Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: cwe-640 Clear
ID Title
CVE-2026-53646 Vulnerability in nginx (CVE-2026-53646)
vulnerability in nginx (CVE-2026-53646). Risk of unauthorized operations or information disclosure. Exploitable via ``ClientPasswordReset``.
CVE-2026-37106 Vulnerability in CVE-2026-37106 (CVE-2026-37106)
vulnerability in CVE-2026-37106 (CVE-2026-37106). Successful exploitation can lead to full system takeover.
CVE-2026-12417 Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
CVE-2026-12416 Vulnerability in wordpress (CVE-2026-12416)
vulnerability in wordpress (CVE-2026-12416). Successful exploitation can lead to full system takeover. Exploitable via ``reset_activation_code``.
CVE-2026-11551 Vulnerability in wordpress (CVE-2026-11551)
vulnerability in wordpress (CVE-2026-11551). Successful exploitation can lead to full system takeover.
CVE-2026-46894 Cross-Site Request Forgery (CSRF) in c (CVE-2026-46894)
vulnerability in c (CVE-2026-46894). Successful exploitation can lead to full system takeover.
CVE-2026-12066 Vulnerability in CVE-2026-12066 (CVE-2026-12066)
vulnerability in CVE-2026-12066 (CVE-2026-12066). Risk of unauthorized operations or information disclosure.
CVE-2026-10169 Vulnerability in CVE-2026-10169 (CVE-2026-10169)
vulnerability in CVE-2026-10169 (CVE-2026-10169). Risk of unauthorized operations or information disclosure.
CVE-2026-7459 Vulnerability in wordpress (CVE-2026-7459)
vulnerability in wordpress (CVE-2026-7459). Successful exploitation can lead to full system takeover.
CVE-2026-9609 Vulnerability in CVE-2026-9609 (CVE-2026-9609)
vulnerability in CVE-2026-9609 (CVE-2026-9609). Risk of unauthorized operations or information disclosure.
CVE-2026-35676 Vulnerability in thorsten/phpmyfaq (CVE-2026-35676)
vulnerability in thorsten/phpmyfaq (CVE-2026-35676). Data can be tampered with by attackers. Exploitable via `PUT /api/index.php/user/password/update`. Mitigation: upgrade to `4.1.3` or later.
CVE-2026-7652 Vulnerability in wordpress (CVE-2026-7652)
vulnerability in wordpress (CVE-2026-7652). Risk of unauthorized operations or information disclosure.
CVE-2026-30459 Vulnerability in thedaylightstudio (CVE-2026-30459)
vulnerability in thedaylightstudio (CVE-2026-30459). Data can be tampered with by attackers.
CVE-2021-22763 Vulnerability in schneider-electric (CVE-2021-22763)
vulnerability in schneider-electric (CVE-2021-22763). Successful exploitation can lead to full system takeover.
CVE-2018-16988 Vulnerability in buffalo (CVE-2018-16988)
vulnerability in buffalo (CVE-2018-16988). Successful exploitation can lead to full system takeover.
CVE-2017-8613 Vulnerability in microsoft (CVE-2017-8613)
vulnerability in microsoft (CVE-2017-8613). Successful exploitation can lead to full system takeover.
CVE-2017-7629 QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function.
QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function.
CVE-2017-7731 Vulnerability in fortinet (CVE-2017-7731)
vulnerability in fortinet (CVE-2017-7731). Confidential information can be exposed externally.
CVE-2017-8295 Vulnerability in wordpress (CVE-2017-8295)
vulnerability in wordpress (CVE-2017-8295). Data can be tampered with by attackers. Exploitable via `Host header`.
CVE-2017-8385 Vulnerability in craftcms (CVE-2017-8385)
vulnerability in craftcms (CVE-2017-8385). Risk of unauthorized operations or information disclosure.
CVE-2017-7615 Vulnerability in mantisbt (CVE-2017-7615)
vulnerability in mantisbt (CVE-2017-7615). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →