||
| CVE-2019-25293 | 1 Bluestacks | 2 Bluestacks, Bluestacks App Player | 2026-06-17 | 7.8 High |
| BlueStacks App Player 2.4.44.62.57 contains an unquoted service path vulnerability in the BstHdLogRotatorSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe to inject malicious executables and escalate privileges. | ||||
| CVE-2025-69172 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Resurs <= 1.3 versions. | ||||
| CVE-2025-69175 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Line Agency <= 1.3.1 versions. | ||||
| CVE-2025-69135 | 2026-06-17 | 8.5 High | ||
| Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions. | ||||
| CVE-2026-22328 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions. | ||||
| CVE-2025-60229 | 2026-06-17 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in Themeton Lagom allows Object Injection. This issue affects Lagom: from n/a through 2.0. | ||||
| CVE-2025-49403 | 2 Aa-team, Wordpress | 2 Premium Age Verification Restriction For Wordpress, Wordpress | 2026-06-17 | 7.5 High |
| Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress <= 3.0.2 versions. | ||||
| CVE-2025-69128 | 2026-06-17 | 8.6 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in EMV JobCareer allows Path Traversal. This issue affects JobCareer: from n/a through 7.3. | ||||
| CVE-2025-69120 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Dazzle <= 1.0.0 versions. | ||||
| CVE-2025-69140 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in SweetDate Core < 1.1.5 versions. | ||||
| CVE-2026-39546 | 2 Techspawn, Wordpress | 2 Multiloca, Wordpress | 2026-06-17 | 7.6 High |
| Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions. | ||||