Search
1,463 CVEs
CVEs (1,463, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 451–475 of 1,463 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2019-25726 | HIGH | 8.2 | 2026-06-04 | All in One Video Downloader 1.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code t… | |
| CVE-2019-25727 | CRITICAL | 9.8 | 2026-06-04 | WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating th… | |
| CVE-2019-25728 | HIGH | 8.2 | 2026-06-04 | Care2x 2.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by manipulating the ck_config cookie param… | |
| CVE-2019-25729 | CRITICAL | 9.8 | 2026-06-04 | PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the… | |
| CVE-2019-25730 | HIGH | 8.2 | 2026-06-04 | Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id… | |
| CVE-2019-25731 | HIGH | 7.2 | 2026-06-04 | Zuz Music 2.1 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious JavaScript by submitting crafted contact fo… | |
| CVE-2019-25732 | HIGH | 8.2 | 2026-06-04 | PHP EI-Tube Script 3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the … | |
| CVE-2019-25733 | HIGH | 8.4 | 2026-06-04 | NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious i… | |
| CVE-2019-25734 | MEDIUM | 4.0 | 2026-06-04 | Contact Form by WD 1.13.1 contains a cross-site request forgery vulnerability combined with local file inclusion that allows unauthenticated attackers to include arbitrary … | |
| CVE-2019-25735 | HIGH | 8.4 | 2026-06-04 | AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an exces… | |
| CVE-2019-25736 | HIGH | 8.4 | 2026-06-04 | LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP f… | |
| CVE-2019-25737 | HIGH | 7.2 | 2026-06-04 | Live Chat Unlimited 2.8.3 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the chat input fiel… | |
| CVE-2019-25738 | CRITICAL | 9.8 | 2026-06-04 | WordPress Hybrid Composer 1.4.6 contains an unauthenticated settings change vulnerability that allows unauthenticated attackers to modify WordPress options by exploiting th… | |
| CVE-2019-25739 | MEDIUM | 6.4 | 2026-06-04 | GigToDo 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript and HTML code through the proposal d… | |
| CVE-2019-25740 | MEDIUM | 6.5 | 2026-06-04 | Joomla com_jsjobs 1.2.6 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating custom userfield parameters. A… | |
| CVE-2019-25741 | CRITICAL | 9.8 | 2026-06-04 | Mobatek MobaXterm 12.1 contains a structured exception handling (SEH) based buffer overflow vulnerability in the username field of session files that allows remote attacker… | |
| CVE-2019-25742 | MEDIUM | 6.4 | 2026-06-04 | WordPress Theme Zoner Real Estate 4.1.1 contains a persistent cross-site scripting vulnerability that allows authenticated agents to inject malicious scripts through the Ad… | |
| CVE-2019-25743 | MEDIUM | 6.4 | 2026-06-04 | WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script … | |
| CVE-2019-25744 | MEDIUM | 6.4 | 2026-06-04 | WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of opt… | |
| CVE-2019-25745 | HIGH | 8.2 | 2026-06-04 | WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by in… | |
| CVE-2025-46638 | HIGH | 7.5 | 2026-06-04 | Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerabi… | |
| CVE-2025-59874 | HIGH | 8.1 | 2026-06-04 | HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential di… | |
| CVE-2025-62338 | LOW | 3.3 | 2026-06-04 | HCL BigFix Cloud Lifecycle Management is affected by lack of input validation. This low-level flaw allows unauthorized access and may lead to information exposure. | |
| CVE-2026-10806 | MEDIUM | 6.3 | 2026-06-04 | A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/add_post.php. Performing a manipul… | |
| CVE-2026-10807 | MEDIUM | 6.3 | 2026-06-04 | A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/change_profile_image.php. Ex… |