Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-13020 |
|
Vulnerability in CVE-2026-13020 (CVE-2026-13020)
vulnerability in CVE-2026-13020 (CVE-2026-13020). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13019 |
|
Vulnerability in CVE-2026-13019 (CVE-2026-13019)
vulnerability in CVE-2026-13019 (CVE-2026-13019). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34198 |
|
Vulnerability in CVE-2026-34198 (CVE-2026-34198)
vulnerability in CVE-2026-34198 (CVE-2026-34198). Data can be tampered with by attackers. Exploitable via `Host header`.
|
| CVE-2026-53646 |
|
Vulnerability in nginx (CVE-2026-53646)
vulnerability in nginx (CVE-2026-53646). Risk of unauthorized operations or information disclosure. Exploitable via ``ClientPasswordReset``.
|
| CVE-2026-53904 |
|
Vulnerability in dos (CVE-2026-53904)
vulnerability in dos (CVE-2026-53904). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-37106 |
|
Vulnerability in CVE-2026-37106 (CVE-2026-37106)
vulnerability in CVE-2026-37106 (CVE-2026-37106). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12417 |
|
Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
|
| CVE-2026-12416 |
|
Vulnerability in wordpress (CVE-2026-12416)
vulnerability in wordpress (CVE-2026-12416). Successful exploitation can lead to full system takeover. Exploitable via ``reset_activation_code``.
|
| CVE-2026-11551 |
|
Vulnerability in wordpress (CVE-2026-11551)
vulnerability in wordpress (CVE-2026-11551). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56081 |
|
Vulnerability in CVE-2026-56081 (CVE-2026-56081)
vulnerability in CVE-2026-56081 (CVE-2026-56081). Confidential information can be exposed externally.
|
| CVE-2026-46894 |
|
Cross-Site Request Forgery (CSRF) in c (CVE-2026-46894)
vulnerability in c (CVE-2026-46894). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12066 |
|
Vulnerability in CVE-2026-12066 (CVE-2026-12066)
vulnerability in CVE-2026-12066 (CVE-2026-12066). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50635 |
|
Vulnerability in CVE-2026-50635 (CVE-2026-50635)
vulnerability in CVE-2026-50635 (CVE-2026-50635). Successful exploitation can lead to full system takeover. Exploitable via `Host header`.
|
| CVE-2026-10169 |
|
Vulnerability in CVE-2026-10169 (CVE-2026-10169)
vulnerability in CVE-2026-10169 (CVE-2026-10169). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7459 |
|
Vulnerability in wordpress (CVE-2026-7459)
vulnerability in wordpress (CVE-2026-7459). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9609 |
|
Vulnerability in CVE-2026-9609 (CVE-2026-9609)
vulnerability in CVE-2026-9609 (CVE-2026-9609). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9466 |
|
Vulnerability in CVE-2026-9466 (CVE-2026-9466)
vulnerability in CVE-2026-9466 (CVE-2026-9466). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35676 |
|
Vulnerability in thorsten/phpmyfaq (CVE-2026-35676)
vulnerability in thorsten/phpmyfaq (CVE-2026-35676). Data can be tampered with by attackers. Exploitable via `PUT /api/index.php/user/password/update`. Mitigation: upgrade to `4.1.3` or later.
|
| CVE-2026-36438 |
|
Vulnerability in CVE-2026-36438 (CVE-2026-36438)
vulnerability in CVE-2026-36438 (CVE-2026-36438). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45013 |
|
Vulnerability in apostrophe (CVE-2026-45013)
vulnerability in apostrophe (CVE-2026-45013). Confidential information can be exposed externally. Exploitable via `POST /api/v1/login/reset-request`.
|
| CVE-2026-42606 |
|
Vulnerability in azuracast/azuracast (CVE-2026-42606)
vulnerability in azuracast/azuracast (CVE-2026-42606). Confidential information can be exposed externally. Exploitable via ``ApplyXForwarded``. Mitigation: upgrade to `0.23.6` or later.
|
| CVE-2026-7652 |
|
Vulnerability in wordpress (CVE-2026-7652)
vulnerability in wordpress (CVE-2026-7652). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-29199 |
|
Vulnerability in phpbb/phpbb (CVE-2026-29199)
vulnerability in phpbb/phpbb (CVE-2026-29199). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `4.0.0-a2` or later.
|
| CVE-2026-30459 |
|
Vulnerability in thedaylightstudio (CVE-2026-30459)
vulnerability in thedaylightstudio (CVE-2026-30459). Data can be tampered with by attackers.
|
| CVE-2026-22723 |
|
Vulnerability in cloudfoundry (CVE-2026-22723)
vulnerability in cloudfoundry (CVE-2026-22723). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4320 |
|
Vulnerability in CVE-2025-4320 (CVE-2025-4320)
vulnerability in CVE-2025-4320 (CVE-2025-4320). Successful exploitation can lead to full system takeover.
|
| CVE-2025-4319 |
|
Vulnerability in CVE-2025-4319 (CVE-2025-4319)
vulnerability in CVE-2025-4319 (CVE-2025-4319). Confidential information can be exposed externally.
|
| CVE-2025-63314 |
|
Vulnerability in ddsn (CVE-2025-63314)
vulnerability in ddsn (CVE-2025-63314). Confidential information can be exposed externally.
|
| CVE-2025-50433 |
|
Vulnerability in monnit (CVE-2025-50433)
vulnerability in monnit (CVE-2025-50433). Successful exploitation can lead to full system takeover.
|
| CVE-2025-8855 |
|
Vulnerability in CVE-2025-8855 (CVE-2025-8855)
vulnerability in CVE-2025-8855 (CVE-2025-8855). Confidential information can be exposed externally.
|
| CVE-2024-12604 |
|
Vulnerability in tapandsign (CVE-2024-12604)
vulnerability in tapandsign (CVE-2024-12604). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-34530 |
|
Vulnerability in backdropcms (CVE-2022-34530)
vulnerability in backdropcms (CVE-2022-34530). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-22763 |
|
Vulnerability in schneider-electric (CVE-2021-22763)
vulnerability in schneider-electric (CVE-2021-22763). Successful exploitation can lead to full system takeover.
|
| CVE-2021-25323 |
|
Vulnerability in misp-project (CVE-2021-25323)
vulnerability in misp-project (CVE-2021-25323). Confidential information can be exposed externally.
|
| CVE-2018-16988 |
|
Vulnerability in buffalo (CVE-2018-16988)
vulnerability in buffalo (CVE-2018-16988). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5172 |
|
Vulnerability in cloudfoundry (CVE-2015-5172)
vulnerability in cloudfoundry (CVE-2015-5172). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14005 |
|
Vulnerability in prominent (CVE-2017-14005)
vulnerability in prominent (CVE-2017-14005). Successful exploitation can lead to full system takeover.
|
| CVE-2015-4689 |
|
Vulnerability in ellucian (CVE-2015-4689)
vulnerability in ellucian (CVE-2015-4689). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7257 |
|
Vulnerability in zte (CVE-2015-7257)
vulnerability in zte (CVE-2015-7257). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7551 |
|
Vulnerability in fedoraproject (CVE-2017-7551)
vulnerability in fedoraproject (CVE-2017-7551). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12851 |
|
Vulnerability in kanboard (CVE-2017-12851)
vulnerability in kanboard (CVE-2017-12851). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12850 |
|
Vulnerability in kanboard (CVE-2017-12850)
vulnerability in kanboard (CVE-2017-12850). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8613 |
|
Vulnerability in microsoft (CVE-2017-8613)
vulnerability in microsoft (CVE-2017-8613). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7629 |
|
QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function.
QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function.
|
| CVE-2017-9543 |
|
Vulnerability in echatserver (CVE-2017-9543)
vulnerability in echatserver (CVE-2017-9543). Data can be tampered with by attackers.
|
| CVE-2017-7731 |
|
Vulnerability in fortinet (CVE-2017-7731)
vulnerability in fortinet (CVE-2017-7731). Confidential information can be exposed externally.
|
| CVE-2015-3189 |
|
Vulnerability in cloudfoundry (CVE-2015-3189)
vulnerability in cloudfoundry (CVE-2015-3189). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8295 |
|
Vulnerability in wordpress (CVE-2017-8295)
vulnerability in wordpress (CVE-2017-8295). Data can be tampered with by attackers. Exploitable via `Host header`.
|
| CVE-2017-8385 |
|
Vulnerability in craftcms (CVE-2017-8385)
vulnerability in craftcms (CVE-2017-8385). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7615 |
|
Vulnerability in mantisbt (CVE-2017-7615)
vulnerability in mantisbt (CVE-2017-7615). Successful exploitation can lead to full system takeover.
|