Search
19,079 CVEs
CVEs (19,079, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 351–375 of 19,079 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2025-59388 | CRITICAL | Patched | 9.8 | 2026-03-12 | A use of hard-coded password vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to gain unauthorized ac… |
| CVE-2026-1182 | MEDIUM | Patched | 4.3 | 2026-03-12 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authent… |
| CVE-2026-3972 | HIGH | 8.8 | 2026-03-12 | A vulnerability was found in Tenda W3 1.0.0.3(2204). Affected by this issue is the function formSetCfm of the file /goform/setcfm of the component HTTP Handler. The manipul… | |
| CVE-2026-3973 | HIGH | 8.8 | 2026-03-12 | A vulnerability was determined in Tenda W3 1.0.0.3(2204). This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler.… | |
| CVE-2025-15037 | NONE | — | 2026-03-12 | An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local u… | |
| CVE-2025-15038 | NONE | — | 2026-03-12 | An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending … | |
| CVE-2026-1878 | NONE | — | 2026-03-12 | An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due … | |
| CVE-2026-3226 | MEDIUM | 4.3 | 2026-03-12 | The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized email notification triggering due to missing capability checks on all 10 functions … | |
| CVE-2026-3657 | HIGH | 7.5 | 2026-03-12 | The My Sticky Bar plugin for WordPress is vulnerable to SQL injection via the `stickymenu_contact_lead_form` AJAX action in all versions up to, and including, 2.8.6. This i… | |
| CVE-2026-3974 | HIGH | 8.8 | 2026-03-12 | A vulnerability was identified in Tenda W3 1.0.0.3(2204). This vulnerability affects the function formexeCommand of the file /goform/exeCommand of the component HTTP Handle… | |
| CVE-2026-3975 | HIGH | 8.8 | 2026-03-12 | A security flaw has been discovered in Tenda W3 1.0.0.3(2204). This issue affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet of the component PO… | |
| CVE-2026-3976 | HIGH | 8.8 | 2026-03-12 | A weakness has been identified in Tenda W3 1.0.0.3(2204). Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the component POST Parameter… | |
| CVE-2026-3977 | MEDIUM | 6.3 | 2026-03-12 | A security vulnerability has been detected in projectsend up to r1945. The affected element is an unknown function of the component AJAX Endpoints. The manipulation leads t… | |
| CVE-2026-3978 | HIGH | 8.8 | 2026-03-12 | A vulnerability was detected in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formEasySetupWizard3. The manipulation of the argument … | |
| CVE-2026-3979 | MEDIUM | 5.3 | 2026-03-12 | A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function js_iterator_concat_return of the file quickjs.c. This manipulation causes use after free… | |
| CVE-2026-3980 | HIGH | 7.3 | 2026-03-12 | A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patient_action.php. Such manipulati… | |
| CVE-2026-3981 | HIGH | 7.3 | 2026-03-12 | A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctor_action.php. Performing a manipulat… | |
| CVE-2026-3982 | MEDIUM | 4.3 | 2026-03-12 | A vulnerability was determined in itsourcecode University Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_result.php. Ex… | |
| CVE-2025-15473 | MEDIUM | Patched | 4.3 | 2026-03-12 | The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status… |
| CVE-2026-2687 | MEDIUM | Patched | 4.3 | 2026-03-12 | The Reading progressbar WordPress plugin before 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Sto… |
| CVE-2026-3983 | LOW | 3.5 | 2026-03-12 | A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The… | |
| CVE-2026-3984 | LOW | 3.5 | 2026-03-12 | A weakness has been identified in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This vulnerability affects unknown code of the file save_up_athle… | |
| CVE-2026-3990 | MEDIUM | 4.3 | 2026-03-12 | A security flaw has been discovered in CesiumGS CesiumJS up to 1.137.0. Affected by this issue is some unknown functionality of the file Apps/Sandcastle/standalone.html. Th… | |
| CVE-2026-3992 | MEDIUM | 6.3 | 2026-03-12 | A weakness has been identified in CodeGenieApp serverless-express up to 4.17.1. This affects an unknown part of the file utils/dynamodb.ts of the component Users Endpoint. … | |
| CVE-2026-3993 | MEDIUM | 4.3 | 2026-03-12 | A security vulnerability has been detected in itsourcecode Payroll Management System 1.0. This vulnerability affects unknown code of the file /manage_employee_deductions.ph… |