Total CVEs

141,272

Critical Severity

3,795

High Severity

13,729

Last 7 Days

1,917
Quick preset (or use dates below)
Clear Filters
Showing 8,741 - 8,760 of 14,204 CVEs
CVE-2019-25574 MEDIUM - 6.5

Green CMS 2.x contains a path traversal vulnerability that allows authenticated attackers to download arbitrary files and directories by injecting directory traversal sequences. Attackers can manipulate the theme_name parameter in the themeexporthandle action or supply base64-encoded file paths to t...

Vendor: Greencms
Product: Green CMS
Published: Mar 21, 2026
Source: NVD
CVE-2026-4516 MEDIUM - 6.3

A vulnerability was found in Foundation Agents MetaGPT up to 0.8.1. This vulnerability affects unknown code of the file metagpt/actions/di/write_analysis_code.py of the component DataInterpreter. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has bee...

Published: Mar 21, 2026
Source: NVD
CVE-2019-25572 MEDIUM - 6.2

NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash.

Vendor: Nordvpn
Product: NordVPN
Published: Mar 21, 2026
Source: NVD
CVE-2019-25571 MEDIUM - 6.2

MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a UR...

Vendor: Mediamonkey
Product: MediaMonkey
Published: Mar 21, 2026
Source: NVD
CVE-2019-25570 MEDIUM - 5.5

RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger ...

Vendor: Realterm
Product: RealTerm: Serial Terminal
Published: Mar 21, 2026
Source: NVD
CVE-2019-25569 MEDIUM - 6.2

RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulnerability in the Echo Port field that allows local attackers to crash the application by triggering a structured exception handler (SEH) chain corruption. Attackers can craft a malicious input string with 268 bytes of paddi...

Vendor: Realterm
Product: RealTerm: Serial Terminal
Published: Mar 21, 2026
Source: NVD
CVE-2019-25567 MEDIUM - 6.2

Valentina Studio 9.0.5 Linux contains a buffer overflow vulnerability in the Host field of the connection dialog that allows local attackers to crash the application by supplying an oversized input string. Attackers can trigger the vulnerability by pasting a crafted buffer exceeding 264 bytes into t...

Vendor: Valentina-Db
Product: Valentina Studio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25566 MEDIUM - 6.2

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during disk ...

Vendor: Acutesystems
Product: TransMac
Published: Mar 21, 2026
Source: NVD
CVE-2019-25565 MEDIUM - 6.2

Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field during ...

Vendor: Magiciso
Product: Magic Iso Maker
Published: Mar 21, 2026
Source: NVD
CVE-2019-25564 MEDIUM - 5.5

PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Group field. Attackers can paste a buffer overflow payload into the Group property field and click Ok to trigger an application crash.

Vendor: Uvnc
Product: PCHelpWareV2
Published: Mar 21, 2026
Source: NVD
CVE-2019-25563 MEDIUM - 6.2

PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying a malformed image file. Attackers can trigger the vulnerability through the Create SC feature by selecting a crafted BMP file with an oversized buffer, causing the applic...

Vendor: Uvnc
Product: PCHelpWareV2
Published: Mar 21, 2026
Source: NVD
CVE-2019-25562 MEDIUM - 5.5

jetAudio 8.1.7 contains a buffer overflow vulnerability in the video converter component that allows local attackers to crash the application by supplying an oversized string in the File Naming field. Attackers can paste a malicious buffer of 512 bytes into the File Naming parameter and trigger the ...

Vendor: Jetaudio
Product: Convert Video jetAudio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25561 MEDIUM - 6.2

Lyric Maker 2.0.1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Title field. Attackers can paste a 5000-byte buffer into the Title input field and save the file to trigger a denial of service condition.

Vendor: Jetaudio
Product: Lyric Maker
Published: Mar 21, 2026
Source: NVD
CVE-2019-25559 MEDIUM - 5.5

SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during registration to trigger a cr...

Vendor: Nsauditor
Product: SpotPaltalk
Published: Mar 21, 2026
Source: NVD
CVE-2019-25558 MEDIUM - 6.2

Selfie Studio 2.17 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a large string of characters into the New Width or New Height field to trigger a buffer overflo...

Vendor: Pixarra
Product: Selfie Studio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25557 MEDIUM - 6.2

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability that allows local attackers to crash the application by importing a malformed .srp script file. Attackers can create a .srp file containing an excessively large buffer and import it through the Script Player interface to trigge...

Vendor: Pixarra
Product: TwistedBrush Pro Studio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25556 MEDIUM - 6.2

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a malicious string into the New Width or New Height field to trigger a buffer overfl...

Vendor: Pixarra
Product: TwistedBrush Pro Studio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25555 MEDIUM - 6.2

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder component that allows local attackers to crash the application by supplying an excessively large buffer. Attackers can paste a malicious string containing 500,000 characters into the Description field of ...

Vendor: Pixarra
Product: TwistedBrush Pro Studio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25554 MEDIUM - 5.5

Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can trigger a buffer overflow by pasting a large payload into the Name parameter when adding a preset in t...

Vendor: Tomabo
Product: MP4 Converter
Published: Mar 21, 2026
Source: NVD
CVE-2019-25553 MEDIUM - 6.2

CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a specially crafted image file. Attackers can create a malformed JPG file with an oversized buffer and trigger the crash through the import functionality during the ...

Vendor: Cewe-Photoworld
Product: CEWE PHOTO IMPORTER
Published: Mar 21, 2026
Source: NVD