Total CVEs

142,750

Critical Severity

4,026

High Severity

14,425

Last 7 Days

1,411
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 17,721 - 17,740 of 39,155 CVEs
CVE-2018-25288 MEDIUM - 6.2

StyleWriter 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 6000-byte payload into the Pattern to Find or Advice Message fields in the Add Pattern dialog to trigger a denial of service co...

Vendor: Editorsoftware
Product: StyleWriter
Published: Apr 26, 2026
Source: NVD
CVE-2018-25287 MEDIUM - 5.5

Drive Power Manager 1.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a 6000-byte payload into the Name field and click Register to trigger a denial of service condition.

Vendor: Hdtune
Product: Drive Power Manager
Published: Apr 26, 2026
Source: NVD
CVE-2018-25286 MEDIUM - 6.2

Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition.

Vendor: Hdtune
Product: Easy PhotoResQ
Published: Apr 26, 2026
Source: NVD
CVE-2018-25285 MEDIUM - 5.5

Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of servic...

Vendor: Fathom
Product: Fathom
Published: Apr 26, 2026
Source: NVD
CVE-2018-25284 MEDIUM - 6.2

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File > Options > Save dial...

Vendor: Hdtune
Product: HD Tune Pro
Published: Apr 26, 2026
Source: NVD
CVE-2018-25283 HIGH - 8.4

iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup int...

Vendor: Securimport
Product: iSmartViewPro
Published: Apr 26, 2026
Source: NVD
CVE-2018-25282 MEDIUM - 6.2

Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Attackers can create a crafted XML file with nested entity definitions and open it through ZenMap's scan import function...

Vendor: ZenMap
Product: ZenMap
Published: Apr 26, 2026
Source: NVD
CVE-2018-25281 MEDIUM - 5.5

iCash 7.6.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload through the Connect to Server dialog. Attackers can paste a 7000-byte string into the Host field and click Connect to trigger an application crash.

Vendor: Maxprog
Product: iCash
Published: Apr 26, 2026
Source: NVD
CVE-2018-25280 MEDIUM - 5.5

Infiltrator Network Security Scanner 4.6 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a 6000-byte payload into the Scan Target field and trigger a denial of service condition when the Scan bu...

Vendor: Infiltration-Systems
Product: Infiltrator Network Security Scanner
Published: Apr 26, 2026
Source: NVD
CVE-2018-25279 MEDIUM - 6.2

jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Attackers can create a specially crafted PNG file with an oversized buffer and trigger the crash when the application attempts to convert the...

Vendor: Convertimagetotext
Product: jiNa OCR Image to Text
Published: Apr 26, 2026
Source: NVD
CVE-2018-25278 MEDIUM - 6.2

PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields via the Help menu's Register PicaJ...

Vendor: Picajet
Product: PicaJet FX
Published: Apr 26, 2026
Source: NVD
CVE-2018-25277 MEDIUM - 6.2

PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input field. Attackers can craft a payload exceeding 6000 bytes and paste it into the 'Folder with picture files' field to trigger ...

Vendor: Br-Software
Product: PixGPS
Published: Apr 26, 2026
Source: NVD
CVE-2018-25276 MEDIUM - 5.5

RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields and click Register to trigger an app...

Vendor: Picajet
Product: RoboImport
Published: Apr 26, 2026
Source: NVD
CVE-2018-25275 MEDIUM - 6.2

Faleemi Plus 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can paste a 2000-byte payload into the Camera name and DID number fields during camera addition to trigger an application crash.

Vendor: faleemi
Product: Faleemi Plus
Published: Apr 26, 2026
Source: NVD
CVE-2018-25274 MEDIUM - 6.2

InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an app...

Vendor: infrarecorder
Product: InfraRecorder
Published: Apr 26, 2026
Source: NVD
CVE-2018-25273 MEDIUM - 6.2

CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malicious file containing 4000 bytes of data, paste it into the License Key input field, and trigger an ap...

Vendor: Acutesystems
Product: CrossFont
Published: Apr 26, 2026
Source: NVD
CVE-2018-25264 MEDIUM - 6.2

TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a payload file containing 4000 bytes of data, paste it into the License Key field, and trigger a denial...

Vendor: Acutesystems
Product: TransMac
Published: Apr 26, 2026
Source: NVD
CVE-2018-25263 HIGH - 8.4

Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log inte...

Vendor: faleemi
Product: Faleemi Desktop Software
Published: Apr 26, 2026
Source: NVD
CVE-2026-7041 LOW - 3.7

A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug Debugger PIN Handler. Performing a manipulation of the argument SECRET results in information disclosure. It is possible to initiate the attack remo...

Published: Apr 26, 2026
Source: NVD
CVE-2026-7039 HIGH - 7.8

A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description leads to command injection. The attack must be carried out locally. The exploit has been disclosed pub...

Published: Apr 26, 2026
Source: NVD