Export limit exceeded: 10503 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10503 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-65073 | 1 Openstack | 1 Keystone | 2026-04-15 | 7.5 High |
| OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization. | ||||
| CVE-2024-36055 | 2026-04-15 | 5.5 Medium | ||
| Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily map physical memory with read/write access via the MmMapIoSpace API (IOCTL 0x9c40a4f8, 0x9c40a4e8, 0x9c40a4c0, 0x9c40a4c4, 0x9c40a4ec, and seven others), leading to a denial of service (BSOD). | ||||
| CVE-2023-44988 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through 7.32. | ||||
| CVE-2023-45002 | 2 Wedevs, Wordpress | 2 Wp User Frontend, Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through 3.6.8. | ||||
| CVE-2023-45110 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in BoldThemes Bold Timeline Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Timeline Lite: from n/a through 1.1.9. | ||||
| CVE-2023-45271 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in WowStore Team ProductX – Gutenberg WooCommerce Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProductX – Gutenberg WooCommerce Blocks: from n/a through 2.7.8. | ||||
| CVE-2023-45275 | 2026-04-15 | 6.5 Medium | ||
| Missing Authorization vulnerability in Kali Forms Contact Form builder with drag & drop - Kali Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form builder with drag & drop - Kali Forms: from n/a through 2.3.28. | ||||
| CVE-2023-4617 | 2026-04-15 | 10 Critical | ||
| Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values. This issue affects Govee Home applications on Android and iOS in versions before 5.9. | ||||
| CVE-2023-46188 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Freesoul Deactivate Plugins – Plugin manager and cleanup: from n/a through 2.1.3. | ||||
| CVE-2023-46195 | 2026-04-15 | 6.5 Medium | ||
| Missing Authorization vulnerability in CoSchedule Headline Analyzer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Headline Analyzer: from n/a through 1.3.1. | ||||
| CVE-2023-46196 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social proof testimonials and reviews by Repuso: from n/a through 4.97. | ||||
| CVE-2023-46203 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in JustCoded / Alex Prokopenko Just Custom Fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Just Custom Fields: from n/a through 3.3.2. | ||||
| CVE-2025-62924 | 2 Pickplugins, Wordpress | 2 Post Grid, Wordpress | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.17. | ||||
| CVE-2025-62946 | 2 Everestthemes, Wordpress | 2 Everest Backup, Wordpress | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in everestthemes Everest Backup everest-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Everest Backup: from n/a through <= 2.3.8. | ||||
| CVE-2025-66005 | 1 Shadowblip | 1 Inputplumber | 2026-04-15 | N/A |
| Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session. | ||||
| CVE-2025-63025 | 2 Wordpress, Xagio | 2 Wordpress, Xagio Seo | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Xagio SEO Xagio SEO xagio-seo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xagio SEO: from n/a through <= 7.1.0.35. | ||||
| CVE-2023-46644 | 2026-04-15 | 6.5 Medium | ||
| Missing Authorization vulnerability in WP CTA PRO WordPress CTA allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress CTA: from n/a through 1.5.8. | ||||
| CVE-2025-6720 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.3 Medium |
| The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clear_all_log() function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to clear log files. | ||||
| CVE-2025-62976 | 2 Joovii, Wordpress | 2 Sendle Shipping, Wordpress | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Joovii Sendle Shipping official-sendle-shipping-method allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Sendle Shipping: from n/a through <= 6.02. | ||||
| CVE-2025-62978 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Kiotviet KiotViet Sync kiotvietsync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KiotViet Sync: from n/a through <= 1.8.5. | ||||