Mlflow/mlflow CVEs and Security Vulnerabilities

Export limit exceeded: 344883 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found '/' (at char 32), (line:1, col:33)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (344883 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-47495	1 Blockspare	1 Blockspare	2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blockspare Blockspare blockspare allows Stored XSS.This issue affects Blockspare: from n/a through <= 3.2.9.
CVE-2025-58875			2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sudar Muthu WP Github Gist wp-github-gist allows Stored XSS.This issue affects WP Github Gist: from n/a through <= 0.5.
CVE-2025-58876	1 Wordpress	1 Wordpress	2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ali Aghdam Aparat Video Shortcode aparat-shortcode allows Stored XSS.This issue affects Aparat Video Shortcode: from n/a through <= 0.2.4.
CVE-2025-53343	2 Goodlayers, Wordpress	2 Modernize, Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in GoodLayers Modernize modernize allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modernize: from n/a through <= 3.4.0.
CVE-2025-47497			2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Logo Showcase logo-showcase allows DOM-Based XSS.This issue affects Logo Showcase: from n/a through <= 3.0.4.
CVE-2025-58877	2 Javothemes, Wordpress	2 Javo Core, Wordpress	2026-04-15	7.5 High
Missing Authorization vulnerability in javothemes Javo Core javo-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Javo Core: from n/a through <= 3.0.0.529.
CVE-2025-66265	2 Megatec, Microsoft	2 Upsilon2000, Windows	2026-04-15	N/A
CMService.exe creates the C:\\usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files (such as snmp.conf) or hijack DLLs to escalate privileges.
CVE-2025-47500	1 Wordpress	1 Wordpress	2026-04-15	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks allows Stored XSS.This issue affects Stackable: from n/a through <= 3.19.5.
CVE-2025-47502			2026-04-15	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick van Wobbie Mollie Forms mollie-forms allows Stored XSS.This issue affects Mollie Forms: from n/a through <= 2.7.12.
CVE-2023-23823			2026-04-15	4.3 Medium
Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8.
CVE-2023-23868			2026-04-15	5.4 Medium
Missing Authorization vulnerability in WPFactory Cost of Goods for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost of Goods for WooCommerce: from n/a through 2.8.6.
CVE-2023-23975	1 Fullworksplugins	1 Quick Event Manager	2026-04-15	5.3 Medium
Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4.
CVE-2023-24375	2 Miniorange, Wordpress	2 Wordpress Social Login And Register (discord, Google, Twitter, Linkedin), Wordpress	2026-04-15	3.5 Low
Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.5.14.
CVE-2023-25035	1 Fullworksplugins	1 Quick Contact Form	2026-04-15	6.5 Medium
Missing Authorization vulnerability in Fullworks Quick Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Contact Form : from n/a through 8.0.3.1.
CVE-2023-25048	1 Fantastic Plugins	1 Fantastic Content Protector Free	2026-04-15	5.3 Medium
Missing Authorization vulnerability in Fantastic Plugins Fantastic Content Protector Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fantastic Content Protector Free: from n/a through 2.6.
CVE-2023-25060	1 Wp Onlinesupport Essential Plugin	1 Album And Image Gallery Plus Lightbox	2026-04-15	5.3 Medium
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Album and Image Gallery plus Lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Album and Image Gallery plus Lightbox: from n/a through 1.6.2.
CVE-2023-25791	1 Wordpress	1 Wordpress	2026-04-15	5.4 Medium
Missing Authorization vulnerability in Cadus Pro Fontiran allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fontiran: from n/a through 2.1.
CVE-2023-28168			2026-04-15	3.7 Low
Missing Authorization vulnerability in Jerod Santo WordPress Console allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Console: from n/a through 0.3.9.
CVE-2023-27454	2 Apollo13themes, Wordpress	2 Rife Elementor Extensions & Templates, Wordpress	2026-04-15	5.4 Medium
Missing Authorization vulnerability in Apollo13Themes Rife Elementor Extensions & Templates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rife Elementor Extensions & Templates: from n/a through 1.1.10.
CVE-2023-27625	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in Paul Ryley Site Reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through 6.5.0.

« first previous Page 282 of 17245. next last »