Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: cwe-288 Clear
ID Title
CVE-2020-37255 Vulnerability in wordpress (CVE-2020-37255)
vulnerability in wordpress (CVE-2020-37255). Confidential information can be exposed externally.
CVE-2019-25763 Vulnerability in wordpress (CVE-2019-25763)
vulnerability in wordpress (CVE-2019-25763). Successful exploitation can lead to full system takeover.
CVE-2026-10523 Vulnerability in ivanti (CVE-2026-10523)
vulnerability in ivanti (CVE-2026-10523). Successful exploitation can lead to full system takeover.
CVE-2026-5415 The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
CVE-2026-8697 Vulnerability in tp-link (CVE-2026-8697)
vulnerability in tp-link (CVE-2026-8697). Successful exploitation can lead to full system takeover.
CVE-2026-42760 Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and...
Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and...
CVE-2026-42745 Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online...
Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online...
CVE-2026-42735 Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare...
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare...
CVE-2026-33843 Vulnerability in microsoft (CVE-2026-33843)
vulnerability in microsoft (CVE-2026-33843). Confidential information can be exposed externally.
CVE-2026-24206 Vulnerability in dos (CVE-2026-24206)
vulnerability in dos (CVE-2026-24206). Risk of unauthorized operations or information disclosure.
CVE-2026-24207 Vulnerability in dos (CVE-2026-24207)
vulnerability in dos (CVE-2026-24207). Successful exploitation can lead to full system takeover.
CVE-2026-4524 Vulnerability in gitlab (CVE-2026-4524)
vulnerability in gitlab (CVE-2026-4524). Confidential information can be exposed externally. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-35422 Vulnerability in microsoft (CVE-2026-35422)
vulnerability in microsoft (CVE-2026-35422). Data can be tampered with by attackers.
CVE-2026-40022 Vulnerability in org.apache.camel:camel-platform-http-main (CVE-2026-40022)
vulnerability in org.apache.camel:camel-platform-http-main (CVE-2026-40022). Confidential information can be exposed externally. Mitigation: upgrade to `4.20.0` or later.
CVE-2026-34040 Vulnerability in github.com/moby/moby (CVE-2026-34040)
vulnerability in github.com/moby/moby (CVE-2026-34040). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `29.3.1` or later.
CVE-2026-4700 Vulnerability in mozilla (CVE-2026-4700)
vulnerability in mozilla (CVE-2026-4700). Successful exploitation can lead to full system takeover.
CVE-2026-1603 KEV [KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2026-1603)
vulnerability in Ivanti endpoint-manager-epm (CVE-2026-1603). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-2775 Vulnerability in mozilla (CVE-2026-2775)
vulnerability in mozilla (CVE-2026-2775). Successful exploitation can lead to full system takeover.
CVE-2026-24858 KEV [KEV] Vulnerability in Fortinet multiple-products (CVE-2026-24858)
vulnerability in Fortinet multiple-products (CVE-2026-24858). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-23760 KEV [KEV] Vulnerability in Smartertools smartermail (CVE-2026-23760)
vulnerability in Smartertools smartermail (CVE-2026-23760). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-34026 KEV [KEV] Vulnerability in Versa concerto (CVE-2025-34026)
vulnerability in Versa concerto (CVE-2025-34026). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2746 KEV [KEV] Vulnerability in Kentico xperience-cms (CVE-2025-2746)
vulnerability in Kentico xperience-cms (CVE-2025-2746). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2747 KEV [KEV] Vulnerability in Kentico xperience-cms (CVE-2025-2747)
vulnerability in Kentico xperience-cms (CVE-2025-2747). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-22862 Vulnerability in fortinet (CVE-2025-22862)
vulnerability in fortinet (CVE-2025-22862). Successful exploitation can lead to full system takeover.
CVE-2025-57819 KEV [KEV] SQL Injection in Sangoma freepbx (CVE-2025-57819)
SQL injection in Sangoma freepbx (CVE-2025-57819). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-4427 KEV [KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4427)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4427). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-24472 KEV [KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2025-24472)
vulnerability in Fortinet fortios-and-fortiproxy (CVE-2025-24472). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2024-55591 KEV [KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2024-55591)
vulnerability in Fortinet fortios-and-fortiproxy (CVE-2024-55591). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2024-27198 KEV [KEV] Vulnerability in Jetbrains teamcity (CVE-2024-27198)
vulnerability in Jetbrains teamcity (CVE-2024-27198). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-1709 KEV [KEV] Vulnerability in Connectwise screenconnect (CVE-2024-1709)
vulnerability in Connectwise screenconnect (CVE-2024-1709). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46747 KEV [KEV] Vulnerability in F5 big-ip-configuration-utility (CVE-2023-46747)
vulnerability in F5 big-ip-configuration-utility (CVE-2023-46747). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-42793 KEV [KEV] Vulnerability in Jetbrains teamcity (CVE-2023-42793)
vulnerability in Jetbrains teamcity (CVE-2023-42793). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-20269 KEV [KEV] Vulnerability in Cisco adaptive-security-appliance-and-firepower-threat-defense (CVE-2023-20269)
vulnerability in Cisco adaptive-security-appliance-and-firepower-threat-defense (CVE-2023-20269). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-40684 KEV [KEV] Vulnerability in Fortinet multiple-products (CVE-2022-40684)
vulnerability in Fortinet multiple-products (CVE-2022-40684). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-10148 KEV [KEV] Vulnerability in Solarwinds orion (CVE-2020-10148)
vulnerability in Solarwinds orion (CVE-2020-10148). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-9944 Vulnerability in siemens (CVE-2017-9944)
vulnerability in siemens (CVE-2017-9944). Successful exploitation can lead to full system takeover.
CVE-2017-6871 Vulnerability in siemens (CVE-2017-6871)
vulnerability in siemens (CVE-2017-6871). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →