Export limit exceeded: 84270 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (84270 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69123 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Snow Club <= 1.1 versions. | ||||
| CVE-2025-69174 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Etude <= 1.6 versions. | ||||
| CVE-2026-40733 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in ShiftUp <= 1.3 versions. | ||||
| CVE-2026-52707 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Kastell <= 2.0 versions. | ||||
| CVE-2026-54814 | 2026-06-17 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.109. | ||||
| CVE-2026-39556 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Konsept <= 1.9 versions. | ||||
| CVE-2026-54802 | 2026-06-17 | 7.5 High | ||
| Unauthenticated Broken Authentication in SMS Alert Order Notifications <= 3.9.3 versions. | ||||
| CVE-2026-52698 | 2026-06-17 | 7.4 High | ||
| Subscriber Sensitive Data Exposure in PushEngage – Web Push Notifications, eCommerce Automation & Chat Widget <= 4.2.3 versions. | ||||
| CVE-2026-42385 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Profile Builder Pro <= 3.15.0 versions. | ||||
| CVE-2026-40753 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions. | ||||
| CVE-2025-68524 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5 versions. | ||||
| CVE-2026-40731 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in ChapterOne <= 1.7 versions. | ||||
| CVE-2025-69126 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Fortius <= 2.3.0 versions. | ||||
| CVE-2026-49081 | 2026-06-17 | 8.2 High | ||
| Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.12 versions. | ||||
| CVE-2025-69157 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Gamic <= 1.15 versions. | ||||
| CVE-2026-39558 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Malmö <= 2.2 versions. | ||||
| CVE-2026-27400 | 2026-06-17 | 8.6 High | ||
| Unauthenticated Arbitrary File Deletion in BookPro <= 1.1.0 versions. | ||||
| CVE-2019-25293 | 1 Bluestacks | 2 Bluestacks, Bluestacks App Player | 2026-06-17 | 7.8 High |
| BlueStacks App Player 2.4.44.62.57 contains an unquoted service path vulnerability in the BstHdLogRotatorSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe to inject malicious executables and escalate privileges. | ||||
| CVE-2026-39597 | 2 Wordpress, Wpzoom | 2 Wordpress, Wpzoom Addons For Elementor | 2026-06-17 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions. | ||||
| CVE-2025-69172 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Resurs <= 1.3 versions. | ||||