Export limit exceeded: 361563 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361563 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-54193 | 2 Themefusion, Wordpress | 2 Fusion Builder, Wordpress | 2026-06-17 | 7.7 High |
| Contributor Arbitrary File Deletion in Fusion Builder <= 3.15.4 versions. | ||||
| CVE-2026-54417 | 1 Rxi | 1 Microtar | 2026-06-17 | 7.5 High |
| An integer overflow in the mtar_next() function in src/microtar.c in rxi microtar 0.1.0 allows a remote attacker to cause a denial of service (uncontrolled CPU consumption / infinite loop) via a crafted tar archive. mtar_next() computes the offset to the next record as round_up(h.size, 512) + sizeof(mtar_raw_header_t) using 32-bit arithmetic. When the header size field is a multiple of 512 in the range 0xFFFFFC01-0xFFFFFE00 (e.g. 0xFFFFFE00), the addition wraps to 0, so mtar_next() seeks to the current record position instead of advancing. As a result, mtar_find() and any loop that iterates entries with mtar_next() repeat indefinitely over the same record, hanging the process at 100% CPU with no recovery. | ||||
| CVE-2026-54816 | 2 Monetizemore, Wordpress | 2 Advanced Ads, Wordpress | 2026-06-17 | 7.5 High |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21. | ||||
| CVE-2025-15657 | 2 Mojoomla, Wordpress | 2 School Management, Wordpress | 2026-06-17 | 5.3 Medium |
| Unauthenticated Insecure Direct Object References (IDOR) in School Management <= 93.1.0 versions. | ||||
| CVE-2026-52716 | 2 Purethemes, Wordpress | 2 Workscout Core, Wordpress | 2026-06-17 | 6.5 Medium |
| Unauthenticated Arbitrary File Deletion in WorkScout-Core <= 1.7.11 versions. | ||||
| CVE-2026-54818 | 2 Veronalabs, Wordpress | 2 Slimstat Analytics, Wordpress | 2026-06-17 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs Slimstat Analytics allows Blind SQL Injection. This issue affects Slimstat Analytics: from n/a through 5.4.11. | ||||
| CVE-2026-54817 | 2 Fluxbuilder, Wordpress | 2 Mstore Api, Wordpress | 2026-06-17 | 6.5 Medium |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API allows Password Recovery Exploitation. This issue affects MStore API: from n/a through 4.18.4. | ||||
| CVE-2026-55738 | 1 Rxi | 1 Microtar | 2026-06-17 | 8.8 High |
| A stack-based buffer overflow exists in the raw_to_header() function in src/microtar.c in rxi microtar 0.1.0. The function copies the 100-byte name and linkname fields of a TAR header with strcpy() without guaranteeing null termination of the source. The POSIX ustar format permits these fixed-width fields to be fully populated with non-null bytes, so a crafted archive whose linkname field (followed by the trailing padding of the 512-byte raw header) contains no null terminator causes strcpy() to read past the end of the 512-byte raw header stack buffer and to write past the destination header buffer. A remote attacker who supplies a crafted TAR archive that the victim opens or parses (via mtar_open(), mtar_read_header(), or mtar_find()) can cause an out-of-bounds read and a stack buffer overflow, resulting in denial of service (crash) and potentially arbitrary code execution. Confirmed with AddressSanitizer: stack-buffer-overflow READ of size 356 in raw_to_header at src/microtar.c:112. | ||||
| CVE-2026-10641 | 1 Zephyrproject | 1 Zephyr | 2026-06-17 | 7.1 High |
| Zephyr's Bluetooth Classic Hands-Free Profile (HFP) Hands-Free role parser (subsys/bluetooth/host/classic/hfp_hf.c) contains an out-of-bounds write. During Service Level Connection setup the HF sends AT+CIND=? and parses the AG's +CIND: response in cind_handle(), which assigns a per-entry counter index and calls cind_handle_values() for each list element. cind_handle_values() then wrote hf-ind_table[index] = i without verifying that index is within the 20-element int8_t ind_table[] array of struct bt_hfp_hf. Because the parser places no cap on the number of +CIND: list entries, a remote Attendant Gateway (a malicious, compromised, or spoofed peer the device connects to over Bluetooth) can send a response with more than 20 recognized indicator entries and drive index arbitrarily large, writing a small attacker-positioned value past the array into adjacent struct fields (feature masks, SDP/version state, the calls[] array, work/atomic bookkeeping) and potentially beyond the static connection pool slot. This yields memory corruption and at least denial of service of the Bluetooth host, triggered by a single malformed AT response with no user interaction. The sibling consumer ag_indicator_handle_values() already performed the equivalent bounds check; this commit adds the same index = ARRAY_SIZE(hf-ind_table) guard to close the gap. Affects builds with CONFIG_BT_HFP_HF enabled; introduced with the original HFP HF CIND parser (~v1.7) and present through v4.4.0. | ||||
| CVE-2026-10850 | 1 Plane | 1 Plane | 2026-06-17 | N/A |
| Plane CE 1.3.1 allows a low-privileged project member to submit arbitrary HTML/JS in the description_html field when creating an intake work item through the API v1 intake endpoint. | ||||
| CVE-2026-47340 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | 6.5 Medium |
| Allow authenticated users to access alert instances associated with alert groups they do not have permission to access. in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2024-24709 | 2 Shareaholic, Wordpress | 2 Shareaholic, Wordpress | 2026-06-17 | 4.3 Medium |
| Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shareaholic: from n/a through 9.7.11. | ||||
| CVE-2026-32967 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | 6.5 Medium |
| Incorrect Authorization vulnerability of `/v2` experimental interface in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2026-34888 | 2 Bricksforge, Wordpress | 2 Bricksforge, Wordpress | 2026-06-17 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in Bricksforge <= 3.1.8.4 versions. | ||||
| CVE-2026-24611 | 2 Wordpress, Wpmet | 2 Wordpress, Metform Pro | 2026-06-17 | 9.1 Critical |
| Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions. | ||||
| CVE-2026-24610 | 2 Wordpress, Wpmet | 2 Wordpress, Metform Pro | 2026-06-17 | 4.3 Medium |
| Subscriber Broken Access Control in MetForm Pro <= 3.9.1 versions. | ||||
| CVE-2026-27410 | 2 Veronalabs, Wordpress | 2 Slimstat Analytics, Wordpress | 2026-06-17 | 6.5 Medium |
| Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions. | ||||
| CVE-2026-39595 | 2 Boldgrid, Wordpress | 2 W3 Total Cache, Wordpress | 2026-06-17 | 4.7 Medium |
| Author Broken Access Control in W3 Total Cache <= 2.9.1 versions. | ||||
| CVE-2024-32729 | 2 Quantumcloud, Wordpress | 2 Conversational Forms For Chatbot, Wordpress | 2026-06-17 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal. This issue affects Conversational Forms for ChatBot: from n/a through 1.1.8. | ||||
| CVE-2026-40723 | 2 Bricks, Wordpress | 2 Bricks Builder, Wordpress | 2026-06-17 | 4.3 Medium |
| Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions. | ||||