Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2018-25231 HeidiSQL 9.5.0.5196 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long file path in the logging preferences. Attackers can... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25665 River Past Ringtone Converter 2.7.6.1601 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to activation fields. Attackers can ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-20651 A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28841 A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Tahoe 26.4. A buffer overflow may result in memory corruption and unexpected app termination. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-20699 A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, macOS... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25625 Blob Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the key entry mechanism. Attackers can create a te... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25666 SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 strin... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-31053 A double free vulnerability exists in librz/bin/format/le/le.c in the function le_load_fixup_record(). When processing malformed or circular LE fixup chains, relocation entries may be freed multiple t... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25588 BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Att... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28833 A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. An app may be able to enumerate a user's installed app... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25242 One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers c... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25623 Luminance Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can create ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25677 WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25546 NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a den... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25618 AdminExpress 1.2.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the System Compare feature. Attackers can paste... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-20637 A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Ta... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25617 Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows local attackers to crash the application by processing malformed MP4 files. Attackers can ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25683 FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can t... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25565 Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Atta... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25239 Smart VPN 1.1.3.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the search interface. Attackers can paste a buff... | 6.2 | MEDIUM | — | 0 |
| CVE-2025-12708 IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user. | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25238 VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can pa... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25632 phpFileManager 1.7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the action, fm_current_dir, and filename parameters. At... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25667 TaskInfo 8.2.0.280 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to registration fields. Attackers can paste excessively lo... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25555 TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder component that allows local attackers to crash the application by supplying an excessively large buffer.... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-25204 Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows denial of service condition via process abort. This issue affects escarogt prior to commit hash 97... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25547 NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious b... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25553 CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a specially crafted image file. Attackers can create a malformed ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-33753 rfc3161-client is a Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification al... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25551 Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attack... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28889 A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-0049 In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution priv... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25587 BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessive... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25216 AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can past... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25253 Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by supplying an excessively long string. Att... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25648 MyVideoConverter Pro 3.14 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string to the registration code input field. At... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25252 FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can crea... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25240 Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28867 This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-40115 PraisonAI is a multi-agent teams system. Prior to 4.5.128, the WSGI-based recipe registry server (server.py) reads the entire HTTP request body into memory based on the client-supplied Content-Length ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-40227 In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28822 A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26... | 6.2 | MEDIUM | — | 0 |
| CVE-2016-20050 NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25645 WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by processing malformed AVI files. Attackers can create a specia... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25644 WinMPG Video Convert 9.3.5 and older versions contain a buffer overflow vulnerability in the registration dialog that allows local attackers to crash the application by supplying oversized input. Atta... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25589 ZOC Terminal 7.23.4 contains a buffer overflow vulnerability in the Shell field of Program Settings that allows local attackers to crash the application by supplying an excessively long string. Attack... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-33320 Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-29976 Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield() function | 6.2 | MEDIUM | — | 0 |
| CVE-2026-30007 XnSoft NConvert 7.230 is vulnerable to Use-After-Free via a crafted .tiff file | 6.2 | MEDIUM | — | 0 |
| CVE-2026-30006 XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file. | 6.2 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.