1.5t Brivo Mr355 CVEs and Security Vulnerabilities

Search

Expected end of text, found '.' (at char 33), (line:1, col:34)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (344908 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-24304	1 Microsoft	1 Azure Resource Manager	2026-04-16	9.9 Critical
Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.
CVE-2026-24523	1 Wordpress	1 Wordpress	2026-04-16	7.5 High
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus (aka @msykes) WP FullCalendar wp-fullcalendar allows Retrieve Embedded Sensitive Data.This issue affects WP FullCalendar: from n/a through <= 1.6.
CVE-2026-24524	1 Wordpress	1 Wordpress	2026-04-16	8.1 High
Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.2.6.
CVE-2026-24529	2 Alejandro, Wordpress	2 Quick Restaurant Reservations, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in Alejandro Quick Restaurant Reservations quick-restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Restaurant Reservations: from n/a through <= 1.6.7.
CVE-2026-24534	1 Wordpress	1 Wordpress	2026-04-16	8.8 High
Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booter: from n/a through <= 1.5.7.
CVE-2026-24536	2 Webpushr, Wordpress	2 Web Push Notifications, Wordpress	2026-04-16	7.5 High
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through <= 4.38.0.
CVE-2026-24539	2 Clickdatos, Wordpress	2 Proteccion De Datos Rgpd, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in ABCdatos Protección de datos – RGPD proteccion-datos-rgpd allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protección de datos – RGPD: from n/a through <= 0.68.
CVE-2026-24540	2 Prince, Wordpress	2 Integrate Google Drive, Wordpress	2026-04-16	5.4 Medium
Missing Authorization vulnerability in princeahmed Integrate Google Drive integrate-google-drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through <= 1.5.6.
CVE-2026-24541	2 Mkscripts, Wordpress	2 Download After Email, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in mkscripts Download After Email download-after-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download After Email: from n/a through <= 2.1.9.
CVE-2026-24542	1 Wordpress	1 Wordpress	2026-04-16	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in John James Jacoby WP Term Order wp-term-order allows Cross Site Request Forgery.This issue affects WP Term Order: from n/a through <= 2.1.0.
CVE-2026-24543	1 Wordpress	1 Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in Horea Radu Materialis Companion materialis-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Materialis Companion: from n/a through <= 1.3.52.
CVE-2026-24548	1 Wordpress	1 Wordpress	2026-04-16	5.3 Medium
Server-Side Request Forgery (SSRF) vulnerability in princeahmed Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through <= 2.0.91.
CVE-2026-24550	1 Wordpress	1 Wordpress	2026-04-16	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kaira Blockons blockons allows Stored XSS.This issue affects Blockons: from n/a through <= 1.2.19.
CVE-2026-24551	1 Wordpress	1 Wordpress	2026-04-16	5.4 Medium
Missing Authorization vulnerability in monetagwp Monetag Official Plugin monetag-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Monetag Official Plugin: from n/a through <= 1.1.3.
CVE-2026-24553	2 Dotstore, Wordpress	2 Fraud Prevention For Woocommerce, Wordpress	2026-04-16	4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dotstore Fraud Prevention For Woocommerce woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers allows Retrieve Embedded Sensitive Data.This issue affects Fraud Prevention For Woocommerce: from n/a through <= 2.3.2.
CVE-2026-24556	1 Wordpress	1 Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in wpdive ElementCamp element-camp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ElementCamp: from n/a through <= 2.3.2.
CVE-2026-24557	2 Wen Solutions, Wordpress	2 Contact Form 7 Getresponse Extension, Wordpress	2026-04-16	5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in WEN Solutions Contact Form 7 GetResponse Extension contact-form-7-getresponse-extension allows Retrieve Embedded Sensitive Data.This issue affects Contact Form 7 GetResponse Extension: from n/a through <= 1.0.8.
CVE-2026-6348			2026-04-16	8.8 High
WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine as well as on all hosts within the environment where the agent is installed.
CVE-2026-24560	2 Cloudinary, Wordpress	2 Cloudinary, Wordpress	2026-04-16	5.4 Medium
Missing Authorization vulnerability in Cloudinary Cloudinary cloudinary-image-management-and-manipulation-in-the-cloud-cdn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cloudinary: from n/a through <= 3.3.2.
CVE-2026-24561	1 Wordpress	1 Wordpress	2026-04-16	5.4 Medium
Missing Authorization vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through <= 1.91.1.

« first previous Page 4 of 17246. next last »