Total CVEs

142,518

Critical Severity

3,992

High Severity

14,327

Last 7 Days

1,829
Quick preset (or use dates below)
Clear Filters
Showing 13,741 - 13,760 of 14,756 CVEs
CVE-2025-13627 MEDIUM - 4.4

The Makesweat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'makesweat_clubid' setting in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-le...

Published: Jan 14, 2026
Source: NVD
CVE-2025-12178 MEDIUM - 6.4

The SpiceForms Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'spiceforms' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenti...

Published: Jan 14, 2026
Source: NVD
CVE-2026-22718 MEDIUM - 6.8

The VSCode extension for Spring CLI are vulnerable to command injection, resulting in command execution on the users machine.

Published: Jan 14, 2026
Source: NVD
CVE-2025-68970 MEDIUM - 5.5

Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: huawei
Product: emui
Published: Jan 14, 2026
Source: NVD
CVE-2025-68969 MEDIUM - 4.7

Multi-thread race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68967 MEDIUM - 5.5

Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68966 MEDIUM - 5.5

Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68965 MEDIUM - 5.5

Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68964 MEDIUM - 5.5

Data verification vulnerability in the HiView module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68963 MEDIUM - 5.3

Man-in-the-middle attack vulnerability in the Clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: huawei
Product: emui
Published: Jan 14, 2026
Source: NVD
CVE-2025-68962 MEDIUM - 4.7

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68961 MEDIUM - 4.7

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68960 MEDIUM - 4.7

Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68959 MEDIUM - 5.5

Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: huawei
Product: emui
Published: Jan 14, 2026
Source: NVD
CVE-2025-68958 MEDIUM - 4.7

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68957 MEDIUM - 4.7

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68956 MEDIUM - 4.7

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2025-68955 MEDIUM - 4.7

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: huawei
Product: harmonyos
Published: Jan 14, 2026
Source: NVD
CVE-2026-0716 MEDIUM - 4.8

A flaw was found in libsoupโ€™s WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read memory outside the intended bounds. This can cause unintended memory exposure or a crash. Applicatio...

Published: Jan 13, 2026
Source: NVD
CVE-2023-54341 MEDIUM - 6.1

Webgrind 1.1 and before contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts via the file parameter in index.php. The application does not sufficiently encode user-controlled inputs, allowing attackers to execute arbitrary JavaScri...

Published: Jan 13, 2026
Source: NVD