Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-50956 |
|
Path Traversal in wordpress (CVE-2022-50956)
path traversal in wordpress (CVE-2022-50956). Confidential information can be exposed externally.
|
| CVE-2022-50958 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2022-50958)
cross-site scripting in wordpress (CVE-2022-50958). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50959 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2022-50959)
cross-site scripting in wordpress (CVE-2022-50959). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50960 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2022-50960)
cross-site scripting in wordpress (CVE-2022-50960). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50961 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2022-50961)
cross-site scripting in wordpress (CVE-2022-50961). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50957 |
|
Cross-Site Scripting (XSS) in drupal (CVE-2022-50957)
cross-site scripting in drupal (CVE-2022-50957). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50944 |
|
Code Injection in CVE-2022-50944 (CVE-2022-50944)
code injection in CVE-2022-50944 (CVE-2022-50944). Successful exploitation can lead to full system takeover.
|
| CVE-2022-50954 |
|
Vulnerability in wordpress (CVE-2022-50954)
vulnerability in wordpress (CVE-2022-50954). Confidential information can be exposed externally.
|
| CVE-2022-50945 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2022-50945)
cross-site scripting in wordpress (CVE-2022-50945). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50946 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2022-50946)
cross-site scripting in wordpress (CVE-2022-50946). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50947 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2022-50947)
cross-site scripting in wordpress (CVE-2022-50947). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50949 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2022-50949)
cross-site scripting in wordpress (CVE-2022-50949). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47947 |
|
Cross-Site Scripting (XSS) in CVE-2021-47947 (CVE-2021-47947)
cross-site scripting in CVE-2021-47947 (CVE-2021-47947). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47950 |
|
Cross-Site Scripting (XSS) in CVE-2021-47950 (CVE-2021-47950)
cross-site scripting in CVE-2021-47950 (CVE-2021-47950). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50943 |
|
Cross-Site Scripting (XSS) in moodle (CVE-2022-50943)
cross-site scripting in moodle (CVE-2022-50943). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47948 |
|
Vulnerability in wordpress (CVE-2021-47948)
vulnerability in wordpress (CVE-2021-47948). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47951 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2021-47951)
cross-site scripting in wordpress (CVE-2021-47951). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47938 |
|
Code Injection in CVE-2021-47938 (CVE-2021-47938)
code injection in CVE-2021-47938 (CVE-2021-47938). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47939 |
|
Code Injection in CVE-2021-47939 (CVE-2021-47939)
code injection in CVE-2021-47939 (CVE-2021-47939). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47940 |
|
Vulnerability in wordpress (CVE-2021-47940)
vulnerability in wordpress (CVE-2021-47940). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47943 |
|
Unrestricted File Upload in CVE-2021-47943 (CVE-2021-47943)
vulnerability in CVE-2021-47943 (CVE-2021-47943). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47941 |
|
SQL Injection in wordpress (CVE-2021-47941)
SQL injection in wordpress (CVE-2021-47941). Confidential information can be exposed externally.
|
| CVE-2021-47933 |
|
Vulnerability in wordpress (CVE-2021-47933)
vulnerability in wordpress (CVE-2021-47933). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47936 |
|
Vulnerability in CVE-2021-47936 (CVE-2021-47936)
vulnerability in CVE-2021-47936 (CVE-2021-47936). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47937 |
|
Unrestricted File Upload in CVE-2021-47937 (CVE-2021-47937)
vulnerability in CVE-2021-47937 (CVE-2021-47937). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47932 |
|
Vulnerability in wordpress (CVE-2021-47932)
vulnerability in wordpress (CVE-2021-47932). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47924 |
|
Cross-Site Scripting (XSS) in CVE-2021-47924 (CVE-2021-47924)
cross-site scripting in CVE-2021-47924 (CVE-2021-47924). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47927 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2021-47927)
cross-site scripting in wordpress (CVE-2021-47927). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7263 |
|
Vulnerability in libphp (CVE-2026-7263)
vulnerability in libphp (CVE-2026-7263). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.4.21, 8.5.6` or later.
|
| CVE-2026-8231 |
|
Vulnerability in sqli (CVE-2026-8231)
vulnerability in sqli (CVE-2026-8231). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6104 |
|
Out-of-Bounds Read in libphp (CVE-2026-6104)
vulnerability in libphp (CVE-2026-6104). Confidential information can be exposed externally. Mitigation: upgrade to `8.4.21, 8.5.6` or later.
|
| CVE-2026-6722 |
|
Use-After-Free in libphp (CVE-2026-6722)
vulnerability in libphp (CVE-2026-6722). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
|
| CVE-2026-6735 |
|
Cross-Site Scripting (XSS) in libphp (CVE-2026-6735)
cross-site scripting in libphp (CVE-2026-6735). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
|
| CVE-2026-7258 |
|
Out-of-Bounds Read in libphp (CVE-2026-7258)
vulnerability in libphp (CVE-2026-7258). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
|
| CVE-2026-7259 |
|
Vulnerability in libphp (CVE-2026-7259)
vulnerability in libphp (CVE-2026-7259). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
|
| CVE-2026-7261 |
|
Use-After-Free in libphp (CVE-2026-7261)
vulnerability in libphp (CVE-2026-7261). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
|
| CVE-2026-7262 |
|
Vulnerability in libphp (CVE-2026-7262)
vulnerability in libphp (CVE-2026-7262). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
|
| CVE-2026-7568 |
|
Out-of-Bounds Read in libphp (CVE-2026-7568)
vulnerability in libphp (CVE-2026-7568). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
|
| CVE-2025-14179 |
|
SQL Injection in libphp (CVE-2025-14179)
SQL injection in libphp (CVE-2025-14179). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
|
| CVE-2026-8216 |
|
Authentication Bypass in CVE-2026-8216 (CVE-2026-8216)
authentication bypass in CVE-2026-8216 (CVE-2026-8216). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8212 |
|
Buffer Overflow in gdal (CVE-2026-8212)
vulnerability in gdal (CVE-2026-8212). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
|
| CVE-2026-8213 |
|
Buffer Overflow in gdal (CVE-2026-8213)
vulnerability in gdal (CVE-2026-8213). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
|
| CVE-2026-8211 |
|
Vulnerability in CVE-2026-8211 (CVE-2026-8211)
vulnerability in CVE-2026-8211 (CVE-2026-8211). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8194 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-8194 (CVE-2026-8194)
vulnerability in CVE-2026-8194 (CVE-2026-8194). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8196 |
|
Vulnerability in CVE-2026-8196 (CVE-2026-8196)
vulnerability in CVE-2026-8196 (CVE-2026-8196). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8195 |
|
Cross-Site Scripting (XSS) in CVE-2026-8195 (CVE-2026-8195)
cross-site scripting in CVE-2026-8195 (CVE-2026-8195). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42605 |
|
Path Traversal in azuracast/azuracast (CVE-2026-42605)
path traversal in azuracast/azuracast (CVE-2026-42605). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/station/{station_id}/files/upload`. Mitigation: upgrade to `0.23.6` or later.
|
| CVE-2026-42569 |
|
Vulnerability in nabeel/phpvms (CVE-2026-42569)
vulnerability in nabeel/phpvms (CVE-2026-42569). Data can be tampered with by attackers. Mitigation: upgrade to `7.0.6` or later.
|
| CVE-2026-42562 |
|
Privilege Escalation in CVE-2026-42562 (CVE-2026-42562)
vulnerability in CVE-2026-42562 (CVE-2026-42562). Confidential information can be exposed externally. Exploitable via `PUT /api.php/v1/users/{id}.`.
|
| CVE-2026-8193 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-8193 (CVE-2026-8193)
SSRF in CVE-2026-8193 (CVE-2026-8193). Risk of unauthorized operations or information disclosure.
|