Total CVEs

141,292

Critical Severity

3,799

High Severity

13,738

Last 7 Days

1,844
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 8,741 - 8,760 of 13,828 CVEs
CVE-2019-25585 MEDIUM - 6.2

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash.

Vendor: Dev
Product: Deluge
Published: Mar 22, 2026
Source: NVD
CVE-2019-25584 MEDIUM - 6.2

RarmaRadio 2.72.3 contains a buffer overflow vulnerability in the Server field of the Network settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a malicious payload exceeding 4000 bytes into the Server field via the Settings men...

Vendor: Raimersoft
Product: RarmaRadio
Published: Mar 22, 2026
Source: NVD
CVE-2019-25583 MEDIUM - 6.2

RarmaRadio 2.72.3 contains a denial of service vulnerability in the Username field that allows local attackers to crash the application by submitting excessively long input. Attackers can paste a buffer of 5000 bytes into the Username field via Settings > Network to trigger an application crash.

Vendor: Raimersoft
Product: RarmaRadio
Published: Mar 22, 2026
Source: NVD
CVE-2026-4530 MEDIUM - 5.3

A security flaw has been discovered in apconw Aix-DB up to 1.2.3. This impacts an unknown function of the file agent/text2sql/rag/terminology_retriever.py. Performing a manipulation of the argument Description results in sql injection. The attack requires a local approach. The exploit has been relea...

Published: Mar 22, 2026
Source: NVD
CVE-2026-2756 MEDIUM - 5.0

A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308. This affects an unknown function of the component BLE Interface. Such manipulation leads to missing authentication. The attack can only be initiated within the local network. This attack is characterized by high complex...

Published: Mar 21, 2026
Source: NVD
CVE-2019-25582 MEDIUM - 6.5

i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensitive files by manipulating the file parameter in index.php. Attackers can send GET requests to index.php with file_manager=image and supply arbitrary file paths like src/config.inc...

Vendor: I-Doit
Product: doit CMDB
Published: Mar 21, 2026
Source: NVD
CVE-2019-25577 MEDIUM - 5.5

SeoToaster Ecommerce 3.0.0 contains a local file inclusion vulnerability that allows authenticated attackers to read arbitrary files by manipulating path parameters in backend theme endpoints. Attackers can send POST requests to /backend/backend_theme/editcss/ or /backend/backend_theme/editjs/ with ...

Vendor: Seotoaster
Product: SeoToaster Ecommerce
Published: Mar 21, 2026
Source: NVD
CVE-2019-25574 MEDIUM - 6.5

Green CMS 2.x contains a path traversal vulnerability that allows authenticated attackers to download arbitrary files and directories by injecting directory traversal sequences. Attackers can manipulate the theme_name parameter in the themeexporthandle action or supply base64-encoded file paths to t...

Vendor: Greencms
Product: Green CMS
Published: Mar 21, 2026
Source: NVD
CVE-2026-4516 MEDIUM - 6.3

A vulnerability was found in Foundation Agents MetaGPT up to 0.8.1. This vulnerability affects unknown code of the file metagpt/actions/di/write_analysis_code.py of the component DataInterpreter. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has bee...

Published: Mar 21, 2026
Source: NVD
CVE-2019-25572 MEDIUM - 6.2

NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash.

Vendor: Nordvpn
Product: NordVPN
Published: Mar 21, 2026
Source: NVD
CVE-2019-25571 MEDIUM - 6.2

MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a UR...

Vendor: Mediamonkey
Product: MediaMonkey
Published: Mar 21, 2026
Source: NVD
CVE-2019-25570 MEDIUM - 5.5

RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger ...

Vendor: Realterm
Product: RealTerm: Serial Terminal
Published: Mar 21, 2026
Source: NVD
CVE-2019-25569 MEDIUM - 6.2

RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulnerability in the Echo Port field that allows local attackers to crash the application by triggering a structured exception handler (SEH) chain corruption. Attackers can craft a malicious input string with 268 bytes of paddi...

Vendor: Realterm
Product: RealTerm: Serial Terminal
Published: Mar 21, 2026
Source: NVD
CVE-2019-25567 MEDIUM - 6.2

Valentina Studio 9.0.5 Linux contains a buffer overflow vulnerability in the Host field of the connection dialog that allows local attackers to crash the application by supplying an oversized input string. Attackers can trigger the vulnerability by pasting a crafted buffer exceeding 264 bytes into t...

Vendor: Valentina-Db
Product: Valentina Studio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25566 MEDIUM - 6.2

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during disk ...

Vendor: Acutesystems
Product: TransMac
Published: Mar 21, 2026
Source: NVD
CVE-2019-25565 MEDIUM - 6.2

Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field during ...

Vendor: Magiciso
Product: Magic Iso Maker
Published: Mar 21, 2026
Source: NVD
CVE-2019-25564 MEDIUM - 5.5

PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Group field. Attackers can paste a buffer overflow payload into the Group property field and click Ok to trigger an application crash.

Vendor: Uvnc
Product: PCHelpWareV2
Published: Mar 21, 2026
Source: NVD
CVE-2019-25563 MEDIUM - 6.2

PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying a malformed image file. Attackers can trigger the vulnerability through the Create SC feature by selecting a crafted BMP file with an oversized buffer, causing the applic...

Vendor: Uvnc
Product: PCHelpWareV2
Published: Mar 21, 2026
Source: NVD
CVE-2019-25562 MEDIUM - 5.5

jetAudio 8.1.7 contains a buffer overflow vulnerability in the video converter component that allows local attackers to crash the application by supplying an oversized string in the File Naming field. Attackers can paste a malicious buffer of 512 bytes into the File Naming parameter and trigger the ...

Vendor: Jetaudio
Product: Convert Video jetAudio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25561 MEDIUM - 6.2

Lyric Maker 2.0.1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Title field. Attackers can paste a 5000-byte buffer into the Title input field and save the file to trigger a denial of service condition.

Vendor: Jetaudio
Product: Lyric Maker
Published: Mar 21, 2026
Source: NVD