CVE-2026-34904
7.5HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Analytify Simple Social Media Share Buttons allows Cross Site Request Forgery.This issue affects Simple Social Media Share Buttons: from n/a through ...
4/7/2026CWE-352
Sicherheitsdatenbank
SCHWACHSTELLEN
DATENBANK
Umfassende Datenbank von CVEs, Exploits aus Exploit-DB und dem CISA KEV-Katalog. Täglich aktualisiert.
CVEs
4K+
Exploits
2K+
KEV
69
Täglich
LIVE
Kritisch & Ausgenutzt
CRITICAL
CVE-2026-0740
The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary file uploads due to m...
CRITICAL
CVE-2026-35022
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in auth...
CRITICAL
CVE-2026-25371
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
CRITICAL
CVE-2018-25254
NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows ...
CRITICAL
CVE-2016-20052
Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attacke...
Aktuelle CVEs
CVE-2026-34903
5.4MEDIUM
Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3.
4/7/2026CWE-862
CVE-2026-34899
5.3MEDIUM
Missing Authorization vulnerability in Eniture technology LTL Freight Quotes – Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL ...
4/7/2026CWE-862
CVE-2026-34896
7.5HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Analytify Under Construction, Coming Soon & Maintenance Mode allows Cross Site Request Forgery.This issue affects Under Construction, Coming Soon & M...
4/7/2026CWE-352
CVE-2026-34197
NONE
Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bri...
4/7/2026CWE-20, CWE-94
CVE-2026-33227
NONE
Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. In two instances (when creating a Stomp consumer and...
4/7/2026CWE-22
Aktuelle Exploits
EDB-52465
webappsmultiple
WordPress Quiz Maker 6.7.0.56 - SQL Injection
CVE-2025-10042
Rahul Sreenivasan12/25/2025
EDB-52463
webappsmultiple
FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
CVE-2025-14558
Lukas Johannes Möller12/25/2025
EDB-52464
webappsmultiple
Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
CVE-2025-10493
0xsabre12/25/2025
EDB-52462
webappsmultiple
Summar Employee Portal 3.98.0 - Authenticated SQL Injection
CVE-2025-40677
Peter Gabaldon12/16/2025
EDB-52461
webappsmultiple
esm-dev 136 - Path Traversal
CVE-2025-59342
Byte Reaper12/16/2025
EDB-52460
webappsphp
Pluck 4.7.7-dev2 - PHP Code Execution
CVE-2018-11736
CodeSecLab12/8/2025
CISA KEV-Katalog
| CVE-ID | Anbieter | Produkt | Hinzugefügt | Ransomware |
|---|---|---|---|---|
| CVE-2026-35616 | Fortinet | FortiClient EMS | 2026-04-06 | - |
| CVE-2026-3502 | TrueConf | Client | 2026-04-02 | - |
| CVE-2026-5281 | Dawn | 2026-04-01 | - | |
| CVE-2026-3055 | Citrix | NetScaler | 2026-03-30 | - |
| CVE-2025-53521 | F5 | BIG-IP | 2026-03-27 | - |
Datenquellen
Diese Datenbank wird nur zu Bildungszwecken und für autorisierte Sicherheitsforschung bereitgestellt.