🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2019-25576 | High | 8.2 |
Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arb…
|
— | Mar 21, 2026 |
| CVE-2019-25578 | High | 8.2 |
phpTransformer 2016.9 contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL quer…
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2019-25580 | High | 8.2 |
ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL querie…
|
— | Mar 21, 2026 |
| CVE-2019-25581 | High | 8.2 |
i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL …
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2026-3629 | High | 8.1 |
The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up …
|
— | Mar 21, 2026 |
| CVE-2019-25552 | High | 7.5 |
CEWE PHOTO SHOW 6.4.3 contains a denial of service vulnerability that allows attackers to crash the application by submi…
|
— | Mar 21, 2026 |
| CVE-2019-25560 | High | 7.5 |
Lyric Video Creator 2.1 contains a denial of service vulnerability that allows attackers to crash the application by pro…
|
— | Mar 21, 2026 |
| CVE-2019-25579 | High | 7.5 |
phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbit…
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2026-4528 | High | 7.3 |
A vulnerability was determined in trueleaf ApiFlow 0.9.7. The impacted element is the function validateUrlSecurity of th…
|
— | Mar 21, 2026 |
| CVE-2019-25573 | High | 7.1 |
Green CMS 2.x contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queri…
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2026-26118 | High | 8.8 |
Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a networ…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-24283 | High | 8.8 |
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25177 | High | 8.8 |
Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized att…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25188 | High | 8.8 |
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an ad…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-3854 | High | 8.8 |
An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an …
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-20967 | High | 8.8 |
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-23654 | High | 8.8 |
Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unauthorized attacker to…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26114 | High | 8.8 |
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a ne…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26106 | High | 8.8 |
Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26116 | High | 8.8 |
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized …
|
✅ Patch | Mar 10, 2026 |