Export limit exceeded: 339569 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339569 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339569 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25609 | 1 Jetaudio | 1 Jetaudio | 2026-03-23 | 8.4 High |
| JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers. Attackers can inject alphanumeric encoded shellcode through the Log Directory field to trigger an SEH exception handler and execute arbitrary code with application privileges. | ||||
| CVE-2026-1969 | 2 Themerex, Wordpress | 2 Addons, Wordpress | 2026-03-23 | 5.3 Medium |
| The trx_addons WordPress plugin before 2.38.5 does not correctly validate file types in one of its AJAX action, allowing unauthenticated users to upload arbitrary file. This is due to an incorrect fix of CVE-2024-13448 | ||||
| CVE-2026-32968 | 2026-03-23 | 9.8 Critical | ||
| Due to the improper neutralisation of special elements used in an OS command, an unauthenticated remote attacker can exploit an RCE vulnerability in the com_mb24sysapi module, resulting in full system compromise. This vulnerability is a variant attack for CVE-2020-10383. | ||||
| CVE-2026-33293 | 1 Wwbn | 1 Avideo | 2026-03-23 | 8.1 High |
| WWBN AVideo is an open source video platform. Prior to version 26.0, the `deleteDump` parameter in `plugin/CloneSite/cloneServer.json.php` is passed directly to `unlink()` without any path sanitization. An attacker with valid clone credentials can use path traversal sequences (e.g., `../../`) to delete arbitrary files on the server, including critical application files such as `configuration.php`, causing complete denial of service or enabling further attacks by removing security-critical files. Version 26.0 fixes the issue. | ||||
| CVE-2026-33294 | 1 Wwbn | 1 Avideo | 2026-03-23 | 5 Medium |
| WWBN AVideo is an open source video platform. Prior to version 26.0, the BulkEmbed plugin's save endpoint (`plugin/BulkEmbed/save.json.php`) fetches user-supplied thumbnail URLs via `url_get_contents()` without SSRF protection. Unlike all six other URL-fetching endpoints in AVideo that were hardened with `isSSRFSafeURL()`, this code path was missed. An authenticated attacker can force the server to make HTTP requests to internal network resources and retrieve the responses by viewing the saved video thumbnail. Version 26.0 fixes the issue. | ||||
| CVE-2026-33295 | 1 Wwbn | 1 Avideo | 2026-03-23 | N/A |
| WWBN AVideo is an open source video platform. Prior to version 26.0, WWBN/AVideo contains a stored cross-site scripting vulnerability in the CDN plugin's download buttons component. The `clean_title` field of a video record is interpolated directly into a JavaScript string literal without any escaping, allowing an attacker who can create or modify a video to inject arbitrary JavaScript that executes in the browser of any user who visits the affected download page. Version 26.0 fixes the issue. | ||||
| CVE-2019-25591 | 1 Nsasoft | 1 Nsauditor Dnss Domain Name Search Software | 2026-03-23 | 6.2 Medium |
| DNSS Domain Name Search Software 2.1.8 contains a buffer overflow vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can trigger a denial of service by pasting a malicious registration code containing 300 repeated characters into the Name/Key field via the Register menu option. | ||||
| CVE-2026-4554 | 1 Tenda | 2 F453, F453 Firmware | 2026-03-23 | 6.3 Medium |
| A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-4373 | 2 Jetmonsters, Wordpress | 2 Jetformbuilder — Dynamic Blocks Form Builder, Wordpress | 2026-03-23 | 7.5 High |
| The JetFormBuilder plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 3.5.6.2. This is due to the 'Uploaded_File::set_from_array' method accepting user-supplied file paths from the Media Field preset JSON payload without validating that the path belongs to the WordPress uploads directory. Combined with an insufficient same-file check in 'File_Tools::is_same_file' that only compares basenames, this makes it possible for unauthenticated attackers to exfiltrate arbitrary local files as email attachments by submitting a crafted form request when the form is configured with a Media Field and a Send Email action with file attachment. | ||||
| CVE-2026-4509 | 1 Pbootcms | 1 Pbootcms | 2026-03-23 | 6.3 Medium |
| A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black results in incomplete blacklist. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-4515 | 1 Foundation Agents | 1 Metagpt | 2026-03-23 | 6.3 Medium |
| A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function code_generate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2019-25545 | 1 Lizardsystems | 1 Terminal Services Manager | 2026-03-23 | 6.2 Medium |
| Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during computer addition, causing a denial of service when the server entry is accessed. | ||||
| CVE-2019-25555 | 1 Pixarra | 1 Twistedbrush Pro Studio | 2026-03-23 | 6.2 Medium |
| TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder component that allows local attackers to crash the application by supplying an excessively large buffer. Attackers can paste a malicious string containing 500,000 characters into the Description field of the Script Recorder dialog to trigger an application crash. | ||||
| CVE-2019-25557 | 1 Pixarra | 1 Twistedbrush Pro Studio | 2026-03-23 | 6.2 Medium |
| TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability that allows local attackers to crash the application by importing a malformed .srp script file. Attackers can create a .srp file containing an excessively large buffer and import it through the Script Player interface to trigger an application crash. | ||||
| CVE-2019-25564 | 1 Uvnc | 2 Pchelpwarev2, Ultravnc | 2026-03-23 | 5.5 Medium |
| PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Group field. Attackers can paste a buffer overflow payload into the Group property field and click Ok to trigger an application crash. | ||||
| CVE-2019-25570 | 1 Realterm | 1 Realterm: Serial Terminal | 2026-03-23 | 5.5 Medium |
| RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash. | ||||
| CVE-2026-4530 | 1 Apconw | 1 Aix-db | 2026-03-23 | 5.3 Medium |
| A security flaw has been discovered in apconw Aix-DB up to 1.2.3. This impacts an unknown function of the file agent/text2sql/rag/terminology_retriever.py. Performing a manipulation of the argument Description results in sql injection. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4535 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2026-03-23 | 8.8 High |
| A vulnerability has been found in Tenda FH451 1.0.0.9. This vulnerability affects the function WrlclientSet of the file /goform/WrlclientSet. Such manipulation of the argument GO leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-4540 | 1 Projectworlds | 1 Online Notes Sharing Platform | 2026-03-23 | 7.3 High |
| A vulnerability was detected in projectworlds Online Notes Sharing System 1.0. This issue affects some unknown processing of the file /login.php of the component Parameters Handler. The manipulation of the argument User results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. | ||||
| CVE-2026-4572 | 1 Sourcecodester | 1 Sales And Inventory System | 2026-03-23 | 6.3 Medium |
| A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /view_product.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. | ||||