Export limit exceeded: 337207 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337207 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-26736 | 1 Totolink | 2 A3002ru-v3, A3002ru Firmware | 2026-03-09 | 8.8 High |
| TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the static_ipv6 parameter in the formIpv6Setup function. | ||||
| CVE-2026-22455 | 2 Foreverpinetree, Wordpress | 2 Thebe, Wordpress | 2026-03-09 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree Thebe thebe allows Reflected XSS.This issue affects Thebe: from n/a through <= 1.3.0. | ||||
| CVE-2026-22453 | 2 Themerex, Wordpress | 2 Pets Club, Wordpress | 2026-03-09 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in ThemeREX Pets Club petclub allows Object Injection.This issue affects Pets Club: from n/a through <= 2.3. | ||||
| CVE-2026-22451 | 2 Ancorathemes, Wordpress | 2 Handyman, Wordpress | 2026-03-09 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in AncoraThemes Handyman handyman-services allows Object Injection.This issue affects Handyman: from n/a through <= 1.4. | ||||
| CVE-2026-22446 | 2 Select-themes, Wordpress | 2 Prowess, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 1.8.1. | ||||
| CVE-2026-22442 | 2 Launchandsell, Wordpress | 2 Tribe, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LaunchandSell Tribe tribe allows PHP Local File Inclusion.This issue affects Tribe: from n/a through <= 1.7.3. | ||||
| CVE-2026-22440 | 2 Foreverpinetree, Wordpress | 2 Thecs, Wordpress | 2026-03-09 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree Thecs thecs allows Reflected XSS.This issue affects Thecs: from n/a through <= 1.4.7. | ||||
| CVE-2026-22438 | 2 Foreverpinetree, Wordpress | 2 Thebi, Wordpress | 2026-03-09 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree TheBi thebi allows Reflected XSS.This issue affects TheBi: from n/a through <= 1.0.5. | ||||
| CVE-2026-22436 | 2 Elated-themes, Wordpress | 2 Helvig, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Helvig helvig allows PHP Local File Inclusion.This issue affects Helvig: from n/a through <= 1.0. | ||||
| CVE-2026-22434 | 2 Ancorathemes, Wordpress | 2 Crown Art, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Crown Art crown-art allows PHP Local File Inclusion.This issue affects Crown Art: from n/a through <= 1.2.11. | ||||
| CVE-2026-22432 | 2 Ancorathemes, Wordpress | 2 Woopy, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Woopy woopy allows PHP Local File Inclusion.This issue affects Woopy: from n/a through <= 1.2. | ||||
| CVE-2026-22429 | 2 Mikado-themes, Wordpress | 2 Verdure, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Verdure verdure allows PHP Local File Inclusion.This issue affects Verdure: from n/a through <= 1.6. | ||||
| CVE-2026-22427 | 2 Mikado-themes, Wordpress | 2 Gotravel, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes GoTravel gotravel allows PHP Local File Inclusion.This issue affects GoTravel: from n/a through <= 2.1. | ||||
| CVE-2026-22424 | 2 Ancorathemes, Wordpress | 2 Shaha, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Shaha shaha allows PHP Local File Inclusion.This issue affects Shaha: from n/a through <= 1.1.2. | ||||
| CVE-2026-22421 | 2 Ancorathemes, Wordpress | 2 Quantum, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Quantum quantum allows PHP Local File Inclusion.This issue affects Quantum: from n/a through <= 1.0. | ||||
| CVE-2026-22419 | 2 Ancorathemes, Wordpress | 2 Honor, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Honor honor allows PHP Local File Inclusion.This issue affects Honor: from n/a through <= 2.3. | ||||
| CVE-2026-22417 | 2 Themegoods, Wordpress | 2 Grand Wedding, Wordpress | 2026-03-09 | 8.1 High |
| Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Wedding grandwedding allows Object Injection.This issue affects Grand Wedding: from n/a through <= 3.1.0. | ||||
| CVE-2026-22415 | 2 Ancorathemes, Wordpress | 2 The Mounty, Wordpress | 2026-03-09 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes The Mounty the-mounty allows PHP Local File Inclusion.This issue affects The Mounty: from n/a through <= 1.1. | ||||
| CVE-2025-69652 | 1 Gnu | 1 Binutils | 2026-03-09 | 6.2 Medium |
| GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service. | ||||
| CVE-2026-28716 | 1 Acronis | 1 Acronis Cyber Protect 17 | 2026-03-09 | N/A |
| Information disclosure and manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | ||||