Export limit exceeded: 364424 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364424 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-29099 1 Elegantthemes 1 Divi 2026-01-28 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Elegant themes Divi theme <= 4.20.2 versions.
CVE-2025-27522 1 Apache 1 Inlong 2026-01-28 6.5 Medium
Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/11732
CVE-2025-14306 2 Robocode, Robocode Project 2 Robocode, Robocode 2026-01-28 9.1 Critical
A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by submitting specially crafted inputs that manipulate the file path, leading to potential unauthorized file deletions. https://robo-code.blogspot.com/
CVE-2023-21479 2 Google, Samsung 6 Android, Android, Mobile and 3 more 2026-01-28 5.3 Medium
Improper authorization in Smart suggestions prior to SMR Apr-2023 Release 1 in Android 13 and 4.1.01.0 in Android 12 allows remote attackers to register a schedule.
CVE-2025-46699 1 Dell 1 Data Protection Advisor 2026-01-28 4.3 Medium
Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
CVE-2024-43131 1 Wpwebelite 1 Docket 2026-01-28 7.5 High
Incorrect Authorization vulnerability in WPWeb Docket (WooCommerce Collections / Wishlist / Watchlist) allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Docket (WooCommerce Collections / Wishlist / Watchlist): from n/a before 1.7.0.
CVE-2024-39651 2 Wpweb, Wpwebelite 2 Woocommerce Pdf Vouchers, Woocommerce Pdf Vouchers 2026-01-28 8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPWeb WooCommerce PDF Vouchers allows File Manipulation.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.5.
CVE-2024-39652 1 Wpwebelite 1 Woocommerce Pdf Vouchers 2026-01-28 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPWeb Elite WooCommerce PDF Vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.5.
CVE-2025-13952 1 Imaginationtech 2 Ddk, Graphics Ddk 2026-01-28 9.8 Critical
A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. The shader code contained in the web page executes a path in the compiler that held onto an out of date pointer, pointing to a freed memory object.
CVE-2025-29448 1 Easyappointments 1 Easy\!appointments 2026-01-28 7.5 High
Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability.
CVE-2025-22603 2 Agpt, Significant-gravitas 2 Autogpt Platform, Autogpt 2026-01-28 8.1 High
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Versions prior to autogpt-platform-beta-v0.4.2 contains a server-side request forgery (SSRF) vulnerability inside component (or block) `Send Web Request`. The root cause is that IPV6 address is not restricted or filtered, which allows attackers to perform a server side request forgery to visit an IPV6 service. autogpt-platform-beta-v0.4.2 fixes the issue.
CVE-2025-63388 2 Dify, Langgenius 2 Dify, Dify 2026-01-28 9.1 Critical
A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/system-features endpoint. The endpoint implements an overly permissive CORS policy that reflects arbitrary Origin headers and sets Access-Control-Allow-Credentials: true, allowing any external domain to make authenticated cross-origin requests. NOTE: the Supplier disputes this, providing the rationale of "sending requests with credentials does not provide any additional access compared to unauthenticated requests."
CVE-2025-27063 1 Qualcomm 223 Csra6620, Csra6620 Firmware, Csra6640 and 220 more 2026-01-28 7.8 High
Memory corruption during video playback when video session open fails with time out error.
CVE-2025-47319 1 Qualcomm 237 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 234 more 2026-01-28 6.7 Medium
Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
CVE-2025-47322 1 Qualcomm 223 Ar8031, Ar8031 Firmware, Ar8035 and 220 more 2026-01-28 7.8 High
Memory corruption while handling IOCTL calls to set mode.
CVE-2025-47323 1 Qualcomm 357 Ar8035, Ar8035 Firmware, Csra6620 and 354 more 2026-01-28 7.8 High
Memory corruption while routing GPR packets between user and root when handling large data packet.
CVE-2025-47330 1 Qualcomm 447 Ar8031, Ar8031 Firmware, Ar8035 and 444 more 2026-01-28 5.5 Medium
Transient DOS while parsing video packets received from the video firmware.
CVE-2025-47331 1 Qualcomm 599 Ar8031, Ar8031 Firmware, Ar8035 and 596 more 2026-01-28 6.1 Medium
Information disclosure while processing a firmware event.
CVE-2025-47333 1 Qualcomm 479 Aqt1000, Aqt1000 Firmware, Ar8031 and 476 more 2026-01-28 6.6 Medium
Memory corruption while handling buffer mapping operations in the cryptographic driver.
CVE-2025-47348 1 Qualcomm 409 Aqt1000, Aqt1000 Firmware, Ar8035 and 406 more 2026-01-28 7.8 High
Memory corruption while processing identity credential operations in the trusted application.