Export limit exceeded: 365158 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365158 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365158 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365158 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-11571 | 2026-07-13 | 7.5 High | ||
| The Everest Forms WordPress plugin before 3.5.0 does not reliably delete temporary CSV files generated during email-notification processing and leaves them publicly accessible in the uploads directory, allowing unauthenticated attackers to retrieve other users' form submission records via predictable, enumerable filenames. | ||||
| CVE-2026-11869 | 2026-07-13 | 5.3 Medium | ||
| The WP DSGVO Tools (GDPR) WordPress plugin before 3.1.40 does not perform an authorization check on the immediate-processing path of its data subject access request feature, allowing unauthenticated attackers to generate and download the full personal-data export (including name, postal address, phone number, email, and comment content) of any user, customer, or commenter by supplying their email address. | ||||
| CVE-2026-11875 | 2026-07-13 | 5.3 Medium | ||
| The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sign or verify its guest-session cookie, allowing unauthenticated attackers to forge it and impersonate any ticket owner (identified by email address) to read, reply to, and close that person's support tickets. | ||||
| CVE-2026-12516 | 2026-07-13 | 5.3 Medium | ||
| The Fediverse Embeds WordPress plugin before 1.5.8 does not validate the destination of the server-side request performed by an unauthenticated media-proxying endpoint, allowing anonymous users to make the site fetch arbitrary URLs, including internal and private-network addresses, and read back the response body. This results in a full-read Server-Side Request Forgery and open proxy. | ||||
| CVE-2026-12517 | 2026-07-13 | 5.3 Medium | ||
| The Fediverse Embeds WordPress plugin before 1.5.8 does not validate the destination of the server-side request performed by an unauthenticated site-info endpoint before fetching it, allowing anonymous users (the gating nonce is exposed on public pages carrying an embed) to make the site request internal and private-network URLs and read back the parsed page metadata. This is a Server-Side Request Forgery. | ||||
| CVE-2026-47830 | 1 Cloudfoundry | 1 Bosh-windows-stemcell-builder | 2026-07-13 | N/A |
| Incorrect Permission Assignment in BOSH.Utils.psm1 in BOSH-Ecosystem bosh-windows-stemcell-builder allows low-privilege authenticated users to overwrite C:\bosh\service_wrapper.exe or C:\bosh\bosh-agent.exe and gain NT AUTHORITY\SYSTEM on the next service restart or reboot. This can lead to full host control. Affected versions: bosh-windows-stemcell-builder versions prior to v2019.98. | ||||
| CVE-2026-47831 | 1 Cloudfoundry | 1 Bosh-windows-stemcell-builder | 2026-07-13 | N/A |
| Use of a cryptographically weak random number generator in the GenerateRandomPassword function in bosh-windows-stemcell-builder allows a remote attacker to brute-force the resulting SSH login via TCP/22. Affected versions: bosh-windows-stemcell-builder versions prior to v2019.98. | ||||
| CVE-2026-47840 | 1 Cloudfoundry | 2 Cf-deployment, Uaa | 2026-07-13 | 7.5 High |
| A network attacker positioned between UAA and its LDAP directory can impersonate the directory using any certificate from any trusted CA, then harvest the LDAP bind password and every end-user password sent during simple-bind authentication, and return forged group memberships that grant themselves admin scopes. This affects every deployment that authenticates users against LDAP over StartTLS. Affected versions: UAA versions prior to v78.13.0; Cf-deployment versions prior to v56.2.0. | ||||
| CVE-2026-15544 | 1 Shibby | 1 Tomato | 2026-07-13 | 8.8 High |
| A vulnerability was determined in Shibby Tomato up to 1.28.0000. Affected is the function getupsvar of the file www/apcupsd/tomatodata.cgi of the component apcupsd. This manipulation of the argument Field causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. This project is superseded by FreshTomato. | ||||
| CVE-2026-57830 | 2026-07-13 | N/A | ||
| The Joomla extension Helix Ultimate is vulnerable to an unauthenticated arbitrary file deletion. | ||||
| CVE-2026-58304 | 1 Samsung Open Source | 1 Escargot | 2026-07-13 | 6.1 Medium |
| Out-of-bounds read, Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: before 779f6bedf58f334dec64b0a51ebb724b4708b84a. | ||||
| CVE-2026-58307 | 1 Samsung Open Source | 1 Escargot | 2026-07-13 | 6.1 Medium |
| Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c. | ||||
| CVE-2026-57829 | 2026-07-13 | N/A | ||
| The Joomla extension Helix Ultimate is vulnerable to an unauthenticated stored XSS. | ||||
| CVE-2026-14261 | 1 Xerte | 1 Xerte Online Tools | 2026-07-13 | 9.1 Critical |
| A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control. | ||||
| CVE-2026-54800 | 1 Siemens | 2 Cpci85 Central Processing\/communication, Sicore Base System | 2026-07-13 | 4.8 Medium |
| A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application ships with a default configuration that disables all OPC UA security mechanisms. This could allow an attacker to gain unauthorized access and control over critical system functions. | ||||
| CVE-2026-13462 | 1 Payrange | 1 Payrange | 2026-07-13 | 7.5 High |
| PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends. | ||||
| CVE-2026-14165 | 2026-07-13 | 7.5 High | ||
| An Authorization Bypass Through User-Controlled Key vulnerability affecting Tuleap Enterprise Edition from 17.0 through 17.5 could allow an attacker to access data of other users without authorization. | ||||
| CVE-2026-15542 | 1 Will-moss | 1 Isaiah | 2026-07-13 | 7.3 High |
| A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authentication. The manipulation leads to improper authentication. The attack can be initiated remotely. The pull request to fix this issue awaits acceptance. | ||||
| CVE-2026-39244 | 2026-07-13 | 7.5 High | ||
| adm-zip before 0.5.18 is vulnerable to denial of service via a crafted ZIP file with a manipulated uncompressed size header field. In zipEntry.js line 103, Buffer.alloc(_centralHeader.size) allocates memory based on the declared uncompressed size from the ZIP central directory header without validating it against the actual compressed data size or imposing any upper bound. The size value is read directly from the binary header at entryHeader.js line 266 with no bounds check. An attacker can craft a ~120-byte ZIP file that declares ~4GB uncompressed size, causing a memory allocation amplification ratio of over 33 million to 1. The allocation occurs before CRC validation, so the malicious payload cannot be rejected early. All extraction and read methods are affected: readFile(), readAsText(), extractEntryTo(), extractAllTo(), extractAllToAsync(), test(), and entry.getData(). Any application accepting untrusted ZIP files via adm-zip is vulnerable to immediate process crash. | ||||
| CVE-2026-21039 | 1 Samsung | 1 Mobile Devices | 2026-07-13 | N/A |
| Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings. | ||||