Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

21246
Total
1526
Critical
6466
High
6753
Medium
CVE ID Severity Score Description Published
CVE-2026-49260 HIGH 8.2 PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.5.1, `pontedilana/php-weasyprint` builds the shell command for … Jun 19, 2026
CVE-2026-3196 MEDIUM 5.5 An integer overflow vulnerability was found in the virtio-snd device via PCM_INFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially … Jun 19, 2026
CVE-2026-3195 HIGH 7.4 A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the `virtio_snd_pcm_in_cb` function did not check whether the iov … Jun 19, 2026
CVE-2019-25748 HIGH 8.2 Joomla JHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rooms parameter. … Jun 19, 2026
CVE-2017-20282 HIGH 8.2 Joomla! Component jCart for OpenCart 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the … Jun 19, 2026
CVE-2017-20281 HIGH 8.2 Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the establename … Jun 19, 2026
CVE-2017-20280 HIGH 8.2 Joomla Component Myportfolio 3.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the pid parameter. … Jun 19, 2026
CVE-2017-20279 HIGH 8.2 Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers … Jun 19, 2026
CVE-2017-20278 HIGH 8.2 Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. … Jun 19, 2026
CVE-2017-20277 HIGH 8.2 Joomla JoomRecipe 1.0.4 component contains a blind SQL injection vulnerability in the search_author parameter on the search results page. Attackers can inject SQL code through … Jun 19, 2026
CVE-2017-20276 HIGH 8.2 Joomla! Component SIMGenealogy 2.1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the type parameter. … Jun 19, 2026
CVE-2017-20275 HIGH 8.2 Joomla! Component PHP-Bridge 1.2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id … Jun 19, 2026
CVE-2017-20274 HIGH 8.2 Joomla LMS King Professional 3.2.4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cp_id … Jun 19, 2026
CVE-2017-20273 HIGH 8.2 Joomla Event Registration Pro Calendar 4.1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through … Jun 19, 2026
CVE-2017-20272 HIGH 8.2 Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the … Jun 19, 2026
CVE-2017-20271 HIGH 8.2 Joomla StreetGuessr Game 1.1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the catid … Jun 19, 2026
CVE-2017-20270 HIGH 8.2 Joomla! Component Twitch Tv 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the … Jun 19, 2026
CVE-2017-20269 HIGH 8.2 Joomla! Component KissGallery 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the component URL path. Attackers can supply … Jun 19, 2026
CVE-2017-20268 HIGH 8.2 Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through … Jun 19, 2026
CVE-2026-12622 UNKNOWN The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission. This issue affects GridTime 3000: from 1.0r0.03 through … Jun 19, 2026
CVE-2026-12621 UNKNOWN Improper neutralization of input during web page generation XSS vulnerability in the GridTime 3000 (password reset form) allows XSS. This issue affects GridTime 3000: from … Jun 19, 2026
CVE-2026-12620 UNKNOWN The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through … Jun 19, 2026
CVE-2026-12619 UNKNOWN Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting (XSS). This issue affects GridTime … Jun 19, 2026
CVE-2017-20267 HIGH 8.2 Joomla! Component Calendar Planner 1.0.1 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the category_id parameter. Attackers can send … Jun 19, 2026
CVE-2017-20266 HIGH 8.2 Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the … Jun 19, 2026