Export limit exceeded: 360938 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360938 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56023 | 2026-06-25 | 5.4 Medium | ||
| Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce <= 1.6.2 versions. | ||||
| CVE-2026-56014 | 2026-06-25 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions. | ||||
| CVE-2026-56013 | 2026-06-25 | 6.5 Medium | ||
| Unauthenticated Insecure Direct Object References (IDOR) in License Manager for WooCommerce <= 3.0.15 versions. | ||||
| CVE-2026-56006 | 2026-06-25 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in H5P <= 1.17.6 versions. | ||||
| CVE-2026-56005 | 2026-06-25 | 7.1 High | ||
| Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions. | ||||
| CVE-2026-54849 | 2026-06-25 | 9.3 Critical | ||
| Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions. | ||||
| CVE-2026-54845 | 2026-06-25 | 8.1 High | ||
| Unauthenticated Local File Inclusion in MDTF <= 1.3.8 versions. | ||||
| CVE-2026-54844 | 2026-06-25 | 7.5 High | ||
| Unauthenticated Broken Access Control in CheckView Automated Testing <= 2.1.0 versions. | ||||
| CVE-2026-54841 | 2026-06-25 | 7.5 High | ||
| Unauthenticated Sensitive Data Exposure in Vitepos <= 3.4.2 versions. | ||||
| CVE-2026-54838 | 2026-06-25 | 8.5 High | ||
| Subscriber SQL Injection in WC Vendors Marketplace <= 2.6.8 versions. | ||||
| CVE-2026-54830 | 2026-06-25 | 7.5 High | ||
| Unauthenticated Broken Access Control in Five Star Restaurant Reservations <= 2.7.19 versions. | ||||
| CVE-2026-54828 | 2026-06-25 | 7.5 High | ||
| Unauthenticated Broken Access Control in Motors <= 1.4.109 versions. | ||||
| CVE-2026-54823 | 2026-06-25 | 9.9 Critical | ||
| Contributor Remote Code Execution (RCE) in Widget Options <= 4.2.3 versions. | ||||
| CVE-2026-54822 | 2026-06-25 | 8.5 High | ||
| Subscriber SQL Injection in SALESmanago & Leadoo <= 3.11.2 versions. | ||||
| CVE-2026-54821 | 2026-06-25 | 7.4 High | ||
| Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.3.1 versions. | ||||
| CVE-2026-27366 | 2026-06-25 | 7.5 High | ||
| Unauthenticated Broken Access Control in MainWP Child <= 6.1.1 versions. | ||||
| CVE-2026-11998 | 2026-06-25 | 7.6 High | ||
| A flaw in AngularJS' Strict Contextual Escaping (SCE) logic allows bypassing certain SCE policies for resource URLs and can lead to arbitrary JavaScript execution within the context of the victim's browser session. SCE's purpose is to ensure that only trusted or safe values are used in certain security-sensitive contexts, such as resource URLs, including URLs that define executable JavaScript scripts, '<iframe>' documents, route templates, etc. A flaw in the logic that tries to match entire URLs against regular expression matchers can result in partial matches for certain types of regular expressions, effectively bypassing the policies and allowing the use of unsafe values as resource URLs. This issue affects AngularJS versions greater than or equal to 1.2.0-rc.3. Note: The AngularJS project was already End-of-Life when this CVE was published and will not receive any updates to address this issue. For more information see the End-of-Life announcement https://docs.angularjs.org/misc/version-support-status . | ||||
| CVE-2026-52809 | 1 Gogs | 1 Gogs | 2026-06-25 | 6.8 Medium |
| Gogs is an open source self-hosted Git service. Prior to 0.14.3, password-reset tokens are generated using conf.Auth.ActivateCodeLives (the account-activation lifetime), not conf.Auth.ResetPasswordCodeLives. The token lifetime is baked into the token itself at generation time and is re-extracted from the token at verification time, making RESET_PASSWORD_CODE_LIVES irrelevant to actual enforcement. When an administrator configures a shorter reset window (e.g., 10 minutes) for compliance or security reasons, reset tokens remain exploitable for the full activation lifetime instead, while the reset email falsely advertises the shorter expiry. This vulnerability is fixed in 0.14.3. | ||||
| CVE-2026-11379 | 1 Gitlab | 1 Gitlab | 2026-06-25 | 5.3 Medium |
| GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under certain conditions. | ||||
| CVE-2026-10642 | 1 Zephyrproject | 1 Zephyr | 2026-06-25 | 6.5 Medium |
| The Zephyr PL011 UART driver (drivers/serial/uart_pl011.c) contains an unbounded software loop in pl011_irq_tx_enable() that repeatedly invokes the interrupt-driven application callback while the TX interrupt mask bit (PL011_IMSC_TXIM) is set, to work around the controller's level-transition TX-interrupt behavior. When CTS hardware flow control is enabled (devicetree hw-flow-control or runtime UART_CFG_FLOW_CTRL_RTS_CTS) and the wired serial peer de-asserts CTS, the controller stops draining the TX FIFO; pl011_fifo_fill() then returns 0 on every call while the application still has pending data and therefore never disables the TX interrupt. The loop condition never clears, so the thread that called uart_irq_tx_enable() (e.g. h4_send() in the Bluetooth HCI H4 driver) spins indefinitely, hanging the executing context and stalling the transport — a denial of service (CWE-835). An attacker controlling the device attached to the UART's CTS line can trigger the hang by withholding CTS during transmission. Impact is availability only; there is no memory-safety, confidentiality, or integrity consequence. The vulnerable loop was introduced in commit b783bc8448ef (Feb 2025) and shipped in releases v4.1.0 through v4.4.0. The fix breaks out of the loop when CTS is blocking and arms the CTS modem-status interrupt to resume transmission when CTS re-asserts. | ||||