CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (359583 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2005-2081	1 Digium	1 Asterisk	2026-04-16	N/A
Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character.
CVE-2004-0697	1 4d	1 Webstar	2026-04-16	N/A
Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information.
CVE-2005-2082	1 Cgi-club	1 Imtrset	2026-04-16	N/A
im_trbbs.cgi in imTRSET 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the df parameter.
CVE-2005-2083	1 Truenorth Software	1 Ia Emailserver	2026-04-16	N/A
Format string vulnerability in IMAP4 in IA eMailServer Corporate Edition 5.2.2 build 1051 allows remote attackers to cause a denial of service (application crash) via a LIST command with format string specifiers as the second argument.
CVE-2000-0317	1 Sun	2 Solaris, Sunos	2026-04-16	N/A
Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option.
CVE-2004-0698	1 4d	1 Webstar	2026-04-16	N/A
4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink attack.
CVE-2026-25418	2 Bitpressadmin, Wordpress	2 Bit Form, Wordpress	2026-04-16	7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through <= 2.21.10.
CVE-2026-25419	2 Flycart, Wordpress	2 Upsellwp, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpsellWP: from n/a through <= 2.2.5.
CVE-2026-25420	2 Mailerlite, Wordpress	2 Mailerlite, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in MailerLite MailerLite official-mailerlite-sign-up-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailerLite: from n/a through <= 1.7.18.
CVE-2026-25423	2 Creativeinteractivemedia, Wordpress	2 Real3d Flipbook, Wordpress	2026-04-16	3.8 Low
Missing Authorization vulnerability in creativeinteractivemedia Real 3D FlipBook real3d-flipbook-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real 3D FlipBook: from n/a through <= 4.19.1.
CVE-2026-25428	2 Total-soft, Wordpress	2 Ts Poll, Wordpress	2026-04-16	4.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.This issue affects TS Poll: from n/a through <= 2.5.5.
CVE-2026-25459	2 Uixthemes, Wordpress	2 Sober, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in uixthemes Sober sober allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sober: from n/a through <= 3.5.12.
CVE-2026-27042	2 Wordpress, Wpdeveloper	2 Wordpress, Notificationx	2026-04-16	5.3 Medium
Missing Authorization vulnerability in WPDeveloper NotificationX notificationx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NotificationX: from n/a through <= 3.2.1.
CVE-2026-27050	2 Thimpress, Wordpress	2 Realpress, Wordpress	2026-04-16	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress RealPress realpress allows Cross Site Request Forgery.This issue affects RealPress: from n/a through <= 1.1.0.
CVE-2026-27057	2 Pencidesign, Wordpress	2 Penci Filter Everything, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through <= 1.7.
CVE-2026-27058	2 Pencidesign, Wordpress	2 Penci Podcast, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Podcast penci-podcast allows DOM-Based XSS.This issue affects Penci Podcast: from n/a through <= 1.7.
CVE-2026-27059	2 Pencidesign, Wordpress	2 Penci Recipe, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Recipe penci-recipe allows DOM-Based XSS.This issue affects Penci Recipe: from n/a through <= 4.1.
CVE-2026-27069	2 Pencidesign, Wordpress	2 Soledad, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through <= 8.7.2.
CVE-2026-27092	2 Greg Winiarski, Wordpress	2 Wpadverts, Wordpress	2026-04-16	6.5 Medium
Missing Authorization vulnerability in Greg Winiarski WPAdverts wpadverts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPAdverts: from n/a through <= 2.3.0.
CVE-2026-27094	2 Godaddy, Wordpress	2 Coblocks, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoDaddy CoBlocks coblocks allows Stored XSS.This issue affects CoBlocks: from n/a through <= 3.1.16.

« first previous Page 4138 of 17980. next last »