Export limit exceeded: 335194 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (335194 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10938 | 2 Moneytigo, Wordpress | 2 Ovri Payment, Wordpress | 2026-02-27 | 6.5 Medium |
| The OVRI Payment plugin for WordPress contains malicious .htaccess files in version 1.7.0. The files contain directives to prevent the execution of certain scripts while allowing execution of known malicious PHP files. If moved outside of the plugin's directory, they may interfere with the proper function of a site. | ||||
| CVE-2019-25312 | 1 Inoideas | 1 Inoerp | 2026-02-27 | 6.4 Medium |
| InoERP 0.7.2 contains a persistent cross-site scripting vulnerability in the comment section that allows unauthenticated attackers to inject malicious scripts. Attackers can submit comments with JavaScript payloads that execute in other users' browsers, potentially stealing cookies and session information. | ||||
| CVE-2026-23518 | 1 Fleetdm | 1 Fleet | 2026-02-27 | 9.8 Critical |
| Fleet is open source device management software. In versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, a vulnerability in Fleet's Windows MDM enrollment flow could allow an attacker to submit forged authentication tokens that are not properly validated. Because JWT signatures were not verified, Fleet could accept attacker-controlled identity claims, enabling enrollment of unauthorized devices under arbitrary Azure AD user identities. Versions 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 fix the issue. If an immediate upgrade is not possible, affected Fleet users should temporarily disable Windows MDM. | ||||
| CVE-2020-37196 | 1 Nsasoft | 2 Domain Name Search Software, Nsauditor Dnss Domain Name Search Software | 2026-02-27 | 7.5 High |
| Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by providing an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash. | ||||
| CVE-2019-25346 | 1 Kostasmitroglou | 2 Password Management Application, Thesystem | 2026-02-27 | 7.1 High |
| TheSystem 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the 'server_name' parameter. Attackers can inject malicious SQL code like ' or '1=1 to retrieve unauthorized database records and potentially access sensitive system information. | ||||
| CVE-2026-24497 | 1 Simtech Systems | 1 Thinkwise | 2026-02-27 | N/A |
| Stack-based Buffer Overflow vulnerability in SimTech Systems, Inc. ThinkWise allows Remote Code Inclusion.This issue affects ThinkWise: from 7 through 23. | ||||
| CVE-2026-23747 | 1 Golioth | 1 Firmware Sdk | 2026-02-27 | 3.7 Low |
| Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payload_as_int() and golioth_payload_as_float() helpers copy network-supplied payload data into fixed-size stack buffers using memcpy() with a length derived from payload_size. The only length checks are guarded by assert(); in release builds, the asserts are compiled out and memcpy() may copy an unbounded payload_size. Payloads larger than 12 bytes (int) or 32 bytes (float) can overflow the stack, resulting in a crash/denial of service. This is reachable via LightDB State on_payload with a malicious server or MITM. | ||||
| CVE-2026-23748 | 1 Golioth | 1 Firmware Sdk | 2026-02-27 | 3.7 Low |
| Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bounds read in LightDB State string parsing. When processing a string payload, a payload_size value less than 2 can cause a size_t underflow when computing the number of bytes to copy (nbytes). The subsequent memcpy() reads past the end of the network buffer, which can crash the device. The condition is reachable from on_payload, and golioth_payload_is_null() does not block payload_size==1. A malicious server or MITM can trigger a denial of service. | ||||
| CVE-2026-2428 | 2 Techjewel, Wordpress | 2 Fluent Forms Pro Add On Pack, Wordpress | 2026-02-27 | 7.5 High |
| The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN (Instant Payment Notification) verification being disabled by default (`disable_ipn_verification` defaults to `'yes'` in `PayPalSettings.php`). This makes it possible for unauthenticated attackers to send forged PayPal IPN notifications to the publicly accessible IPN endpoint, marking unpaid form submissions as "paid" and triggering post-payment automation (emails, access grants, digital product delivery). | ||||
| CVE-2026-3286 | 1 Itwanger | 1 Paicoding | 2026-02-27 | 6.3 Medium |
| A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the argument img leads to server-side request forgery. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-1558 | 2 Brechtvds, Wordpress | 2 Wp Recipe Maker, Wordpress | 2026-02-27 | 5.3 Medium |
| The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference (IDOR) in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permission_callback being set to __return_true and a lack of subsequent authorization or ownership checks on the user-supplied recipeId. This makes it possible for unauthenticated attackers to overwrite arbitrary post metadata (wprm_instacart_combinations) for any post ID on the site via the recipeId parameter. | ||||
| CVE-2026-3301 | 1 Totolink | 2 N300rh, N300rh Firmware | 2026-02-27 | 9.8 Critical |
| A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os command injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-27653 | 1 Soliton Systems K.k. | 3 Soliton Securebrowser For Onegate, Soliton Securebrowser Ii, Soliton Secureworkspace (formerly Wrappingbox) | 2026-02-27 | N/A |
| The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow arbitrary code to be executed with SYSTEM privileges. | ||||
| CVE-2025-14040 | 2 Themesuite, Wordpress | 2 Automotive Car Dealership Business Wordpress Theme, Wordpress | 2026-02-27 | 6.4 Medium |
| The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in the 'action_text', 'action_button_text', 'action_link', and 'action_class' custom fields. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-14149 | 2 Wordpress, Xpro | 2 Wordpress, Xpro Addons — 140+ Widgets For Elementor | 2026-02-27 | 6.4 Medium |
| The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Scroller widget box link attribute in all versions up to, and including, 1.4.24 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-12981 | 2 Dreamstechnologies, Wordpress | 2 Listee, Wordpress | 2026-02-27 | 9.8 Critical |
| The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user registration function that fails to properly sanitize the user_role parameter. This makes it possible for unauthenticated attackers to register as Administrator by manipulating the user_role parameter during registration. | ||||
| CVE-2025-15509 | 1 Vivo | 1 Smartremote | 2026-02-27 | N/A |
| The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage. | ||||
| CVE-2025-15567 | 1 Vivo | 1 Health | 2026-02-27 | N/A |
| Insufficient protection mechanisms in the Health Module may lead to partial information disclosure. | ||||
| CVE-2026-0980 | 2 Red Hat, Redhat | 2 Red Hat Satellite 6, Satellite | 2026-02-27 | 8.3 High |
| A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system. | ||||
| CVE-2026-27776 | 1 Ntt Data Intramart | 1 Intra-mart Accel Platform | 2026-02-27 | N/A |
| IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed when some crafted file is imported by a user with the administrative privilege. | ||||