Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2026-12312 Buffer Overflow in mozilla (CVE-2026-12312)
vulnerability in mozilla (CVE-2026-12312). Confidential information can be exposed externally.
CVE-2026-12305 Buffer Overflow in mozilla (CVE-2026-12305)
vulnerability in mozilla (CVE-2026-12305). Risk of unauthorized operations or information disclosure.
CVE-2026-12290 Buffer Overflow in mozilla (CVE-2026-12290)
vulnerability in mozilla (CVE-2026-12290). Confidential information can be exposed externally.
CVE-2026-12289 Privilege Escalation in privilege-escalation (CVE-2026-12289)
vulnerability in privilege-escalation (CVE-2026-12289). Successful exploitation can lead to full system takeover.
CVE-2026-12291 Use-After-Free in mozilla (CVE-2026-12291)
vulnerability in mozilla (CVE-2026-12291). Successful exploitation can lead to full system takeover.
CVE-2026-12292 Buffer Overflow in mozilla (CVE-2026-12292)
vulnerability in mozilla (CVE-2026-12292). Confidential information can be exposed externally.
CVE-2026-6933 Unrestricted File Upload in wordpress (CVE-2026-6933)
vulnerability in wordpress (CVE-2026-6933). Successful exploitation can lead to full system takeover.
CVE-2026-42687 Unauthenticated PHP Object Injection in EventPrime <= 4.3.2.1 versions.
Unauthenticated PHP Object Injection in EventPrime <= 4.3.2.1 versions.
CVE-2026-39532 Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions.
Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions.
CVE-2026-39498 Shop manager PHP Object Injection in YayMail <= 4.3.3 versions.
Shop manager PHP Object Injection in YayMail <= 4.3.3 versions.
CVE-2026-39499 Unsafe Deserialization in CVE-2026-39499 (CVE-2026-39499)
vulnerability in CVE-2026-39499 (CVE-2026-39499). Successful exploitation can lead to full system takeover.
CVE-2026-39481 Author PHP Object Injection in Modula Image Gallery <= 2.14.18 versions.
Author PHP Object Injection in Modula Image Gallery <= 2.14.18 versions.
CVE-2026-39472 Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips < 5.9.0 versions.
Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips < 5.9.0 versions.
CVE-2026-39478 Unsafe Deserialization in CVE-2026-39478 (CVE-2026-39478)
vulnerability in CVE-2026-39478 (CVE-2026-39478). Successful exploitation can lead to full system takeover.
CVE-2026-39471 Author PHP Object Injection in ShortPixel Image Optimizer <= 6.4.3 versions.
Author PHP Object Injection in ShortPixel Image Optimizer <= 6.4.3 versions.
CVE-2026-39474 Contributor PHP Object Injection in Post Duplicator <= 3.0.10 versions.
Contributor PHP Object Injection in Post Duplicator <= 3.0.10 versions.
CVE-2026-39434 Shop manager PHP Object Injection in CTX Feed <= 6.6.26 versions.
Shop manager PHP Object Injection in CTX Feed <= 6.6.26 versions.
CVE-2026-47835 Vulnerability in CVE-2026-47835 (CVE-2026-47835)
vulnerability in CVE-2026-47835 (CVE-2026-47835). Confidential information can be exposed externally.
CVE-2026-36670 SQL Injection in sqli (CVE-2026-36670)
SQL injection in sqli (CVE-2026-36670). Successful exploitation can lead to full system takeover.
CVE-2026-53571 Path Traversal in vite (CVE-2026-53571)
path traversal in vite (CVE-2026-53571). Confidential information can be exposed externally. Exploitable via ``server.fs.deny``. Mitigation: upgrade to `6.4.3` or later.
CVE-2016-20084 Cross-Site Scripting (XSS) in wordpress (CVE-2016-20084)
cross-site scripting in wordpress (CVE-2016-20084). Risk of unauthorized operations or information disclosure.
CVE-2019-25746 SQL Injection in wordpress (CVE-2019-25746)
SQL injection in wordpress (CVE-2019-25746). Confidential information can be exposed externally.
CVE-2018-25437 Vulnerability in wordpress (CVE-2018-25437)
vulnerability in wordpress (CVE-2018-25437). Confidential information can be exposed externally.
CVE-2016-20081 Path Traversal in wordpress (CVE-2016-20081)
path traversal in wordpress (CVE-2016-20081). Confidential information can be exposed externally.
CVE-2016-20073 SQL Injection in wordpress (CVE-2016-20073)
SQL injection in wordpress (CVE-2016-20073). Confidential information can be exposed externally.
CVE-2016-20075 Authorization Flaw in wordpress (CVE-2016-20075)
vulnerability in wordpress (CVE-2016-20075). Successful exploitation can lead to full system takeover.
CVE-2016-20076 Path Traversal in wordpress (CVE-2016-20076)
path traversal in wordpress (CVE-2016-20076). Confidential information can be exposed externally.
CVE-2016-20068 SQL Injection in wordpress (CVE-2016-20068)
SQL injection in wordpress (CVE-2016-20068). Confidential information can be exposed externally.
CVE-2026-12204 Vulnerability in CVE-2026-12204 (CVE-2026-12204)
vulnerability in CVE-2026-12204 (CVE-2026-12204). Risk of unauthorized operations or information disclosure.
CVE-2026-11769 Path Traversal in github.com/grafana/grafana-operator (CVE-2026-11769)
path traversal in github.com/grafana/grafana-operator (CVE-2026-11769). Successful exploitation can lead to full system takeover. Exploitable via ``Dashboard``. Mitigation: upgrade to `5.24.0` or later.
CVE-2026-47965 Out-of-Bounds Write in adobe (CVE-2026-47965)
out-of-bounds write in adobe (CVE-2026-47965). Successful exploitation can lead to full system takeover.
CVE-2025-52465 Vulnerability in org.geoserver.web:gs-web-app (CVE-2025-52465)
vulnerability in org.geoserver.web:gs-web-app (CVE-2025-52465). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.26.4` or later.
CVE-2026-12066 Vulnerability in CVE-2026-12066 (CVE-2026-12066)
vulnerability in CVE-2026-12066 (CVE-2026-12066). Risk of unauthorized operations or information disclosure.
CVE-2026-50645 Vulnerability in apache (CVE-2026-50645)
vulnerability in apache (CVE-2026-50645). Risk of unauthorized operations or information disclosure.
CVE-2026-50633 Vulnerability in apache (CVE-2026-50633)
vulnerability in apache (CVE-2026-50633). Successful exploitation can lead to full system takeover.
CVE-2026-50632 Vulnerability in apache (CVE-2026-50632)
vulnerability in apache (CVE-2026-50632). Successful exploitation can lead to full system takeover.
CVE-2026-50631 Vulnerability in apache (CVE-2026-50631)
vulnerability in apache (CVE-2026-50631). Confidential information can be exposed externally.
CVE-2026-45418 SQL Injection in sqli (CVE-2026-45418)
SQL injection in sqli (CVE-2026-45418). Successful exploitation can lead to full system takeover. Exploitable via `POST /actions/subtitle_edit.php`.
CVE-2026-12035 Use-After-Free in google (CVE-2026-12035)
vulnerability in google (CVE-2026-12035). Successful exploitation can lead to full system takeover.
CVE-2026-12034 Vulnerability in Google chrome (CVE-2026-12034)
vulnerability in Google chrome (CVE-2026-12034). Successful exploitation can lead to full system takeover.
CVE-2026-12031 Vulnerability in google (CVE-2026-12031)
vulnerability in google (CVE-2026-12031). Successful exploitation can lead to full system takeover.
CVE-2026-12029 Use-After-Free in google (CVE-2026-12029)
vulnerability in google (CVE-2026-12029). Successful exploitation can lead to full system takeover.
CVE-2026-12028 Use-After-Free in google (CVE-2026-12028)
vulnerability in google (CVE-2026-12028). Successful exploitation can lead to full system takeover.
CVE-2026-12030 Vulnerability in google (CVE-2026-12030)
vulnerability in google (CVE-2026-12030). Successful exploitation can lead to full system takeover.
CVE-2026-12020 Use-After-Free in google (CVE-2026-12020)
vulnerability in google (CVE-2026-12020). Successful exploitation can lead to full system takeover.
CVE-2026-12019 Out-of-Bounds Write in google (CVE-2026-12019)
out-of-bounds write in google (CVE-2026-12019). Successful exploitation can lead to full system takeover.
CVE-2026-12023 Use-After-Free in google (CVE-2026-12023)
vulnerability in google (CVE-2026-12023). Successful exploitation can lead to full system takeover.
CVE-2026-12016 Vulnerability in google (CVE-2026-12016)
vulnerability in google (CVE-2026-12016). Successful exploitation can lead to full system takeover.
CVE-2026-12018 Privilege Escalation in privilege-escalation (CVE-2026-12018)
vulnerability in privilege-escalation (CVE-2026-12018). Successful exploitation can lead to full system takeover.
CVE-2026-12022 Vulnerability in google (CVE-2026-12022)
vulnerability in google (CVE-2026-12022). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →