Search
6,811 CVEs
CVEs (6,811, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 76–100 of 6,811 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2022-50954 | MEDIUM | 6.2 | 2026-05-10 | WordPress Plugin cab-fare-calculator 1.0.3 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the c… | |
| CVE-2022-50955 | MEDIUM | 4.3 | 2026-05-10 | WordPress Plugin Curtain 1.0.2 contains a cross-site request forgery vulnerability that allows attackers to activate or deactivate site maintenance mode by crafting malicio… | |
| CVE-2022-50956 | MEDIUM | 6.2 | 2026-05-10 | WordPress Plugin amministrazione-aperta 3.7.3 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insuffici… | |
| CVE-2022-50957 | MEDIUM | 6.1 | 2026-05-10 | Drupal avatar_uploader 7.x-1.0-beta8 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulati… | |
| CVE-2022-50958 | MEDIUM | 6.1 | 2026-05-10 | WordPress Plugin Jetpack 9.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the p… | |
| CVE-2022-50959 | MEDIUM | 6.1 | 2026-05-10 | WordPress Contact Form Builder 1.6.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting… | |
| CVE-2022-50960 | MEDIUM | 6.1 | 2026-05-10 | WordPress International SMS for Contact Form 7 Integration version 1.2 contains a reflected cross-site scripting vulnerability in the page parameter of the admin settings i… | |
| CVE-2022-50961 | MEDIUM | 6.4 | 2026-05-10 | WordPress Plugin IP2Location Country Blocker 2.26.7 contains a stored cross-site scripting vulnerability that allows authenticated users to inject arbitrary JavaScript code… | |
| CVE-2022-50962 | MEDIUM | 6.1 | 2026-05-10 | uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the orders/myOrders module. The date_created, date_from, date_to, and created_at parameters in … | |
| CVE-2022-50963 | MEDIUM | 6.1 | 2026-05-10 | uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The date_created, date_from, date_to, and created… | |
| CVE-2022-50964 | MEDIUM | 6.1 | 2026-05-10 | uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/loose module. The date_created, date_from, date_to, and created_… | |
| CVE-2022-50965 | MEDIUM | 6.1 | 2026-05-10 | uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the posts/manage module. The date_created, date_from, date_to, and created_at parameters in the… | |
| CVE-2022-50966 | MEDIUM | 6.1 | 2026-05-10 | uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the news/manage module. The date_created, date_from, date_to, and created_at parameters in the … | |
| CVE-2022-50967 | MEDIUM | 6.1 | 2026-05-10 | uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The date_created, date_from, date_to, and created_at parameters in t… | |
| CVE-2022-50968 | MEDIUM | 6.1 | 2026-05-10 | uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The date_created, date_from, date_to, and created_at parameters in … | |
| CVE-2022-50969 | MEDIUM | 6.1 | 2026-05-10 | uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the backend/mailingLog/manage module. The date_created, date_from, date_to, and created_at para… | |
| CVE-2022-50970 | MEDIUM | 5.4 | 2026-05-10 | WordPress Plugin AAWP 3.16 contains a reflected cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the tab p… | |
| CVE-2026-45179 | MEDIUM | Patched | 5.3 | 2026-05-10 | Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured (for example, by send… |
| CVE-2026-45180 | HIGH | 7.5 | 2026-05-10 | Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids. If the communication channel to the statsd daemon is not secured (for example, by sending U… | |
| CVE-2026-45190 | MEDIUM | Patched | 6.5 | 2026-05-10 | Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newli… |
| CVE-2026-45191 | MEDIUM | Patched | 6.5 | 2026-05-10 | Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/0… |
| CVE-2026-8177 | HIGH | 7.5 | 2026-05-10 | XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in th… | |
| CVE-2026-8248 | MEDIUM | Patched | 4.3 | 2026-05-10 | A vulnerability was detected in Open5GS up to 2.7.7. The affected element is the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the comp… |
| CVE-2026-8249 | MEDIUM | Patched | 4.3 | 2026-05-10 | A flaw has been found in Open5GS up to 2.7.7. The impacted element is the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the component S… |
| CVE-2026-8250 | MEDIUM | Patched | 4.3 | 2026-05-10 | A vulnerability has been found in Open5GS up to 2.7.7. This affects the function smf_n4_build_qos_flow_to_modify_list of the file /src/smf/n4-build.c of the component SMF. … |