🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-33493 | High | 7.1 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `objects/import.json.php` endpoi…
|
⚡ Exploit ✅ Patch | Mar 23, 2026 |
| CVE-2026-4603 | Medium | 5.9 |
Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsi…
|
⚡ Exploit ✅ Patch | Mar 23, 2026 |
| CVE-2019-25596 | Medium | 6.2 |
SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local attackers to c…
|
⚡ Exploit | Mar 22, 2026 |
| CVE-2019-25578 | High | 8.2 |
phpTransformer 2016.9 contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL quer…
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2019-25581 | High | 8.2 |
i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL …
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2019-25579 | High | 7.5 |
phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbit…
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2019-25573 | High | 7.1 |
Green CMS 2.x contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queri…
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2019-25546 | Medium | 6.2 |
NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the …
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2019-25547 | Medium | 6.2 |
NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash…
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2019-25551 | Medium | 6.2 |
Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supply…
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2026-33136 | Critical | 9.3 |
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting (XSS)…
|
⚡ Exploit ✅ Patch | Mar 20, 2026 |
| CVE-2026-33135 | Critical | 9.3 |
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting (XSS)…
|
⚡ Exploit ✅ Patch | Mar 20, 2026 |
| CVE-2026-33129 | Medium | 5.9 |
H3 is a minimal H(TTP) framework. Versions 2.0.1-beta.0 through 2.0.0-rc.8 contain a Timing Side-Channel vulnerability i…
|
⚡ Exploit ✅ Patch | Mar 20, 2026 |
| CVE-2026-28495 | Critical | 9.6 |
GetSimple CMS is a content management system. The massiveAdmin plugin (v6.0.3) bundled with GetSimpleCMS-CE v3.3.22 allo…
|
⚡ Exploit ✅ Patch | Mar 10, 2026 |
| CVE-2026-28513 | High | 8.5 |
Pocket ID is an OIDC provider that allows users to authenticate with their passkeys to your services. Prior to 2.4.0, th…
|
⚡ Exploit ✅ Patch | Mar 10, 2026 |
| CVE-2026-26308 | High | 7.5 |
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC (Rol…
|
⚡ Exploit ✅ Patch | Mar 10, 2026 |
| CVE-2026-30958 | High | 7.2 |
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, an unauthenticated path traversal…
|
⚡ Exploit ✅ Patch | Mar 10, 2026 |
| CVE-2023-41974 | Critical | 9.0 |
Apple iOS and iPadOS Use-After-Free Vulnerability — Apple iOS and iPadOS contain a use-after-free vulnerability. An app …
|
⚡ Exploit ✅ Patch | Mar 5, 2026 |
| CVE-2021-30952 | Critical | 9.0 |
Apple Multiple Products Integer Overflow or Wraparound Vulnerability — Apple tvOS, macOS, Safari, iPadOS and watchOS con…
|
⚡ Exploit ✅ Patch | Mar 5, 2026 |
| CVE-2017-7921 | Critical | 9.0 |
Hikvision Multiple Products Improper Authentication Vulnerability — Multiple Hikvision products contain an improper auth…
|
⚡ Exploit ✅ Patch | Mar 5, 2026 |