Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-53646 |
|
Vulnerability in nginx (CVE-2026-53646)
vulnerability in nginx (CVE-2026-53646). Risk of unauthorized operations or information disclosure. Exploitable via ``ClientPasswordReset``.
|
| CVE-2026-37106 |
|
Vulnerability in CVE-2026-37106 (CVE-2026-37106)
vulnerability in CVE-2026-37106 (CVE-2026-37106). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12417 |
|
Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
|
| CVE-2026-12416 |
|
Vulnerability in wordpress (CVE-2026-12416)
vulnerability in wordpress (CVE-2026-12416). Successful exploitation can lead to full system takeover. Exploitable via ``reset_activation_code``.
|
| CVE-2026-11551 |
|
Vulnerability in wordpress (CVE-2026-11551)
vulnerability in wordpress (CVE-2026-11551). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46894 |
|
Cross-Site Request Forgery (CSRF) in c (CVE-2026-46894)
vulnerability in c (CVE-2026-46894). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12066 |
|
Vulnerability in CVE-2026-12066 (CVE-2026-12066)
vulnerability in CVE-2026-12066 (CVE-2026-12066). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10169 |
|
Vulnerability in CVE-2026-10169 (CVE-2026-10169)
vulnerability in CVE-2026-10169 (CVE-2026-10169). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7459 |
|
Vulnerability in wordpress (CVE-2026-7459)
vulnerability in wordpress (CVE-2026-7459). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9609 |
|
Vulnerability in CVE-2026-9609 (CVE-2026-9609)
vulnerability in CVE-2026-9609 (CVE-2026-9609). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35676 |
|
Vulnerability in thorsten/phpmyfaq (CVE-2026-35676)
vulnerability in thorsten/phpmyfaq (CVE-2026-35676). Data can be tampered with by attackers. Exploitable via `PUT /api/index.php/user/password/update`. Mitigation: upgrade to `4.1.3` or later.
|
| CVE-2026-7652 |
|
Vulnerability in wordpress (CVE-2026-7652)
vulnerability in wordpress (CVE-2026-7652). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-30459 |
|
Vulnerability in thedaylightstudio (CVE-2026-30459)
vulnerability in thedaylightstudio (CVE-2026-30459). Data can be tampered with by attackers.
|
| CVE-2021-22763 |
|
Vulnerability in schneider-electric (CVE-2021-22763)
vulnerability in schneider-electric (CVE-2021-22763). Successful exploitation can lead to full system takeover.
|
| CVE-2018-16988 |
|
Vulnerability in buffalo (CVE-2018-16988)
vulnerability in buffalo (CVE-2018-16988). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8613 |
|
Vulnerability in microsoft (CVE-2017-8613)
vulnerability in microsoft (CVE-2017-8613). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7629 |
|
QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function.
QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function.
|
| CVE-2017-7731 |
|
Vulnerability in fortinet (CVE-2017-7731)
vulnerability in fortinet (CVE-2017-7731). Confidential information can be exposed externally.
|
| CVE-2017-8295 |
|
Vulnerability in wordpress (CVE-2017-8295)
vulnerability in wordpress (CVE-2017-8295). Data can be tampered with by attackers. Exploitable via `Host header`.
|
| CVE-2017-8385 |
|
Vulnerability in craftcms (CVE-2017-8385)
vulnerability in craftcms (CVE-2017-8385). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7615 |
|
Vulnerability in mantisbt (CVE-2017-7615)
vulnerability in mantisbt (CVE-2017-7615). Successful exploitation can lead to full system takeover.
|