Export limit exceeded: 10543 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10543 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-40568 | 2026-04-15 | 4.3 Medium | ||
| A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). An internal session termination functionality in the web interface of affected products contains an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with "guest" role to terminate legitimate users' sessions. | ||||
| CVE-2025-42989 | 1 Sap | 1 Netweaver Application Server For Abap | 2026-04-15 | 9.6 Critical |
| RFC inbound processing�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation the attacker could critically impact both integrity and availability of the application. | ||||
| CVE-2025-31481 | 1 Api-platform | 1 Core | 2026-04-15 | 7.5 High |
| API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Using the Relay special node type you can bypass the configured security on an operation. This vulnerability is fixed in 4.0.22 and 3.4.17. | ||||
| CVE-2025-31525 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in WP Messiah WP Mobile Bottom Menu mobile-bottom-menu-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mobile Bottom Menu: from n/a through <= 1.4.0. | ||||
| CVE-2025-31528 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in wokamoto StaticPress staticpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects StaticPress: from n/a through <= 0.4.5. | ||||
| CVE-2025-31529 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Rashid Slider Path for Elementor slider-path allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider Path for Elementor: from n/a through <= 3.0.0. | ||||
| CVE-2025-46434 | 3 Elementor, Posimyth, Wordpress | 3 Elementor, The Plus Addons For Elementor, Wordpress | 2026-04-15 | 6.5 Medium |
| Missing Authorization vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Pro: from n/a before 6.3.7. | ||||
| CVE-2025-31606 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in softpulseinfotech SP Blog Designer sp-blog-designer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SP Blog Designer: from n/a through <= 1.0.0. | ||||
| CVE-2025-31609 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through <= 8.0.2. | ||||
| CVE-2025-31618 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace connector-civicrm-mcrestface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through <= 1.0.10. | ||||
| CVE-2025-31628 | 2 Slicedinvoices, Wordpress | 2 Sliced Invoices, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in SlicedInvoices Sliced Invoices sliced-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sliced Invoices: from n/a through <= 3.10.0. | ||||
| CVE-2025-31630 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in themeton The Business allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Business: from n/a through 1.6.1. | ||||
| CVE-2024-43222 | 1 Seventhqueen | 1 Sweet Date | 2026-04-15 | N/A |
| Missing Authorization vulnerability in SeventhQueen Sweet Date sweetdate allows Privilege Escalation.This issue affects Sweet Date: from n/a through <= 3.7.3. | ||||
| CVE-2025-31768 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in OTWthemes Widget Manager Light widget-manager-light allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Widget Manager Light: from n/a through <= 1.18. | ||||
| CVE-2025-31777 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in BeastThemes Clockinator Lite clockify-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clockinator Lite: from n/a through <= 1.0.9. | ||||
| CVE-2025-31780 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Andy Stratton Append Content append-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Append Content: from n/a through <= 2.1.1. | ||||
| CVE-2025-31781 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in ahmadshyk Gift Cards for WooCommerce woo-giftcards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gift Cards for WooCommerce: from n/a through <= 1.5.8. | ||||
| CVE-2025-31782 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in pupunzi mb.YTPlayer wpmbytplayer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects mb.YTPlayer: from n/a through <= 3.3.8. | ||||
| CVE-2025-31786 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Travis Simple Icons simple-icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Icons: from n/a through <= 2.8.4. | ||||
| CVE-2025-31787 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in AudioTheme Cue cue allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cue: from n/a through <= 2.4.4. | ||||