Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2018-25329 | HIGH | 7.5 | WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into … | May 17, 2026 |
| CVE-2018-25328 | HIGH | 8.4 | VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory … | May 17, 2026 |
| CVE-2018-25327 | MEDIUM | 5.3 | Joomla! Component Js Jobs 1.2.0 contains a cross-site request forgery vulnerability that allows attackers to perform state-changing actions without token validation. Attackers can craft malicious … | May 17, 2026 |
| CVE-2018-25326 | HIGH | 7.5 | Google Drive for WordPress 2.2 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by injecting directory traversal sequences in the … | May 17, 2026 |
| CVE-2018-25325 | HIGH | 7.5 | Woocommerce CSV Importer 3.3.6 contains a path traversal vulnerability that allows any registered user to delete arbitrary files by submitting unescaped filenames through the delete_export_file … | May 17, 2026 |
| CVE-2018-25324 | MEDIUM | 6.2 | Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes … | May 17, 2026 |
| CVE-2018-25323 | HIGH | 8.4 | Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by … | May 17, 2026 |
| CVE-2018-25322 | HIGH | 8.4 | Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious … | May 17, 2026 |
| CVE-2018-25321 | MEDIUM | 4.3 | TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can … | May 17, 2026 |
| CVE-2018-25320 | CRITICAL | 9.8 | ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers … | May 17, 2026 |
| CVE-2018-25319 | HIGH | 7.1 | Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myevents_id … | May 17, 2026 |
| CVE-2026-8752 | MEDIUM | 5.3 | A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids … | May 17, 2026 |
| CVE-2026-8751 | HIGH | 7.3 | A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR … | May 17, 2026 |
| CVE-2026-8750 | MEDIUM | 5.3 | A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component … | May 17, 2026 |
| CVE-2026-8747 | MEDIUM | 6.3 | A weakness has been identified in Z-BlogPHP 1.7.4.3430. This affects the function CheckComment of the file zb_system/function/c_system_event.php of the component Commend Approval Handler. This manipulation … | May 17, 2026 |
| CVE-2026-8746 | MEDIUM | 4.3 | A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover_handler in the library /lib/sbi/nghttp2-server.c of the … | May 17, 2026 |
| CVE-2026-8745 | MEDIUM | 4.3 | A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs_timer_add in the library /src/ausf/nausf-handler.c of the component AUSF. … | May 17, 2026 |
| CVE-2026-8744 | MEDIUM | 4.3 | A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs_sbi_subscription_data_add/ogs_sbi_nf_service_add in the library /lib/sbi/context.c of the component NRF. Executing a manipulation … | May 17, 2026 |
| CVE-2026-8743 | MEDIUM | 6.3 | A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation … | May 17, 2026 |
| CVE-2026-8741 | LOW | 3.1 | A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqx_persistent_session_ds.erl of the component QoS 2 PUBLISH … | May 17, 2026 |
| CVE-2026-8740 | MEDIUM | 6.3 | A flaw has been found in Sanluan PublicCMS 5.202506.d. The impacted element is the function execute of the file publiccms-core/src/main/java/com/publiccms/views/directive/tools/TemplateResultDirective.java of the component templateResult API. … | May 17, 2026 |
| CVE-2026-8739 | MEDIUM | 5.3 | A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefile_key … | May 17, 2026 |
| CVE-2026-8738 | MEDIUM | 6.5 | A security vulnerability has been detected in Sanluan PublicCMS 5.202506.d. Impacted is the function TradeOrderController.pay/TradePaymentController.pay/AccountGatewayComponent.pay of the file publiccms-trade/src/main/java/com/publiccms/controller/web/trade/TradeOrderController.java of the component Trade Payment Flow. … | May 17, 2026 |
| CVE-2026-8737 | MEDIUM | 5.3 | A weakness has been identified in Sanluan PublicCMS 5.202506.d. This issue affects the function execute of the file publiccms-trade/src/main/java/com/publiccms/views/directive/trade/TradeAddressListDirective.java of the component Trade Address Query … | May 17, 2026 |
| CVE-2026-8736 | MEDIUM | 4.1 | A security flaw has been discovered in Oinone Pamirs up to 7.2.0. This vulnerability affects the function request.getParameter of the file LocalFileClient.java of the component … | May 17, 2026 |