Search Results (2291 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-46733 1 Dell 1 Display And Peripheral Manager 2026-06-25 7.8 High
Dell Display and Peripheral Manager (DDPM Windows), versions prior to 2.3, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
CVE-2026-56014 2 Averta, Wordpress 2 Master Slider, Wordpress 2026-06-25 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions.
CVE-2026-12079 2 Wedevs, Wordpress 2 Dokan Pro, Wordpress 2026-06-25 6.5 Medium
The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’ parameter in all versions up to, and including, 5.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVE-2026-40208 1 Powerdns 1 Dnsdist 2026-06-25 3.7 Low
An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.
CVE-2026-54829 2 Jacob N. Breetvelt, Wordpress 2 Wp Photo Album Plus, Wordpress 2026-06-25 7.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jacob N. Breetvelt WP Photo Album Plus allows Blind SQL Injection. This issue affects WP Photo Album Plus: from n/a through 9.1.13.005.
CVE-2026-54036 1 Danny-avila 1 Libre Chat 2026-06-25 5.3 Medium
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by an authenticated user (or attacker with a stolen session) even when 2FA is already fully enabled on the account. This endpoint overwrites the existing TOTP secret, generates new backup codes, and sets twoFactorEnabled to false — all without requiring any TOTP or backup code verification. An attacker with a valid session token can completely take over a victim's 2FA, locking the legitimate user out of their own two-factor authentication. This vulnerability is fixed in 0.8.4-rc1.
CVE-2026-56042 2 Algolplus, Wordpress 2 Advanced Order Export For Woocommerce, Wordpress 2026-06-25 7.1 High
Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.
CVE-2026-56049 2 Postsnippets, Wordpress 2 Post Snippets, Wordpress 2026-06-25 8.5 High
Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions.
CVE-2026-56054 2 Ahmad, Wordpress 2 Js Help Desk, Wordpress 2026-06-25 7.7 High
Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions.
CVE-2026-41120 1 Dell 1 Wyse Management Suite 2026-06-25 9.8 Critical
Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote Code Execution.
CVE-2026-46732 1 Dell 1 Display And Peripheral Manager 2026-06-25 6.7 Medium
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVE-2026-46734 1 Dell 1 Display And Peripheral Manager 2026-06-25 7.3 High
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass.
CVE-2026-57587 1 Tenable 1 Nessus 2026-06-25 5.3 Medium
A SQL injection vulnerability in Nessus allows a remote, unauthenticated attacker who controls reverse DNS records for a scanned host to inject malicious SQL into the scan results database, potentially enabling exfiltration of scan-result data.
CVE-2026-57588 1 Tenable 1 Nessus 2026-06-25 3.3 Low
A SQL injection vulnerability in Nessus allows an attacker to craft a malicious scan result file that, when imported by a privileged user, injects malicious SQL into the scan results database, potentially enabling exfiltration of scan-result data.
CVE-2026-46735 1 Dell 1 Display And Peripheral Manager 2026-06-25 7.8 High
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
CVE-2026-13225 1 Pretix 1 Pretix 2026-06-25 N/A
Malicious HTML content could be injected into the email address of an order, which pretix showed without sanitization on the confirmation page for individual tickets in that order.
CVE-2026-57535 1 Pretix 1 Pretix 2026-06-25 N/A
Content injected to PDF rendering contexts could, in many places, include HTML content including <img> tags. If the src attribute of these images pointed to an URL, the PDF rendering engine would download the image from that place and display it, thereby leaking information about the rendering server and possibly creating an SSRF vector in the local network.
CVE-2026-57533 1 Pretix 1 Pretix 2026-06-25 N/A
Malicious HTML content could be injected into the page pretix shows when redirection to an untrusted page occurs. Since this page has a Content-Security-Policy, this can mainly be used for phishing purposes.
CVE-2026-12992 1 Redhat 1 Apicurio Registry 2026-06-25 7.4 High
A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature. When the VALIDITY rule is set to FULL, an attacker with Developer-role access can upload a WSDL document containing attacker-controlled import locations, causing the registry to issue HTTP requests to arbitrary internal URLs (server-side request forgery).
CVE-2026-53218 1 Linux 1 Linux Kernel 2026-06-25 7.0 High
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_exthdr: fix register tracking for F_PRESENT flag nft_exthdr_init() passes user-controlled priv->len to nft_parse_register_store(), which marks that many bytes in the register bitmap as initialized. However, when NFT_EXTHDR_F_PRESENT is set, the eval paths write only 1 byte (nft_reg_store8) or 4 bytes (*dest = 0 on TCP/DCCP error path). When len > 4, registers beyond the first are never written, retaining uninitialized stack data from nft_regs. Bail out if userspace requests too much data when F_PRESENT is set.