Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2016-20080 |
|
Vulnerability in wordpress (CVE-2016-20080)
vulnerability in wordpress (CVE-2016-20080). Confidential information can be exposed externally.
|
| CVE-2016-20079 |
|
Vulnerability in wordpress (CVE-2016-20079)
vulnerability in wordpress (CVE-2016-20079). Confidential information can be exposed externally.
|
| CVE-2016-20078 |
|
Vulnerability in wordpress (CVE-2016-20078)
vulnerability in wordpress (CVE-2016-20078). Confidential information can be exposed externally.
|
| CVE-2016-20083 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20083)
vulnerability in wordpress (CVE-2016-20083). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20076 |
|
Path Traversal in wordpress (CVE-2016-20076)
path traversal in wordpress (CVE-2016-20076). Confidential information can be exposed externally.
|
| CVE-2016-20073 |
|
SQL Injection in wordpress (CVE-2016-20073)
SQL injection in wordpress (CVE-2016-20073). Confidential information can be exposed externally.
|
| CVE-2016-20072 |
|
SQL Injection in wordpress (CVE-2016-20072)
SQL injection in wordpress (CVE-2016-20072). Confidential information can be exposed externally.
|
| CVE-2016-20071 |
|
SQL Injection in wordpress (CVE-2016-20071)
SQL injection in wordpress (CVE-2016-20071). Confidential information can be exposed externally.
|
| CVE-2016-20070 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2016-20070)
cross-site scripting in wordpress (CVE-2016-20070). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20069 |
|
SQL Injection in wordpress (CVE-2016-20069)
SQL injection in wordpress (CVE-2016-20069). Confidential information can be exposed externally.
|
| CVE-2016-20068 |
|
SQL Injection in wordpress (CVE-2016-20068)
SQL injection in wordpress (CVE-2016-20068). Confidential information can be exposed externally.
|
| CVE-2016-20066 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2016-20066)
cross-site scripting in wordpress (CVE-2016-20066). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49757 |
|
Vulnerability in ash_authentication (CVE-2026-49757)
vulnerability in ash_authentication (CVE-2026-49757). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.14.0, 5.0.0-rc.10` or later.
|
| CVE-2026-5482 |
|
Unrestricted File Upload in CVE-2026-5482 (CVE-2026-5482)
vulnerability in CVE-2026-5482 (CVE-2026-5482). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34030 |
|
Vulnerability in path-traversal (CVE-2026-34030)
vulnerability in path-traversal (CVE-2026-34030). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34026 |
|
Vulnerability in path-traversal (CVE-2026-34026)
vulnerability in path-traversal (CVE-2026-34026). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11860 |
|
Code Injection in deserialization (CVE-2026-11860)
code injection in deserialization (CVE-2026-11860). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9278 |
|
Vulnerability in wordpress (CVE-2026-9278)
vulnerability in wordpress (CVE-2026-9278). Risk of unauthorized operations or information disclosure. Exploitable via ``unfiltered_html``.
|
| CVE-2026-50100 |
|
Vulnerability in jvn (CVE-2026-50100)
vulnerability in jvn (CVE-2026-50100). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12211 |
|
Path Traversal in path-traversal (CVE-2026-12211)
path traversal in path-traversal (CVE-2026-12211). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12206 |
|
Vulnerability in sqli (CVE-2026-12206)
vulnerability in sqli (CVE-2026-12206). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12202 |
|
Cross-Site Scripting (XSS) in CVE-2026-12202 (CVE-2026-12202)
cross-site scripting in CVE-2026-12202 (CVE-2026-12202). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12198 |
|
Path Traversal in path-traversal (CVE-2026-12198)
path traversal in path-traversal (CVE-2026-12198). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12188 |
|
Vulnerability in sqli (CVE-2026-12188)
vulnerability in sqli (CVE-2026-12188). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12191 |
|
Vulnerability in deserialization (CVE-2026-12191)
vulnerability in deserialization (CVE-2026-12191). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12187 |
|
Vulnerability in CVE-2026-12187 (CVE-2026-12187)
vulnerability in CVE-2026-12187 (CVE-2026-12187). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54410 |
|
Vulnerability in dos (CVE-2026-54410)
vulnerability in dos (CVE-2026-54410). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12175 |
|
Vulnerability in sqli (CVE-2026-12175)
vulnerability in sqli (CVE-2026-12175). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12176 |
|
Cross-Site Scripting (XSS) in CVE-2026-12176 (CVE-2026-12176)
cross-site scripting in CVE-2026-12176 (CVE-2026-12176). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6428 |
|
SQL Injection in sqli (CVE-2026-6428)
SQL injection in sqli (CVE-2026-6428). Confidential information can be exposed externally. Exploitable via `GET /cgi-bin/koha/reports/catalogue_out.pl`.
|
| CVE-2026-5513 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-5513)
cross-site scripting in wordpress (CVE-2026-5513). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3297 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-3297)
cross-site scripting in wordpress (CVE-2026-3297). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9629 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9629)
cross-site scripting in wordpress (CVE-2026-9629). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9134 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9134)
cross-site scripting in wordpress (CVE-2026-9134). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9061 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9061)
cross-site scripting in wordpress (CVE-2026-9061). Risk of unauthorized operations or information disclosure. Exploitable via ``unfiltered_html``.
|
| CVE-2026-9109 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9109)
cross-site scripting in wordpress (CVE-2026-9109). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11769 |
|
Path Traversal in github.com/grafana/grafana-operator (CVE-2026-11769)
path traversal in github.com/grafana/grafana-operator (CVE-2026-11769). Successful exploitation can lead to full system takeover. Exploitable via ``Dashboard``. Mitigation: upgrade to `5.24.0` or later.
|
| CVE-2026-9848 |
|
SQL Injection in wordpress (CVE-2026-9848)
SQL injection in wordpress (CVE-2026-9848). Confidential information can be exposed externally. Exploitable via ``posts_request``.
|
| CVE-2026-11442 |
|
Path Traversal in path-traversal (CVE-2026-11442)
path traversal in path-traversal (CVE-2026-11442). Confidential information can be exposed externally.
|
| CVE-2026-11443 |
|
Cross-Site Scripting (XSS) in CVE-2026-11443 (CVE-2026-11443)
cross-site scripting in CVE-2026-11443 (CVE-2026-11443). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-14098 |
|
Vulnerability in dos (CVE-2025-14098)
vulnerability in dos (CVE-2025-14098). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53868 |
|
Vulnerability in dos (CVE-2026-53868)
vulnerability in dos (CVE-2026-53868). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53823 |
|
Vulnerability in privilege-escalation (CVE-2026-53823)
vulnerability in privilege-escalation (CVE-2026-53823). Confidential information can be exposed externally.
|
| CVE-2026-53608 |
|
Cross-Site Scripting (XSS) in CVE-2026-53608 (CVE-2026-53608)
cross-site scripting in CVE-2026-53608 (CVE-2026-53608). Confidential information can be exposed externally. Exploitable via ``seoGoogleTrackingId``.
|
| CVE-2026-12131 |
|
Vulnerability in sqli (CVE-2026-12131)
vulnerability in sqli (CVE-2026-12131). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54394 |
|
Path Traversal in path-traversal (CVE-2026-54394)
path traversal in path-traversal (CVE-2026-54394). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54393 |
|
Cross-Site Scripting (XSS) in CVE-2026-54393 (CVE-2026-54393)
cross-site scripting in CVE-2026-54393 (CVE-2026-54393). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54395 |
|
Cross-Site Scripting (XSS) in CVE-2026-54395 (CVE-2026-54395)
cross-site scripting in CVE-2026-54395 (CVE-2026-54395). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12129 |
|
Cross-Site Scripting (XSS) in CVE-2026-12129 (CVE-2026-12129)
cross-site scripting in CVE-2026-12129 (CVE-2026-12129). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12130 |
|
Cross-Site Scripting (XSS) in CVE-2026-12130 (CVE-2026-12130)
cross-site scripting in CVE-2026-12130 (CVE-2026-12130). Risk of unauthorized operations or information disclosure.
|