Export limit exceeded: 366631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366631 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21045 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-07-16 | N/A |
| Out-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory. | ||||
| CVE-2026-21048 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-07-16 | N/A |
| Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory. | ||||
| CVE-2026-12276 | 2026-07-16 | 5.3 Medium | ||
| The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when registration has been disabled site-wide. | ||||
| CVE-2026-15610 | 2 Quantumcloud, Wordpress | 2 Wpbot – Ai Chatbot For Live Support, Lead Generation, Ai Services, Wordpress | 2026-07-16 | 4.3 Medium |
| The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to trigger arbitrary re-embedding of stored RAG documents, modifying the rag_documents table and consuming the site owner's paid third-party AI API credits (OpenAI, Gemini, OpenRouter, or xAI). | ||||
| CVE-2023-49899 | 1 X-rite | 1 Ma-t6 | 2026-07-16 | 9.8 Critical |
| An unauthenticated remote attacker can execute any command on the affected device due to not correctly verifying the origin of a communication channel. | ||||
| CVE-2023-49900 | 1 X-rite | 1 Ma-t6 | 2026-07-16 | 9.8 Critical |
| An unauthenticated remote attacker is able to perform remote code execution due to incorrectly sanitized user input in the SetParameter command. | ||||
| CVE-2026-15086 | 1 Drupal | 1 Raw Formatter [meta Tag Formatter] | 2026-07-16 | 5.9 Medium |
| vulnerability in Drupal Raw Formatter [Meta Tag Formatter] allows . This issue affects Raw Formatter [Meta Tag Formatter] versions: *.*. | ||||
| CVE-2026-15008 | 2 Uncannyowl, Wordpress | 2 Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin, Wordpress | 2026-07-16 | 8.1 High |
| The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the fr_token function in all versions up to, and including, 7.3.1.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Exploitation requires a Forminator form connected to an Uncanny Automator recipe configured for 'Everyone', allowing unauthenticated form submissions to supply the malicious serialized payload; a gadget chain is present within the plugin via the Action_Helpers_Email __destruct() method, meaning no external gadget library is required. | ||||
| CVE-2024-8751 | 1 Sick | 1 Msc800 Firmware | 2026-07-16 | 7.5 High |
| A vulnerability allows a remote unauthenticated attacker to modify the prod uct’s IP address over the Sopas ET interface. This can lead to a Denial of Service attack. | ||||
| CVE-2026-39042 | 1 Mikrotik | 1 Routeros | 2026-07-16 | 7.5 High |
| An issue in MikroTIk (SIA Mikrotikls, Latvia) RouterOS 7.21.x before v.7.21.4 and 7.22.x before v.7.22.2 allows a remote attacker to cause a denial of service via the unflatten() function in libumsg.so. | ||||
| CVE-2026-51821 | 2026-07-16 | 9.8 Critical | ||
| SQL Injection vulnerability in Shenzhou Shihan Video Conference System v.1.0 allows a remote attacker to execute arbitrary code via the /user/getUserLogin endpoint | ||||
| CVE-2026-11964 | 2026-07-16 | 9.1 Critical | ||
| The User Registration & Membership WordPress plugin before 5.2.2 does not verify the authenticity of incoming payment-provider webhook notifications before acting on them, allowing unauthenticated attackers to forge a payment-approved event and activate a paid membership subscription without completing a real payment. | ||||
| CVE-2026-12273 | 2026-07-16 | 4.3 Medium | ||
| The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and stores the comment pre-approved, allowing authenticated users with subscriber-level access and above to post auto-approved comments containing arbitrary HTML and links on any content across the site, bypassing the comment moderation queue. | ||||
| CVE-2026-12396 | 2026-07-16 | 5.4 Medium | ||
| The WP Job Portal WordPress plugin before 2.5.5 does not perform capability or ownership checks before allowing job moderation actions, allowing authenticated users with a subscriber-level (self-registerable) account to approve, feature, or reject arbitrary jobs, including those owned by other users. | ||||
| CVE-2026-14544 | 1 Redhat | 1 Enterprise Linux | 2026-07-16 | 9.8 Critical |
| A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling specially crafted print data. | ||||
| CVE-2026-15022 | 2 Themeum, Wordpress | 2 Tutor Lms – Elearning And Online Course Solution, Wordpress | 2026-07-16 | 6.5 Medium |
| The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to generic SQL Injection via Stored Quiz Answer Array in all versions up to, and including, 4.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with custom-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The payload is stored at quiz-attempt time via the wp_ajax_tutor_quiz_abandon handler, but the injected SQL executes only when a privileged user or Tutor REST API key holder requests the /wp-json/tutor/v1/quiz-attempt-details/{id} endpoint, making this a second-order (stored) injection chain. | ||||
| CVE-2026-15106 | 2 Quantumcloud, Wordpress | 2 Wpbot – Ai Chatbot For Live Support, Lead Generation, Ai Services, Wordpress | 2026-07-16 | 5.3 Medium |
| The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to delete arbitrary chat session records from the wpbot_user and wpbot_conversation tables, including chat history and conversation logs, by supplying a crafted userid value. | ||||
| CVE-2026-13755 | 2 Tickera, Wordpress | 2 Tickera – Sell Tickets & Manage Events, Wordpress | 2026-07-16 | 6.4 Medium |
| The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'price_wrapper' Shortcode Attribute in all versions up to, and including, 3.6.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Successful execution of the injected script is limited to victims who have the referenced ticket ID present in their cart cookie, meaning the payload only fires for users who have previously added that ticket to their cart. | ||||
| CVE-2026-15021 | 2 Tomdever, Wordpress | 2 Wpforo Forum, Wordpress | 2026-07-16 | 6.4 Medium |
| The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'location' Profile Field in all versions up to, and including, 3.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The sanitize_text_field() function applied at input does not encode double quotes, allowing attribute breakout via a payload that escapes the href attribute context and injects event handler attributes. | ||||
| CVE-2026-22752 | 2026-07-16 | 9.6 Critical | ||
| Authentication bypass by primary weakness vulnerability in Spring Security Spring Authorization Server. This issue affects Spring Authorization Server: from 7.0.0 through 7.0.4, from 1.5.0 through 1.5.6, from 1.4.0 through 1.4.9, from 1.3.0 through 1.3.10. | ||||