Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

21880
Total
1559
Critical
6647
High
6994
Medium
CVE ID Severity Score Description Published
CVE-2019-25749 HIGH 7.1 Joomla J-CruisePortal 6.0.4 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the guest_adult parameter. … Jun 19, 2026
CVE-2026-56211 HIGH 7.1 A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC (Scalable Video Coding) … Jun 19, 2026
CVE-2026-56210 HIGH 7.1 A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID … Jun 19, 2026
CVE-2026-56209 HIGH 7.1 An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer … Jun 19, 2026
CVE-2026-56208 HIGH 7.6 A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing (LAP) mode causes … Jun 19, 2026
CVE-2026-51846 UNKNOWN In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution. Jun 19, 2026
CVE-2026-51845 UNKNOWN Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter. Jun 19, 2026
CVE-2026-51844 UNKNOWN Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter. Jun 19, 2026
CVE-2026-51843 UNKNOWN Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter. Jun 19, 2026
CVE-2026-49260 HIGH 8.2 PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.5.1, `pontedilana/php-weasyprint` builds the shell command for … Jun 19, 2026
CVE-2026-3196 MEDIUM 5.5 An integer overflow vulnerability was found in the virtio-snd device via PCM_INFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially … Jun 19, 2026
CVE-2026-3195 HIGH 7.4 A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the `virtio_snd_pcm_in_cb` function did not check whether the iov … Jun 19, 2026
CVE-2019-25748 HIGH 8.2 Joomla JHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rooms parameter. … Jun 19, 2026
CVE-2017-20282 HIGH 8.2 Joomla! Component jCart for OpenCart 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the … Jun 19, 2026
CVE-2017-20281 HIGH 8.2 Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the establename … Jun 19, 2026
CVE-2017-20280 HIGH 8.2 Joomla Component Myportfolio 3.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the pid parameter. … Jun 19, 2026
CVE-2017-20279 HIGH 8.2 Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers … Jun 19, 2026
CVE-2017-20278 HIGH 8.2 Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. … Jun 19, 2026
CVE-2017-20277 HIGH 8.2 Joomla JoomRecipe 1.0.4 component contains a blind SQL injection vulnerability in the search_author parameter on the search results page. Attackers can inject SQL code through … Jun 19, 2026
CVE-2017-20276 HIGH 8.2 Joomla! Component SIMGenealogy 2.1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the type parameter. … Jun 19, 2026
CVE-2017-20275 HIGH 8.2 Joomla! Component PHP-Bridge 1.2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id … Jun 19, 2026
CVE-2017-20274 HIGH 8.2 Joomla LMS King Professional 3.2.4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cp_id … Jun 19, 2026
CVE-2017-20273 HIGH 8.2 Joomla Event Registration Pro Calendar 4.1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through … Jun 19, 2026
CVE-2017-20272 HIGH 8.2 Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the … Jun 19, 2026
CVE-2017-20271 HIGH 8.2 Joomla StreetGuessr Game 1.1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the catid … Jun 19, 2026