Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,755
Quick preset (or use dates below)
Clear Filters
Showing 10,501 - 10,520 of 14,604 CVEs
CVE-2026-28545 MEDIUM - 5.9

Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS
Published: Mar 05, 2026
Source: NVD
CVE-2026-28544 MEDIUM - 6.2

Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS
Published: Mar 05, 2026
Source: NVD
CVE-2026-28543 MEDIUM - 4.4

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS
Published: Mar 05, 2026
Source: NVD
CVE-2026-28541 MEDIUM - 4.0

Permission control vulnerability in the cellular_data module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS
Published: Mar 05, 2026
Source: NVD
CVE-2026-28540 MEDIUM - 4.0

Out-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: Huawei
Product: HarmonyOS
Published: Mar 05, 2026
Source: NVD
CVE-2026-28539 MEDIUM - 6.2

Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: Huawei
Product: HarmonyOS
Published: Mar 05, 2026
Source: NVD
CVE-2026-28538 MEDIUM - 5.9

Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS
Published: Mar 05, 2026
Source: NVD
CVE-2026-28537 MEDIUM - 5.1

Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS
Published: Mar 05, 2026
Source: NVD
CVE-2026-3072 MEDIUM - 4.3

The Media Library Assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mla_update_compat_fields_action() function in all versions up to, and including, 3.33. This makes it possible for authenticated attackers, with Subscriber-leve...

Published: Mar 05, 2026
Source: NVD
CVE-2026-30777 MEDIUM - 4.9

EC-CUBE provided by EC-CUBE CO.,LTD. contains a multi-factor authentication (MFA) bypass vulnerability. An attacker who has obtained a valid administrator ID and password may be able to bypass two-factor authentication and gain unauthorized access to the administrative page.

Vendor: EC-CUBE CO.,LTD.
Product: EC-CUBE 4.1 series, EC-CUBE 4.2 series, EC-CUBE 4.3 series
Published: Mar 05, 2026
Source: NVD
CVE-2026-29052 MEDIUM - 6.1

The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting (XSS) vulnerability in the Event Types of the HumHub Calendar module impacts users ...

Vendor: humhub
Product: calendar
Published: Mar 05, 2026
Source: NVD
CVE-2026-28104 MEDIUM - 6.5

Missing Authorization vulnerability in Aryan Shirani Bid Abadi Site Suggest site-suggest allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Site Suggest: from n/a through <= 1.3.9.

Vendor: Aryan Shirani Bid Abadi
Product: Site Suggest
Published: Mar 05, 2026
Source: NVD
CVE-2026-28078 MEDIUM - 4.9

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Stylemix uListing ulisting allows Path Traversal.This issue affects uListing: from n/a through <= 2.2.0.

Vendor: Stylemix
Product: uListing
Published: Mar 05, 2026
Source: NVD
CVE-2026-28071 MEDIUM - 6.3

Missing Authorization vulnerability in PixFort pixfort Core pixfort-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects pixfort Core: from n/a through <= 3.2.22.

Vendor: PixFort
Product: pixfort Core
Published: Mar 05, 2026
Source: NVD
CVE-2026-28038 MEDIUM - 6.5

Missing Authorization vulnerability in Brainstorm_Force Ultimate Addons for WPBakery Page Builder ultimate_vc_addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through <= 3.21.1.

Vendor: Brainstorm_Force
Product: Ultimate Addons for WPBakery Page Builder
Published: Mar 05, 2026
Source: NVD
CVE-2026-28036 MEDIUM - 6.4

Server-Side Request Forgery (SSRF) vulnerability in SkatDesign Ratatouille ratatouille allows Server Side Request Forgery.This issue affects Ratatouille: from n/a through <= 1.2.6.

Vendor: SkatDesign
Product: Ratatouille
Published: Mar 05, 2026
Source: NVD
CVE-2026-27982 MEDIUM - 4.3

An open redirect vulnerability exists in django-allauth versions prior to 65.14.1 when SAML IdP initiated SSO is enabled (it is disabled by default), which may allow an attacker to redirect users to an arbitrary external website via a crafted URL.

Vendor: allauth
Product: django-allauth
Published: Mar 05, 2026
Source: NVD
CVE-2026-27411 MEDIUM - 5.3

Guessable CAPTCHA vulnerability in jp-secure SiteGuard WP Plugin siteguard allows Functionality Bypass.This issue affects SiteGuard WP Plugin: from n/a through <= 1.7.9.

Vendor: jp-secure
Product: SiteGuard WP Plugin
Published: Mar 05, 2026
Source: NVD
CVE-2026-27362 MEDIUM - 6.5

Missing Authorization vulnerability in kamleshyadav WP Bakery Autoresponder Addon vc-autoresponder-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bakery Autoresponder Addon: from n/a through <= 1.0.6.

Vendor: kamleshyadav
Product: WP Bakery Autoresponder Addon
Published: Mar 05, 2026
Source: NVD
CVE-2026-27354 MEDIUM - 6.5

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace WooCommerce Coming Soon Product with Countdown woo-coming-soon-product allows Stored XSS.This issue affects WooCommerce Coming Soon Product with Countdown: from n/a through ...

Vendor: WebCodingPlace
Product: WooCommerce Coming Soon Product with Countdown
Published: Mar 05, 2026
Source: NVD