Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2019-25566 TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a mal... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25567 Valentina Studio 9.0.5 Linux contains a buffer overflow vulnerability in the Host field of the connection dialog that allows local attackers to crash the application by supplying an oversized input st... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25569 RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulnerability in the Echo Port field that allows local attackers to crash the application by triggering a structured exception ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25572 NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25546 NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a den... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25547 NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious b... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25551 Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attack... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25550 Encrypt PDF 2.3 contains a buffer overflow vulnerability that allows local attackers to crash the application by inputting excessively long strings into password fields. Attackers can paste a 1000-byt... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25561 Lyric Maker 2.0.1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Title field. Attackers can paste a 5000... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28950 A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2. Notifications marked for deletion could be unexpectedly r... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25624 Liquid Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can trigger th... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25620 Tree Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can trigger the ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25621 Pixel Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can trigger the... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25622 Paint Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the key entry mechanism. Attackers can create a t... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25623 Luminance Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can create ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25625 Blob Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the key entry mechanism. Attackers can create a te... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25585 Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffe... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25583 RarmaRadio 2.72.3 contains a denial of service vulnerability in the Username field that allows local attackers to crash the application by submitting excessively long input. Attackers can paste a buff... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25584 RarmaRadio 2.72.3 contains a buffer overflow vulnerability in the Server field of the Network settings that allows local attackers to crash the application by supplying an excessively long string. Att... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25586 Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Attackers can paste a buffer of ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-30006 XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-30007 XnSoft NConvert 7.230 is vulnerable to Use-After-Free via a crafted .tiff file | 6.2 | MEDIUM | — | 0 |
| CVE-2026-33320 Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25644 WinMPG Video Convert 9.3.5 and older versions contain a buffer overflow vulnerability in the registration dialog that allows local attackers to crash the application by supplying oversized input. Atta... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25645 WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by processing malformed AVI files. Attackers can create a specia... | 6.2 | MEDIUM | — | 0 |
| CVE-2020-37131 Nsauditor Product Key Explorer 4.2.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting a specially crafted registration key. Attackers can ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28867 This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-40115 PraisonAI is a multi-agent teams system. Prior to 4.5.128, the WSGI-based recipe registry server (server.py) reads the entire HTTP request body into memory based on the client-supplied Content-Length ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-40227 In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-25204 Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows denial of service condition via process abort. This issue affects escarogt prior to commit hash 97... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-29628 A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allows attackers to cause a Denial of Service (DoS) via supplying a crafted .mtl file. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-25169 Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-29066 Tina is a headless content management system. Prior to 2.1.8, the TinaCMS CLI dev server configures Vite with server.fs.strict: false, which disables Vite's built-in filesystem access restriction. Thi... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-20695 An information disclosure issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to determine kerne... | 6.2 | MEDIUM | — | 0 |
| CVE-2025-36051 IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in configuration files that could be read by a local user. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-20651 A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25476 Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text fi... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28833 A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. An app may be able to enumerate a user's installed app... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-0049 In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution priv... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28841 A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Tahoe 26.4. A buffer overflow may result in memory corruption and unexpected app termination. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28889 A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-25168 Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-32836 dr_libs dr_flac.h version 0.13.3 and earlier (fixed in commits fefced4, 4f5a4cd, and 663239a) contain an uncontrolled memory allocation vulnerability in drflac__read_and_decode_metadata() that allows ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25683 FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can t... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28822 A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25597 NSauditor 3.1.2.0 contains a buffer overflow vulnerability in the SNMP Auditor Community field that allows local attackers to crash the application by supplying an excessively long string. Attackers c... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-21525 Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally. | 6.2 | MEDIUM | KEV | 0 |
| CVE-2026-40312 ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicou... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-34534 iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow (HBO) in CIccMpeSpectral... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-34556 iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow (HBO) in icAnsiToUtf8() in the XML conversion pat... | 6.2 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.