Export limit exceeded: 359782 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359782 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22769 | 1 Dell | 1 Recoverpoint For Virtual Machines | 2026-06-17 | 10 Critical |
| Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible. | ||||
| CVE-2026-54811 | 2026-06-17 | 9.3 Critical | ||
| Unauthenticated SQL Injection in WP eMember < v10.9.4 versions. | ||||
| CVE-2026-54806 | 2026-06-17 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions. | ||||
| CVE-2026-54802 | 2026-06-17 | 7.5 High | ||
| Unauthenticated Broken Authentication in SMS Alert Order Notifications <= 3.9.3 versions. | ||||
| CVE-2026-54195 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions. | ||||
| CVE-2026-49778 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in WPFunnels Pro <= 2.9.4 versions. | ||||
| CVE-2026-45436 | 2026-06-17 | 6.5 Medium | ||
| Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions. | ||||
| CVE-2026-42629 | 2026-06-17 | 8.8 High | ||
| Unauthenticated Broken Authentication in PowerPack Pro for Elementor < v2.13.0 versions. | ||||
| CVE-2026-42385 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Profile Builder Pro <= 3.15.0 versions. | ||||
| CVE-2026-40735 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Reina <= 2.1 versions. | ||||
| CVE-2026-40731 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in ChapterOne <= 1.7 versions. | ||||
| CVE-2026-40721 | 2026-06-17 | 7.5 High | ||
| Contributor Local File Inclusion in Element Pack Pro <= 9.0.6 versions. | ||||
| CVE-2026-39558 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Malmö <= 2.2 versions. | ||||
| CVE-2026-34888 | 2026-06-17 | 7.5 High | ||
| Unauthenticated Sensitive Data Exposure in Bricksforge <= 3.1.8.4 versions. | ||||
| CVE-2026-25446 | 2026-06-17 | 9.9 Critical | ||
| Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions. | ||||
| CVE-2026-24610 | 2026-06-17 | 4.3 Medium | ||
| Subscriber Broken Access Control in MetForm Pro <= 3.9.1 versions. | ||||
| CVE-2026-9690 | 2026-06-17 | 7.5 High | ||
| Unauthenticated Arbitrary File Download in WP Media folder Addon <= 4.0.1 versions. | ||||
| CVE-2025-58954 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in HomeRoofer <= 2.11.0 versions. | ||||
| CVE-2026-20133 | 1 Cisco | 1 Catalyst Sd-wan Manager | 2026-06-17 | 6.5 Medium |
| A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system. | ||||
| CVE-2026-25836 | 1 Fortinet | 3 Fortisandbox Cloud, Fortisandboxcloud, Fortisandboxpaas | 2026-06-17 | 6.7 Medium |
| An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests. | ||||