Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

21246
Total
1526
Critical
6466
High
6753
Medium
CVE ID Severity Score Description Published
CVE-2026-49287 HIGH 7.4 Statamic is a Laravel and Git powered content management system (CMS). Prior to 5.73.23 and 6.20.0, the fix for CVE-2026-41175 was incomplete. It addressed the … Jun 19, 2026
CVE-2026-49286 HIGH 8.1 PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, `pontedilana/php-weasyprint` guarded the output filename against … Jun 19, 2026
CVE-2026-49271 MEDIUM 6.5 libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using … Jun 19, 2026
CVE-2019-25762 HIGH 7.5 Joomla! Component JoomProject 1.1.3.2 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive user data by exploiting the projects endpoint. Attackers can … Jun 19, 2026
CVE-2019-25761 HIGH 7.1 Joomla! Component JoomCRM 1.1.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the deal_id … Jun 19, 2026
CVE-2019-25760 MEDIUM 6.2 Joomla! Component Easy Shop 1.2.3 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by supplying base64-encoded file paths. Attackers … Jun 19, 2026
CVE-2019-25759 HIGH 7.1 Joomla! Component vBizz 1.0.7 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the payid … Jun 19, 2026
CVE-2019-25758 HIGH 8.8 Joomla! Component vBizz 1.0.7 contains an unrestricted file upload vulnerability that allows authenticated attackers to upload arbitrary PHP files by submitting malicious files through the … Jun 19, 2026
CVE-2019-25757 HIGH 7.1 Joomla vWishlist 1.0.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the vproductid and … Jun 19, 2026
CVE-2019-25756 HIGH 8.2 Joomla! Component vAccount 2.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the vid … Jun 19, 2026
CVE-2019-25755 HIGH 8.2 Joomla Component vReview 1.9.11 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cmId … Jun 19, 2026
CVE-2019-25754 HIGH 8.2 Joomla Component vRestaurant 1.9.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keysearch … Jun 19, 2026
CVE-2019-25753 HIGH 8.2 Joomla! Component VMap 1.9.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the latlngbound … Jun 19, 2026
CVE-2019-25752 HIGH 8.2 Joomla! Component J-BusinessDirectory 4.9.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the type … Jun 19, 2026
CVE-2019-25751 HIGH 8.2 Joomla Component J-ClassifiedsManager 3.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. … Jun 19, 2026
CVE-2019-25750 HIGH 8.2 Joomla Component J-MultipleHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hotel_id … Jun 19, 2026
CVE-2019-25749 HIGH 7.1 Joomla J-CruisePortal 6.0.4 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the guest_adult parameter. … Jun 19, 2026
CVE-2026-56211 HIGH 7.1 A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC (Scalable Video Coding) … Jun 19, 2026
CVE-2026-56210 HIGH 7.1 A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID … Jun 19, 2026
CVE-2026-56209 HIGH 7.1 An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer … Jun 19, 2026
CVE-2026-56208 HIGH 7.6 A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing (LAP) mode causes … Jun 19, 2026
CVE-2026-51846 UNKNOWN In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution. Jun 19, 2026
CVE-2026-51845 UNKNOWN Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter. Jun 19, 2026
CVE-2026-51844 UNKNOWN Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter. Jun 19, 2026
CVE-2026-51843 UNKNOWN Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter. Jun 19, 2026