Recent
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published 2025-10-31 by microsoft
Silicon Labs Z-Wave PIR Sensor Joins Network as Non-Secure
Published 2025-10-31 by Silabs
LogicalDOC Community Edition Admin Login login.jsp excessive authentication
Published 2025-10-31 by VulDB
LogicalDOC Community Edition API Key creation UI cross site scripting
Published 2025-10-31 by VulDB
ELOG user profile missing authorization
Published 2025-10-31 by cisa-cg
ELOG configuration file authorization bypass
Published 2025-10-31 by cisa-cg
ELOG file upload stored XSS
Published 2025-10-31 by cisa-cg
Published 2025-10-31 by Liferay
Published 2025-10-31 by Liferay
Microsoft Configuration Manager Spoofing Vulnerability
Published 2025-10-31 by microsoft
Quadratic complexity in os.path.expandvars() with user-controlled template
Published 2025-10-31 by PSF
Missing Security Headers
Published 2025-10-31 by azure-access
Scripts for the module Global_Shipping executable on BRAIN2 Server
Published 2025-10-31 by bizerba
Unencrypted communication to Active Directory services
Published 2025-10-31 by bizerba
Insecure service configuration – unquoted path
Published 2025-10-31 by bizerba
Server Certificate Verification Disabled
Published 2025-10-31 by azure-access
Insufficient Password Policy
Published 2025-10-31 by azure-access
International Standards Organization ISO 15118-2 Improper Restriction of Communication Channel to Intended Endpoints
Published 2025-10-31 by icscert
Agno session state overwrites between different sessions/users
Published 2025-10-31 by GitHub_M
INCORRECT SECURITY VALIDATION IN SENDING UDP FRAMES
Published 2025-10-31 by S21sec
EXCHANGE OF SENSITIVE INFORMATION IN CLEAR TEXT
Published 2025-10-31 by S21sec
Denial of service through specific packets
Published 2025-10-31 by S21sec
CLICKJACKING
Published 2025-10-31 by S21sec
Published 2025-10-31 by Opera
Stored XSS vulnerability in Afterlogic Aurora webmail
Published 2025-10-31 by ESET
Analytify Pro <= 7.0.3 - Unauthenticated Information Exposure
Published 2025-10-31 by Wordfence
HIJACKING OF THE TOKEN AND GAINING ACCESS
Published 2025-10-31 by S21sec
IBM Jazz for Service Management is vulnerable to "filter" cookie not sent over SSL
Published 2025-10-31 by ibm
IBM InfoSphere Information Server is vulnerable to privilege escalation
Published 2025-10-31 by ibm
Nagios XI < 2024R1.1 XSS via Missing Page / 404
Published 2025-10-31 by VulnCheck
Denial-of-service vulnerability in ESET security products for Windows
Published 2025-10-31 by ESET
Incorrect removal of permissions on PCI device unplug
Published 2025-10-31 by XEN
x86: Incorrect input sanitisation in Viridian hypercalls
Published 2025-10-31 by XEN
x86: Incorrect input sanitisation in Viridian hypercalls
Published 2025-10-31 by XEN
WordPress Bard theme <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability
Published 2025-10-31 by Patchstack
WordPress Groundhogg plugin <= 4.2.6 - Cross Site Scripting (XSS) vulnerability
Published 2025-10-31 by Patchstack
WordPress MasterStudy LMS plugin <= 3.6.27 - SQL Injection vulnerability
Published 2025-10-31 by Patchstack
WordPress Ohio Extra plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability
Published 2025-10-31 by Patchstack
WordPress Masterstudy theme < 4.8.126 - Local File Inclusion vulnerability
Published 2025-10-31 by Patchstack
WordPress Kleo theme < 5.5.0 - Local File Inclusion vulnerability
Published 2025-10-31 by Patchstack
WordPress K Elements plugin < 5.5.0 - Cross Site Scripting (XSS) vulnerability
Published 2025-10-31 by Patchstack
WordPress Consulting Elementor Widgets plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability
Published 2025-10-31 by Patchstack
WordPress Consulting Elementor Widgets plugin <= 1.4.2 - Local File Inclusion vulnerability
Published 2025-10-31 by Patchstack
WordPress Consulting theme < 6.7.5 - Local File Inclusion vulnerability
Published 2025-10-31 by Patchstack
WordPress Smart Coupons for WooCommerce plugin <= 2.2.3 - Broken Access Control vulnerability
Published 2025-10-31 by Patchstack
WordPress Advanced Database Cleaner plugin <= 3.1.6 - Cross Site Request Forgery (CSRF) vulnerability
Published 2025-10-31 by Patchstack
WordPress Insert PHP Code Snippet plugin <= 1.4.3 - Broken Access Control vulnerability
Published 2025-10-31 by Patchstack
WordPress Gutenberg plugin <= 21.8.2 - Cross Site Scripting (XSS) vulnerability
Published 2025-10-31 by Patchstack
WordPress Polylang plugin <= 3.7.3 - Deserialization of untrusted data vulnerability
Published 2025-10-31 by Patchstack
WordPress Essential Addons for Elementor plugin <= 6.2.4 - Broken Access Control vulnerability
Published 2025-10-31 by Patchstack
WordPress Rank Math SEO plugin <= 1.0.252.1 - Sensitive Data Exposure vulnerability
Published 2025-10-31 by Patchstack
WordPress Rank Math SEO plugin <= 1.0.252.1 - Broken Access Control vulnerability
Published 2025-10-31 by Patchstack
Published 2025-10-31 by sonicwall
Untargeted information leak in Bolt protocol handshake
Published 2025-10-31 by Neo4j
Therefore™ Online and Therefore™ On-Premises contains an account impersonation issue, which could potentially allow the attacker to access all the stored data
Published 2025-10-31 by Canon_EMEA
comedi: fix divide-by-zero in comedi_buf_munge()
Published 2025-10-31 by Linux
WPC Name Your Price for WooCommerce <= 2.1.9 - Unauthenticated Price Alteration
Published 2025-10-31 by Wordfence
ERI File Library <= 1.1.0 - Missing Authorization to Unauthenticated Protected File Download
Published 2025-10-31 by Wordfence
Published 2025-10-31 by OX
Published 2025-10-31 by OX
Load more ↓