Export limit exceeded: 334984 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334984 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22365 | 2 Axiomthemes, Wordpress | 2 Soleng, Wordpress | 2026-02-24 | 9.8 Critical |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Soleng soleng allows PHP Local File Inclusion.This issue affects Soleng: from n/a through <= 1.0.5. | ||||
| CVE-2022-0762 | 1 Microweber | 1 Microweber | 2026-02-24 | 5.5 Medium |
| Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3. | ||||
| CVE-2022-0611 | 1 Snipeitapp | 1 Snipe-it | 2026-02-24 | 6.3 Medium |
| Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11. | ||||
| CVE-2022-0588 | 1 Librenms | 1 Librenms | 2026-02-24 | 7.1 High |
| Missing Authorization in Packagist librenms/librenms prior to 22.2.0. | ||||
| CVE-2022-0580 | 1 Librenms | 1 Librenms | 2026-02-24 | 7.1 High |
| Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0. | ||||
| CVE-2022-0579 | 1 Snipeitapp | 1 Snipe-it | 2026-02-24 | 6.5 Medium |
| Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9. | ||||
| CVE-2022-0569 | 1 Snipeitapp | 1 Snipe-it | 2026-02-24 | 5.3 Medium |
| Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9. | ||||
| CVE-2022-0565 | 1 Pimcore | 1 Pimcore | 2026-02-24 | 7.6 High |
| Cross-site Scripting in Packagist pimcore/pimcore prior to 10.3.1. | ||||
| CVE-2022-0536 | 2 Follow-redirects Project, Redhat | 7 Follow-redirects, Acm, Openshift Data Foundation and 4 more | 2026-02-24 | 2.6 Low |
| Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8. | ||||
| CVE-2022-0528 | 1 Transloadit | 1 Uppy | 2026-02-24 | 6.5 Medium |
| Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1. | ||||
| CVE-2022-0355 | 1 Simple-get Project | 1 Simple-get | 2026-02-24 | 8.8 High |
| Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. | ||||
| CVE-2022-0338 | 1 Loguru Project | 1 Loguru | 2026-02-24 | 4.3 Medium |
| Insertion of Sensitive Information into Log File in Conda loguru prior to 0.5.3. | ||||
| CVE-2022-0282 | 1 Microweber | 1 Microweber | 2026-02-24 | 4.3 Medium |
| Cross-site Scripting in Packagist microweber/microweber prior to 1.2.11. | ||||
| CVE-2022-0178 | 1 Snipeitapp | 1 Snipe-it | 2026-02-24 | 6.3 Medium |
| Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8. | ||||
| CVE-2022-0121 | 1 Hoppscotch | 1 Hoppscotch | 2026-02-24 | 8 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hoppscotch hoppscotch/hoppscotch.This issue affects hoppscotch/hoppscotch before 2.1.1. | ||||
| CVE-2024-38882 | 1 Horizoncloud | 1 Caterease | 2026-02-24 | 9.8 Critical |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform command line execution through SQL Injection due to improper neutralization of special elements used in an OS command. | ||||
| CVE-2024-38881 | 1 Horizoncloud | 1 Caterease | 2026-02-24 | 7.5 High |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Rainbow Table Password cracking attack due to the use of one-way hashes without salts when storing user passwords. | ||||
| CVE-2024-38891 | 1 Horizoncloud | 1 Caterease | 2026-02-24 | 9.1 Critical |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information. | ||||
| CVE-2026-24686 | 1 Theupdateframework | 1 Go-tuf | 2026-02-24 | 4.7 Medium |
| go-tuf is a Go implementation of The Update Framework (TUF). go-tuf's TAP 4 Multirepo Client uses the map file repository name string (`repoName`) as a filesystem path component when selecting the local metadata cache directory. Starting in version 2.0.0 and prior to version 2.4.1, if an application accepts a map file from an untrusted source, an attacker can supply a `repoName` containing traversal (e.g., `../escaped-repo`) and cause go-tuf to create directories and write the root metadata file outside the intended `LocalMetadataDir` cache base, within the running process's filesystem permissions. Version 2.4.1 contains a patch. | ||||
| CVE-2024-38886 | 1 Horizoncloud | 1 Caterease | 2026-02-24 | 9.8 Critical |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel. | ||||