Export limit exceeded: 336593 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (336593 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-47837 | 1 Reputeinfosystems | 1 Armember | 2025-05-29 | 8.3 High |
| Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10. | ||||
| CVE-2023-45760 | 1 Gvectors | 1 Wpdiscuz | 2025-05-29 | 4.3 Medium |
| Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.3. | ||||
| CVE-2024-30222 | 1 Reputeinfosystems | 1 Armember | 2025-05-29 | 8.5 High |
| Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26. | ||||
| CVE-2024-30223 | 1 Reputeinfosystems | 1 Armember | 2025-05-29 | 9 Critical |
| Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26. | ||||
| CVE-2024-35283 | 1 Mitel | 1 Micontact Center Business | 2025-05-29 | 6.1 Medium |
| A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting (XSS) attack due to insufficient input validation. | ||||
| CVE-2024-35284 | 1 Mitel | 1 Micontact Center Business | 2025-05-29 | 5.4 Medium |
| A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation. | ||||
| CVE-2024-36042 | 1 Silverpeas | 1 Silverpeas | 2025-05-29 | 9.8 Critical |
| Silverpeas before 6.3.5 allows authentication bypass by omitting the Password field to AuthenticationServlet, often providing an unauthenticated user with superadmin access. | ||||
| CVE-2024-4180 | 1 Stellarwp | 1 The Events Calendar | 2025-05-29 | 9.1 Critical |
| The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted content when rendering some views via AJAX. | ||||
| CVE-2024-4274 | 1 G5plus | 1 Essential Real Estate | 2025-05-29 | 4.3 Medium |
| The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax() function in all versions up to, and including, 4.4.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary attachments. | ||||
| CVE-2023-46310 | 1 Gvectors | 1 Wpdiscuz | 2025-05-29 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpDiscuz allows Code Injection.This issue affects wpDiscuz: from n/a through 7.6.10. | ||||
| CVE-2024-4273 | 1 G5plus | 1 Essential Real Estate | 2025-05-29 | 6.4 Medium |
| The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ere_property_map' shortcode in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2023-51667 | 1 Blazzdev | 1 Rate My Post | 2025-05-29 | 5.3 Medium |
| Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.2. | ||||
| CVE-2024-32715 | 1 Olivethemes | 1 Olive One Click Demo Import | 2025-05-29 | 5.3 Medium |
| Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | ||||
| CVE-2024-36302 | 1 Trendmicro | 1 Apex One | 2025-05-29 | 7.8 High |
| An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2024-36303. | ||||
| CVE-2023-46309 | 1 Gvectors | 1 Wpdiscuz | 2025-05-29 | 5.3 Medium |
| Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.10. | ||||
| CVE-2022-35772 | 1 Microsoft | 1 Azure Site Recovery Vmware To Azure | 2025-05-29 | 7.2 High |
| Azure Site Recovery Remote Code Execution Vulnerability | ||||
| CVE-2022-35771 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-05-29 | 7.8 High |
| Windows Defender Credential Guard Elevation of Privilege Vulnerability | ||||
| CVE-2022-35769 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-05-29 | 7.5 High |
| Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | ||||
| CVE-2022-35767 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-05-29 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2022-35766 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-05-29 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||