Export limit exceeded: 366667 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366667 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-55039 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 7.8 High |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-12684 | 2026-07-16 | N/A | ||
| The Customer Reviews for WooCommerce WordPress plugin before 5.113.0 does not perform authentication, capability, or nonce checks on one of its media upload AJAX actions when the review media attachment feature is enabled, allowing unauthenticated users to upload media files (bounded to an image and video allowlist) to the Media Library and create attachment posts, leading to media library pollution and disk space exhaustion. | ||||
| CVE-2026-12585 | 2026-07-16 | N/A | ||
| The Abandoned Cart Lite for WooCommerce WordPress plugin before 6.8.2 does not protect the integrity of its cart-recovery tokens or bind them to the requesting account, allowing unauthenticated attackers to forge a recovery link that logs them in as another user when the automatic-login option is enabled. | ||||
| CVE-2026-12525 | 2026-07-16 | N/A | ||
| The Redux Framework WordPress plugin before 4.5.13 does not restrict which user meta keys can be written when saving custom profile fields, allowing users with at least the Subscriber role to escalate their privileges to Administrator by submitting a crafted value while updating their own profile, on sites where the Redux Framework WordPress plugin before 4.5.13's user-profile (Users extension) feature is enabled. | ||||
| CVE-2026-12510 | 2026-07-16 | N/A | ||
| The AI Engine WordPress plugin before 3.5.5 does not verify that a user owns the chatbot conversation referenced by a client-supplied identifier, allowing users with subscriber-level access to read other users' private conversations and take over their conversation records when the discussions feature is enabled. | ||||
| CVE-2026-12492 | 2026-07-16 | N/A | ||
| The Happy Coders OTP Login for WooCommerce WordPress plugin before 2.8 does not verify that a one-time password was actually validated before authenticating a user based on a supplied identifier, allowing unauthenticated attackers to log in as any existing user, including administrators, as well as to create new accounts. | ||||
| CVE-2026-12395 | 2026-07-16 | N/A | ||
| The WP Job Portal WordPress plugin before 2.5.5 does not properly sanitize and escape a parameter before using it in a SQL query, allowing authenticated users with a subscriber-level (self-registerable) account to perform SQL injection attacks. | ||||
| CVE-2026-11866 | 2026-07-16 | N/A | ||
| The Appointment Booking Plugin WordPress plugin before 5.6.3 does not validate a CSRF nonce on several state-changing actions handled by its central request dispatcher, allowing attackers to perform privileged actions, such as overwriting the booking-form configuration or disconnecting the connected payment gateway, via Cross-Site Request Forgery against a logged-in administrator. | ||||
| CVE-2026-61440 | 2 Mervinpraison, Praison | 2 Praisonai, Praisonai | 2026-07-16 | 6.5 Medium |
| PraisonAI Platform before 0.1.9 fails to properly authorize label and issue-label mutations, allowing workspace members to rename and recolor shared labels and add or remove labels on owner-created issues. Attackers with workspace member privileges can exploit PATCH and POST/DELETE endpoints to alter shared label taxonomy and manipulate issue-label associations without owner or admin authorization. | ||||
| CVE-2026-15809 | 1 Redhat | 2 Confidential Compute Attestation, Openshift | 2026-07-16 | 7.8 High |
| A flaw was found in CRI-O. The fix for a previous vulnerability (CVE-2022-4318) was incorrect, allowing it to be bypassed. An attacker capable of setting environment variables on a container can inject a newline character into the HOME environment variable. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable. | ||||
| CVE-2026-15458 | 2 Cleverplugins, Wordpress | 2 Seo Booster, Wordpress | 2026-07-16 | 4.9 Medium |
| The SEO Booster plugin for WordPress is vulnerable to generic SQL Injection via the 'sort_field' parameter in all versions up to, and including, 7.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | ||||
| CVE-2026-50675 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-53366 | 1 Linux | 1 Linux Kernel | 2026-07-16 | N/A |
| In the Linux kernel, the following vulnerability has been resolved: ipv4: account for fraggap on the paged allocation path In __ip_append_data(), when the paged-allocation branch is taken, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen; pagedlen = datalen - transhdrlen; datalen already includes fraggap, but the fraggap bytes carried over from the previous skb are copied into the new skb's linear area at offset transhdrlen by the subsequent skb_copy_and_csum_bits(). The linear area is therefore undersized by fraggap bytes while pagedlen is overstated by the same amount. The non-paged branch sets alloclen to fraglen, which already accounts for fraggap because datalen does. Bring the paged branch in line by adding fraggap to alloclen and subtracting it from pagedlen. After this adjustment, copy no longer collapses to -fraggap on the paged path, so remove the stale comment describing that old arithmetic. | ||||
| CVE-2026-15336 | 2 Catchplugins, Wordpress | 2 Catch Themes Demo Import, Wordpress | 2026-07-16 | 4.3 Medium |
| The Catch Themes Demo Import plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 3.3. This is due to the catch_themes_demo_import_activate_plugin() function, hooked on admin_init when the activate_plugin GET parameter is present, calling Plugin_Upgrader::install() to download and install a plugin from WordPress.org before performing the current_user_can('activate_plugins') capability check. This makes it possible for authenticated attackers, with subscriber-level access and above, to install the hardcoded 'essential-content-types' plugin from the WordPress. | ||||
| CVE-2026-54988 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 6.1 Medium |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-55051 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-07-16 | 6.5 Medium |
| Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network. | ||||
| CVE-2026-55138 | 1 Microsoft | 10 365 Apps, Excel 2016, Microsoft Office 365 For Mac and 7 more | 2026-07-16 | 5.5 Medium |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-54124 | 1 Microsoft | 8 Terminal, Windows 10 21h2, Windows 10 22h2 and 5 more | 2026-07-16 | 7.8 High |
| Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-48335 | 2026-07-16 | 7.8 High | ||
| Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-48321 | 2026-07-16 | 9.3 Critical | ||
| ColdFusion is affected by an Incorrect Authorization vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized read and write access. Exploitation of this issue does not require user interaction. Scope is changed. | ||||