Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-8745 |
|
Vulnerability in c (CVE-2026-8745)
vulnerability in c (CVE-2026-8745). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8744 |
|
Vulnerability in c (CVE-2026-8744)
vulnerability in c (CVE-2026-8744). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8736 |
|
Path Traversal in path-traversal (CVE-2026-8736)
path traversal in path-traversal (CVE-2026-8736). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8734 |
|
Vulnerability in sqli (CVE-2026-8734)
vulnerability in sqli (CVE-2026-8734). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8735 |
|
Vulnerability in deserialization (CVE-2026-8735)
vulnerability in deserialization (CVE-2026-8735). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8731 |
|
Vulnerability in c (CVE-2026-8731)
vulnerability in c (CVE-2026-8731). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8730 |
|
Vulnerability in c (CVE-2026-8730)
vulnerability in c (CVE-2026-8730). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8729 |
|
Vulnerability in c (CVE-2026-8729)
vulnerability in c (CVE-2026-8729). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8728 |
|
Vulnerability in c (CVE-2026-8728)
vulnerability in c (CVE-2026-8728). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8719 |
|
Privilege Escalation in wordpress (CVE-2026-8719)
vulnerability in wordpress (CVE-2026-8719). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8724 |
|
Vulnerability in sqli (CVE-2026-8724)
vulnerability in sqli (CVE-2026-8724). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47981 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2021-47981)
cross-site scripting in csrf (CVE-2021-47981). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47976 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2021-47976)
vulnerability in csrf (CVE-2021-47976). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47978 |
|
Vulnerability in path-traversal (CVE-2021-47978)
vulnerability in path-traversal (CVE-2021-47978). Confidential information can be exposed externally.
|
| CVE-2021-47977 |
|
Path Traversal in wordpress (CVE-2021-47977)
path traversal in wordpress (CVE-2021-47977). Confidential information can be exposed externally.
|
| CVE-2021-47980 |
|
SQL Injection in sqli (CVE-2021-47980)
SQL injection in sqli (CVE-2021-47980). Confidential information can be exposed externally.
|
| CVE-2021-47973 |
|
Vulnerability in dos (CVE-2021-47973)
vulnerability in dos (CVE-2021-47973). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47972 |
|
Vulnerability in dos (CVE-2021-47972)
vulnerability in dos (CVE-2021-47972). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47971 |
|
Vulnerability in dos (CVE-2021-47971)
vulnerability in dos (CVE-2021-47971). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47970 |
|
Vulnerability in dos (CVE-2021-47970)
vulnerability in dos (CVE-2021-47970). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47969 |
|
Vulnerability in dos (CVE-2021-47969)
vulnerability in dos (CVE-2021-47969). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47957 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2021-47957)
cross-site scripting in wordpress (CVE-2021-47957). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47975 |
|
Cross-Site Scripting (XSS) in CVE-2021-47975 (CVE-2021-47975)
cross-site scripting in CVE-2021-47975 (CVE-2021-47975). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47934 |
|
Cross-Site Scripting (XSS) in CVE-2021-47934 (CVE-2021-47934)
cross-site scripting in CVE-2021-47934 (CVE-2021-47934). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47955 |
|
Cross-Site Scripting (XSS) in CVE-2021-47955 (CVE-2021-47955)
cross-site scripting in CVE-2021-47955 (CVE-2021-47955). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47952 |
|
Code Injection in deserialization (CVE-2021-47952)
code injection in deserialization (CVE-2021-47952). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47942 |
|
Path Traversal in path-traversal (CVE-2021-47942)
path traversal in path-traversal (CVE-2021-47942). Confidential information can be exposed externally.
|
| CVE-2021-47954 |
|
SQL Injection in sqli (CVE-2021-47954)
SQL injection in sqli (CVE-2021-47954). Confidential information can be exposed externally.
|
| CVE-2021-47956 |
|
SQL Injection in sqli (CVE-2021-47956)
SQL injection in sqli (CVE-2021-47956). Confidential information can be exposed externally.
|
| CVE-2020-37240 |
|
Cross-Site Scripting (XSS) in CVE-2020-37240 (CVE-2020-37240)
cross-site scripting in CVE-2020-37240 (CVE-2020-37240). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-37245 |
|
Cross-Site Scripting (XSS) in path-traversal (CVE-2020-37245)
cross-site scripting in path-traversal (CVE-2020-37245). Confidential information can be exposed externally.
|
| CVE-2020-37246 |
|
Vulnerability in path-traversal (CVE-2020-37246)
vulnerability in path-traversal (CVE-2020-37246). Confidential information can be exposed externally.
|
| CVE-2020-37242 |
|
SQL Injection in sqli (CVE-2020-37242)
SQL injection in sqli (CVE-2020-37242). Confidential information can be exposed externally.
|
| CVE-2020-37243 |
|
SQL Injection in sqli (CVE-2020-37243)
SQL injection in sqli (CVE-2020-37243). Confidential information can be exposed externally.
|
| CVE-2020-37244 |
|
SQL Injection in sqli (CVE-2020-37244)
SQL injection in sqli (CVE-2020-37244). Confidential information can be exposed externally.
|
| CVE-2020-37234 |
|
Vulnerability in dos (CVE-2020-37234)
vulnerability in dos (CVE-2020-37234). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-37233 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2020-37233)
cross-site scripting in wordpress (CVE-2020-37233). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-37235 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2020-37235)
cross-site scripting in wordpress (CVE-2020-37235). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-37236 |
|
Cross-Site Scripting (XSS) in CVE-2020-37236 (CVE-2020-37236)
cross-site scripting in CVE-2020-37236 (CVE-2020-37236). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-37237 |
|
Cross-Site Scripting (XSS) in CVE-2020-37237 (CVE-2020-37237)
cross-site scripting in CVE-2020-37237 (CVE-2020-37237). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-37238 |
|
Cross-Site Scripting (XSS) in CVE-2020-37238 (CVE-2020-37238)
cross-site scripting in CVE-2020-37238 (CVE-2020-37238). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-37227 |
|
Unrestricted File Upload in CVE-2020-37227 (CVE-2020-37227)
vulnerability in CVE-2020-37227 (CVE-2020-37227). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46703 |
|
Path Traversal in boxlite (CVE-2026-46703)
path traversal in boxlite (CVE-2026-46703). Successful exploitation can lead to full system takeover. Exploitable via ``apply_oci_layer``. Mitigation: upgrade to `0.9.0` or later.
|
| CVE-2026-8656 |
|
Cross-Site Scripting (XSS) in CVE-2026-8656 (CVE-2026-8656)
cross-site scripting in CVE-2026-8656 (CVE-2026-8656). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8696 |
|
Use-After-Free in dos (CVE-2026-8696)
vulnerability in dos (CVE-2026-8696). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-67031 |
|
Code Injection in CVE-2025-67031 (CVE-2025-67031)
code injection in CVE-2025-67031 (CVE-2025-67031). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8686 |
|
Out-of-Bounds Read in Amazon aws (CVE-2026-8686)
vulnerability in Amazon aws (CVE-2026-8686). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46367 |
|
Duplicate Advisory: phpMyFAQ: Stored XSS via Utils::parseUrl() in comment rendering
Duplicate Advisory: phpMyFAQ: Stored XSS via Utils::parseUrl() in comment rendering
|
| CVE-2026-4054 |
|
Vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4054)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4054). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.4.4` or later.
|
| CVE-2026-46407 |
|
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the backend admin/auth-token endpoint allows an authenticated administrator to...
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the backend admin/auth-token endpoint allows an authenticated administrator to load another administrator's REST API token list by supplying that user's admin_id. This can disclo...
|