Search
59,162 CVEs
CVEs (59,162, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 126–150 of 59,162 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2025-49265 | NONE | — | 2025-06-09 | Missing Authorization vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This … | |
| CVE-2025-49275 | NONE | — | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogbyte blogbyte allows PHP Local File In… | |
| CVE-2025-49276 | NONE | — | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogmine blogmine allows PHP Local File In… | |
| CVE-2025-49277 | NONE | — | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogprise blogprise allows PHP Local File … | |
| CVE-2025-49278 | NONE | — | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogty blogty allows PHP Local File Inclus… | |
| CVE-2025-49279 | NONE | — | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogvy blogvy allows PHP Local File Inclus… | |
| CVE-2025-49280 | NONE | — | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magty magty allows PHP Local File Inclusio… | |
| CVE-2025-49281 | NONE | — | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magways magways allows PHP Local File Incl… | |
| CVE-2025-49282 | NONE | — | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magze magze allows PHP Local File Inclusio… | |
| CVE-2025-49295 | CRITICAL | Patched | 9.8 | 2025-06-09 | Path Traversal: '.../...//' vulnerability in Mikado-Themes MediClinic mediclinic allows PHP Local File Inclusion.This issue affects MediClinic: from n/a through <= 2.1. |
| CVE-2025-49296 | CRITICAL | Patched | 9.8 | 2025-06-09 | Path Traversal: '.../...//' vulnerability in Mikado-Themes GrandPrix grandprix allows PHP Local File Inclusion.This issue affects GrandPrix: from n/a through <= 1.6. |
| CVE-2025-49297 | CRITICAL | Patched | 9.8 | 2025-06-09 | Path Traversal: '.../...//' vulnerability in Mikado-Themes Grill and Chow grillandchow allows PHP Local File Inclusion.This issue affects Grill and Chow: from n/a through <= 1.6. |
| CVE-2025-5886 | LOW | Patched | 3.5 | 2025-06-09 | A vulnerability was found in Emlog up to 2.5.7 and classified as problematic. This issue affects some unknown processing of the file /admin/article.php. The manipulation of… |
| CVE-2024-46452 | MEDIUM | 6.1 | 2025-06-09 | A Host Header injection vulnerability in the password reset function of VigyBag Open Source Online Shop commit 3f0e21b allows attackers to redirect victim users to a malici… | |
| CVE-2025-29627 | MEDIUM | 6.8 | 2025-06-09 | An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate privileges via the Biometric Authentication Module | |
| CVE-2025-45001 | HIGH | 7.5 | 2025-06-09 | react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native bi… | |
| CVE-2025-45002 | MEDIUM | Patched | 5.4 | 2025-06-09 | Vigybag v1.0 and before is vulnerable to Cross Site Scripting (XSS) via the upload profile picture function under my profile. |
| CVE-2025-46041 | MEDIUM | 5.4 | 2025-06-09 | A stored cross-site scripting (XSS) vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description field in the page creation … | |
| CVE-2025-49136 | CRITICAL | Patched | 9.0 | 2025-06-09 | listmonk is a standalone, self-hosted, newsletter and mailing list manager. Starting in version 4.0.0 and prior to version 5.0.2, the `env` and `expandenv` template functio… |
| CVE-2025-5887 | LOW | 3.5 | 2025-06-09 | A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the comp… | |
| CVE-2024-47081 | MEDIUM | Patched | 5.3 | 2025-06-09 | Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs… |
| CVE-2025-49651 | HIGH | 8.1 | 2025-06-09 | Missing Authorization in Lablup's BackendAI allows attackers to takeover all active sessions; Accessing, stealing, or altering any data accessible in the session. This vuln… | |
| CVE-2025-49652 | CRITICAL | 9.8 | 2025-06-09 | Missing Authentication in the registration feature of Lablup's BackendAI allows arbitrary users to create user accounts that can access private data even when registration … | |
| CVE-2025-49653 | HIGH | 8.0 | 2025-06-09 | Exposure of sensitive data in active sessions in Lablup's BackendAI allows attackers to retrieve credentials for users on the management platform. | |
| CVE-2025-5888 | MEDIUM | 4.3 | 2025-06-09 | A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation lea… |