Total CVEs

141,292

Critical Severity

3,799

High Severity

13,738

Last 7 Days

1,848
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 8,761 - 8,780 of 13,828 CVEs
CVE-2019-25559 MEDIUM - 5.5

SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during registration to trigger a cr...

Vendor: Nsauditor
Product: SpotPaltalk
Published: Mar 21, 2026
Source: NVD
CVE-2019-25558 MEDIUM - 6.2

Selfie Studio 2.17 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a large string of characters into the New Width or New Height field to trigger a buffer overflo...

Vendor: Pixarra
Product: Selfie Studio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25557 MEDIUM - 6.2

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability that allows local attackers to crash the application by importing a malformed .srp script file. Attackers can create a .srp file containing an excessively large buffer and import it through the Script Player interface to trigge...

Vendor: Pixarra
Product: TwistedBrush Pro Studio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25556 MEDIUM - 6.2

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a malicious string into the New Width or New Height field to trigger a buffer overfl...

Vendor: Pixarra
Product: TwistedBrush Pro Studio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25555 MEDIUM - 6.2

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder component that allows local attackers to crash the application by supplying an excessively large buffer. Attackers can paste a malicious string containing 500,000 characters into the Description field of ...

Vendor: Pixarra
Product: TwistedBrush Pro Studio
Published: Mar 21, 2026
Source: NVD
CVE-2019-25554 MEDIUM - 5.5

Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can trigger a buffer overflow by pasting a large payload into the Name parameter when adding a preset in t...

Vendor: Tomabo
Product: MP4 Converter
Published: Mar 21, 2026
Source: NVD
CVE-2019-25553 MEDIUM - 6.2

CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a specially crafted image file. Attackers can create a malformed JPG file with an oversized buffer and trigger the crash through the import functionality during the ...

Vendor: Cewe-Photoworld
Product: CEWE PHOTO IMPORTER
Published: Mar 21, 2026
Source: NVD
CVE-2019-25551 MEDIUM - 6.2

Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attackers can paste a buffer of 5000 characters into the 'Select or enter a program' field durin...

Vendor: Sandboxie
Product: Sandboxie
Published: Mar 21, 2026
Source: NVD
CVE-2019-25550 MEDIUM - 6.2

Encrypt PDF 2.3 contains a buffer overflow vulnerability that allows local attackers to crash the application by inputting excessively long strings into password fields. Attackers can paste a 1000-byte buffer into the User Password or Master Password field in the Settings dialog to trigger an applic...

Vendor: Verypdf
Product: Encrypt PDF
Published: Mar 21, 2026
Source: NVD
CVE-2019-25549 MEDIUM - 6.2

VeryPDF PCL Converter 2.7 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long password string. Attackers can trigger a buffer overflow by entering a 3000-byte password in the PDF Security encryption fields, causing the appl...

Vendor: Verypdf
Product: VeryPDF PCL Converter
Published: Mar 21, 2026
Source: NVD
CVE-2019-25548 MEDIUM - 6.2

BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to the search field. Attackers can paste a buffer of 100,000 'A' characters into the search field and trigger a search operation to cause the...

Vendor: Bluestacks
Product: BlueStacks
Published: Mar 21, 2026
Source: NVD
CVE-2019-25547 MEDIUM - 6.2

NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a ...

Vendor: Infiltration-Systems
Product: NetAware
Published: Mar 21, 2026
Source: NVD
CVE-2019-25546 MEDIUM - 6.2

NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by pasting a 1000-byte buffer into the Share Name parameter when adding a new share t...

Vendor: Infiltration-Systems
Product: NetAware
Published: Mar 21, 2026
Source: NVD
CVE-2019-25545 MEDIUM - 6.2

Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field duri...

Vendor: Lizardsystems
Product: Terminal Services Manager
Published: Mar 21, 2026
Source: NVD
CVE-2019-25544 MEDIUM - 6.2

Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the application by providing an excessively long username string during account creation. Attackers can input a buffer of 1000 characters in the username field and trigger a crash when joining a chat, causi...

Vendor: Pidgin
Product: Pidgin
Published: Mar 21, 2026
Source: NVD
CVE-2026-4515 MEDIUM - 6.3

A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function code_generate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public a...

Published: Mar 21, 2026
Source: NVD
CVE-2026-4514 MEDIUM - 6.3

A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to improper access controls. The attack may be performed ...

Published: Mar 21, 2026
Source: NVD
CVE-2026-4513 MEDIUM - 6.3

A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The ...

Published: Mar 21, 2026
Source: NVD
CVE-2026-4511 MEDIUM - 6.3

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. Affected is the function exec of the file /src/vanna/legacy. Such manipulation leads to injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early ab...

Published: Mar 21, 2026
Source: NVD
CVE-2026-4510 MEDIUM - 4.3

A weakness has been identified in PbootCMS up to 3.2.12. This impacts the function alert_location of the file apps/home/controller/MemberController.php of the component Parameter Handler. This manipulation of the argument backurl causes cross site scripting. Remote exploitation of the attack is poss...

Published: Mar 21, 2026
Source: NVD