Total
332481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-47330 | 1 Qualcomm | 446 Ar8031, Ar8031 Firmware, Ar8035 and 443 more | 2026-01-28 | N/A | 5.5 MEDIUM |
| Transient DOS while parsing video packets received from the video firmware. | |||||
| CVE-2025-47331 | 1 Qualcomm | 598 Ar8031, Ar8031 Firmware, Ar8035 and 595 more | 2026-01-28 | N/A | 6.1 MEDIUM |
| Information disclosure while processing a firmware event. | |||||
| CVE-2025-47333 | 1 Qualcomm | 478 Aqt1000, Aqt1000 Firmware, Ar8031 and 475 more | 2026-01-28 | N/A | 6.6 MEDIUM |
| Memory corruption while handling buffer mapping operations in the cryptographic driver. | |||||
| CVE-2026-1448 | 1 Dlink | 2 Dir-615, Dir-615 Firmware | 2026-01-28 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was detected in D-Link DIR-615 up to 4.10. This impacts an unknown function of the file /wiz_policy_3_machine.php of the component Web Management Interface. Performing a manipulation of the argument ipaddr results in os command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2026-24525 | 2026-01-28 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through <= 1.0.2. | |||||
| CVE-2025-69076 | 2026-01-28 | N/A | 8.1 HIGH | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Modern Housewife modernhousewife allows PHP Local File Inclusion.This issue affects Modern Housewife: from n/a through <= 1.0.12. | |||||
| CVE-2025-68869 | 2026-01-28 | N/A | 9.8 CRITICAL | ||
| Incorrect Privilege Assignment vulnerability in LazyCoders LLC LazyTasks lazytasks-project-task-management allows Privilege Escalation.This issue affects LazyTasks: from n/a through <= 1.4.01. | |||||
| CVE-2025-68507 | 2026-01-28 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Icegram Icegram icegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram: from n/a through <= 3.1.35. | |||||
| CVE-2025-68073 | 2026-01-28 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through <= 2.7.4. | |||||
| CVE-2025-68072 | 2026-01-28 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Merv Barrett Easy Property Listings easy-property-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Property Listings: from n/a through <= 3.5.17. | |||||
| CVE-2025-47348 | 1 Qualcomm | 408 Aqt1000, Aqt1000 Firmware, Ar8035 and 405 more | 2026-01-28 | N/A | 7.8 HIGH |
| Memory corruption while processing identity credential operations in the trusted application. | |||||
| CVE-2026-24477 | 1 Mintplexlabs | 1 Anythingllm | 2026-01-28 | N/A | 7.5 HIGH |
| AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to version 1.10.0 is configured to use Qdrant as the vector database with an API key, this QdrantApiKey could be exposed in plain text to unauthenticated users via the `/api/setup-complete` endpoint. Leakage of QdrantApiKey allows an unauthenticated attacker full read/write access to the Qdrant vector database instance used by AnythingLLM. Since Qdrant often stores the core knowledge base for RAG in AnythingLLM, this can lead to complete compromise of the semantic search / retrieval functionality and indirect leakage of confidential uploaded documents. Version 1.10.0 patches the issue. | |||||
| CVE-2024-54383 | 1 Wpwebelite | 1 Woocommerce Pdf Vouchers | 2026-01-28 | N/A | 9.8 CRITICAL |
| Incorrect Privilege Assignment vulnerability in wpweb WooCommerce PDF Vouchers allows Privilege Escalation.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.9. | |||||
| CVE-2026-24478 | 1 Mintplexlabs | 1 Anythingllm | 2026-01-28 | N/A | 7.2 HIGH |
| AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.10.0, a critical Path Traversal vulnerability in the DrupalWiki integration allows a malicious admin (or an attacker who can convince an admin to configure a malicious DrupalWiki URL) to write arbitrary files to the server. This can lead to Remote Code Execution (RCE) by overwriting configuration files or writing executable scripts. Version 1.10.0 fixes the issue. | |||||
| CVE-2022-36943 | 1 Ziparchive Project | 1 Ziparchive | 2026-01-28 | N/A | 8.1 HIGH |
| SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item. | |||||
| CVE-2023-28689 | 1 Joomsky | 1 Js Job Manager | 2026-01-28 | N/A | 6.5 MEDIUM |
| Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through 2.0.0. | |||||
| CVE-2023-25993 | 1 Webberzone | 1 Top 10 | 2026-01-28 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in WebberZone Top 10 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Top 10: from n/a through 3.2.3. | |||||
| CVE-2025-47382 | 1 Qualcomm | 198 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 195 more | 2026-01-28 | N/A | 7.8 HIGH |
| Memory corruption while loading an invalid firmware in boot loader. | |||||
| CVE-2025-47387 | 1 Qualcomm | 90 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 87 more | 2026-01-28 | N/A | 7.8 HIGH |
| Memory Corruption when processing IOCTLs for JPEG data without verification. | |||||
| CVE-2025-47332 | 1 Qualcomm | 148 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 145 more | 2026-01-28 | N/A | 6.7 MEDIUM |
| Memory corruption while processing a config call from userspace. | |||||