CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-24857 `bulk_extractor` is a digital forensics exploitation tool. Starting in version 1.4, `bulk_extractor`βs embedded unrar code has a heapβbufferβoverflow in the RAR PPM LZ decoding path. A crafted RAR ins... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25321 FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious ... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-47875 GeoGebra CAS Calculator 6.0.631.0 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a payload with 8... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26333 Calero VeraSMART versions prior toΒ 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default ObjectURIs (including EndeavorServer.rem and RemoteFileR... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26335 Calero VeraSMART versions prior toΒ 2022 R1 use static ASP.NET/IIS machineKey values configured for the VeraSMART web application and stored in C:\\Program Files (x86)\\Veramark\\VeraSMART\\WebRoot\\we... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26366 eNet SMART HOME server 2.2.1 and 2.3.1 ships with default credentials (user:user, admin:admin) that remain active after installation and commissioning without enforcing a mandatory password change. Un... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-12882 The Clasifico Listing plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.0. This is due to the plugin allowing users who are registering new accounts to set... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26369 eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insufficient authorization checks in the setUserGroup JSON-RPC method. A low-privileged user (UG_USER) can s... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36967 Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69762 Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69763 Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69766 Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remot... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-68519 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affec... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37129 Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.exe executable. Attackers can replace the service executable with a mal... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36964 YATinyWinFTP contains a denial of service vulnerability that allows attackers to crash the FTP service by sending a 272-byte buffer with a trailing space. Attackers can exploit the service by connecti... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36962 Tendenci 12.3.1 contains a CSV formula injection vulnerability in the contact form message field that allows attackers to inject malicious formulas during export. Attackers can submit crafted payloads... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36961 10-Strike Network Inventory Explorer 8.65 contains a buffer overflow vulnerability in exception handling that allows remote attackers to execute arbitrary code. Attackers can craft a malicious file wi... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25236 PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN (...) list. ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25234 PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category m... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-61140 The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-1056 The Snow Monkey Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'generate_user_dirpath' function in all versions up to, and includin... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-15578 Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely. The session id is seeded with the system time (which is available from HTTP response headers), a call to the built-in... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-50002 Unrestricted Upload of File with Dangerous Type vulnerability in Farost Energia energia allows Upload a Web Shell to a Web Server.This issue affects Energia: from n/a through <= 1.1.2. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2439 Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids. The generate_session_id function in Concierge::Sessions::Base defaults to using the uuidgen command to gene... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37120 Rubo DICOM Viewer 2.0 contains a buffer overflow vulnerability in the DICOM server name input field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicio... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37138 10-Strike Network Inventory Explorer 9.03 contains a buffer overflow vulnerability in the file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malici... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2329 An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remot... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-68590 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Integration for Contact Form 7 HubSpot cf7-hubspot allows Blind SQL Injection.This issue... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65791 ZoneMinder v1.36.34 is vulnerable to Command Injection in web/views/image.php. The application passes unsanitized user input directly to the exec() function. NOTE: this is disputed by the Supplier bec... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23958 Dataease is an open source data visualization analysis tool. Prior to version 2.10.19, DataEase uses the MD5 hash of the userβs password as the JWT signing secret. This deterministic secret derivation... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70998 UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a craft... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2333 Improper Neutralization of Special Elements used in a Command ('Command Injection') in Owl opds 2.2.0.4 allows Command Injection via a crafted network request. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26725 An issue in edu Business Solutions Print Shop Pro WebDesk v.18.34 allows a remote attacker to escalate privileges via the AccessID parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70149 CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in print_membership_card.php via the ID parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70150 CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in delete_members.php that allows unauthenticated attackers to delete arbitrary member records via the id par... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70152 code-projects Community Project Scholars Tracking System 1.0 is vulnerable to SQL Injection in the admin user management endpoints /admin/save_user.php and /admin/update_user.php. These endpoints lack... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25361 Ayukov NFTP client 1.71 contains a buffer overflow vulnerability in the SYST command handling that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted SYST comman... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25362 WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the license name and license code fields. Attackers c... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25364 MailCarrier 2.51 contains a buffer overflow vulnerability in the POP3 USER command that allows remote attackers to execute arbitrary code. Attackers can send a crafted oversized buffer to the POP3 ser... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26713 code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26093 Improper Neutralization of Special Elements used in a Command ('Command Injection') in Owl opds 2.2.0.4 allows Command Injection via a crafted network request. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25365 ChaosPro 2.0 contains a buffer overflow vulnerability in the configuration file path handling that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27174 MajorDoMo (aka Major Domestic Module) allows unauthenticated remote code execution via the admin panel's PHP console feature. An include order bug in modules/panel.class.php causes execution to contin... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25715 The web management interface of the device allows the administrator username and password to be set to blank values. Once applied, the device permits authentication with empty credentials over the w... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27180 MajorDoMo (aka Major Domestic Module) is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin() method... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-24300 Azure Front Door Elevation of Privilege Vulnerability | 9.8 | CRITICAL | β | 0 |
| CVE-2025-57529 YouDataSum CPAS Audit Management System <=v4.9 is vulnerable to SQL Injection in /cpasList/findArchiveReportByDah due to insufficient input validation. This allows remote unauthenticated attackers to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2017 A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The m... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-64111 Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, due to the insufficient patch for CVE-2024-56731, it's still possible to update files in the .git directory and achieve rem... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-68974 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows P... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.