Export limit exceeded: 366430 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366430 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-40215 | 1 Openvpn | 1 Openvpn | 2026-06-16 | N/A |
| A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion. | ||||
| CVE-2026-39490 | 2 Artbees, Wordpress | 2 Jupiter X Core, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Broken Access Control in JupiterX Core <= 4.14.1 versions. | ||||
| CVE-2026-49106 | 2 Crmperks, Wordpress | 2 Integration For Contact Form 7 And Constant Contact, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for Contact Form 7 and Constant Contact <= 1.1.6 versions. | ||||
| CVE-2026-49765 | 2 Crm Perks, Wordpress | 2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.8 versions. | ||||
| CVE-2026-39581 | 2 Activity-log.com, Wordpress | 2 Wp Sessions Time Monitoring Full Automatic, Wordpress | 2026-06-16 | 8.5 High |
| Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic <= 1.1.4 versions. | ||||
| CVE-2026-10829 | 1 Moxa | 2 Nport W2150a-w4 W2250a-w4 Series, Nport W2150a W2250a Series | 2026-06-16 | N/A |
| A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit this vulnerability by sending crafted input to the web service, resulting in memory corruption. Successful exploitation of this vulnerability could allow remote code execution on the target system with root privileges. | ||||
| CVE-2026-21643 | 1 Fortinet | 1 Forticlientems | 2026-06-16 | 9.1 Critical |
| An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. | ||||
| CVE-2026-49085 | 2 Crmperks, Wordpress | 2 Wp Insightly For Contact Form 7, Wpforms, Elementor, Formidable And Ninja Forms, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.1.4 versions. | ||||
| CVE-2026-49781 | 2 Brainstorm Force, Wordpress | 2 Ottokit, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in OttoKit <= 1.1.27 versions. | ||||
| CVE-2026-48885 | 2 Groundhogg, Wordpress | 2 Hollerbox, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in HollerBox <= 2.3.10.1 versions. | ||||
| CVE-2026-40790 | 2 Veronalabs, Wordpress | 2 Wp Sms, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Sensitive Data Exposure in WP SMS <= 7.2.1 versions. | ||||
| CVE-2026-42651 | 2 Mamunur Rashid, Wordpress | 2 Classified Listing, Wordpress | 2026-06-16 | 6.3 Medium |
| Subscriber Broken Access Control in Classified Listing <= 5.3.9 versions. | ||||
| CVE-2026-48882 | 2 Codepeople, Wordpress | 2 Wp Time Slots Booking Form, Wordpress | 2026-06-16 | 8.5 High |
| Subscriber SQL Injection in WP Time Slots Booking Form <= 1.2.50 versions. | ||||
| CVE-2026-49056 | 2 Webtoffee, Wordpress | 2 Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions. | ||||
| CVE-2026-49068 | 2 Relywp, Wordpress | 2 Coupon Affiliates, Wordpress | 2026-06-16 | 7.5 High |
| Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions. | ||||
| CVE-2026-49083 | 2 Latepoint, Wordpress | 2 Latepoint, Wordpress | 2026-06-16 | 7.5 High |
| Contributor Privilege Escalation in LatePoint <= 5.5.1 versions. | ||||
| CVE-2026-40793 | 2 Groundhogg, Wordpress | 2 Groundhogg, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Broken Access Control in Groundhogg < 4.4.1 versions. | ||||
| CVE-2026-42640 | 2 Mamunur Rashid, Wordpress | 2 Classified Listing, Wordpress | 2026-06-16 | 6.5 Medium |
| Unauthenticated Broken Access Control in Classified Listing <= 5.3.8 versions. | ||||
| CVE-2026-42659 | 2 Nasirahmed, Wordpress | 2 Advanced Form Integration, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Broken Access Control in Advanced Form Integration <= 1.126.12 versions. | ||||
| CVE-2026-48964 | 2 Elextensions, Wordpress | 2 Elex Wordpress Helpdesk & Customer Ticketing System, Wordpress | 2026-06-16 | 8.5 High |
| Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.6 versions. | ||||