Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2019-25565 Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Atta... | 6.2 | MEDIUM | — | 0 |
| CVE-2025-43238 An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system te... | 6.2 | MEDIUM | — | 0 |
| CVE-2016-20050 NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-29628 A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allows attackers to cause a Denial of Service (DoS) via supplying a crafted .mtl file. | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25594 ASPRunner.NET 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the table name field. Attackers can input ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25592 PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the dashboard name field. Attackers can paste ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25591 DNSS Domain Name Search Software 2.1.8 contains a buffer overflow vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively l... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25590 Axessh 4.2 contains a denial of service vulnerability in the logging configuration that allows local attackers to crash the application by supplying an excessively long string in the log file name fie... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-20699 A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, macOS... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25231 HeidiSQL 9.5.0.5196 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long file path in the logging preferences. Attackers can... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-29976 Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield() function | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25711 SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized buffer in the Name field during registration. A... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25712 BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers to crash the application by submitting an oversized key value. Attackers can trig... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25558 Selfie Studio 2.17 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can p... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-33947 jq is a command-line JSON processor. In versions 1.8.1 and below, functions jv_setpath(), jv_getpath(), and delpaths_sorted() in jq's src/jv_aux.c use unbounded recursion whose depth is controlled by ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25556 TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Atta... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25586 Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Attackers can paste a buffer of ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28841 A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Tahoe 26.4. A buffer overflow may result in memory corruption and unexpected app termination. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-35406 Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25632 phpFileManager 1.7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the action, fm_current_dir, and filename parameters. At... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-35480 go-ipld-prime is an implementation of the InterPlanetary Linked Data (IPLD) spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on I... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25233 WebDrive 18.00.5057 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the username field during Secure WebDAV c... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25548 BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to the search field. Attackers can paste a buffer o... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28866 This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25544 Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the application by providing an excessively long username string during account creation. Attackers can in... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25228 NetSetMan 4.7.1 contains a buffer overflow vulnerability in the Workgroup feature that allows local attackers to crash the application by supplying oversized input. Attackers can create a malicious co... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25227 Valentina Studio 9.0.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can trigger ... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25297 Wansview 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can inject 2000-byte payloads into the Came... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25655 Device Monitoring Studio 8.10.00.8925 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the server connection d... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25571 MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. At... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25653 Navicat for Oracle 12.1.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Attackers can ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-3778 The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the ... | 6.2 | MEDIUM | — | 0 |
| CVE-2025-48587 In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional executi... | 6.2 | MEDIUM | — | 0 |
| CVE-2025-61147 strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decoder_context::compute_framedrop_table(). | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25437 Foscam Video Management System 1.1.6.6 contains a buffer overflow vulnerability in the UID field that allows local attackers to crash the application by supplying an excessively long string. Attackers... | 6.2 | MEDIUM | — | 0 |
| CVE-2020-37132 UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local attackers to crash the application. Attackers can paste an overly long 3... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-24915 Out-of-bounds read issue in the media subsystem. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | 6.2 | MEDIUM | — | 0 |
| CVE-2025-58341 An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allo... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-6386 In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the prese... | 6.2 | MEDIUM | — | 0 |
| CVE-2025-58340 An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allo... | 6.2 | MEDIUM | — | 0 |
| CVE-2020-37166 AbsoluteTelnet 11.12 contains a denial of service vulnerability in the SSH2 username input field that allows local attackers to crash the application. Attackers can overwrite the username field with a... | 6.2 | MEDIUM | — | 0 |
| CVE-2025-36364 IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system. | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25326 ipPulse 1.92 contains a denial of service vulnerability that allows local attackers to crash the application by providing an oversized input in the Enter Key field. Attackers can generate a 256-byte b... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28539 Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 6.2 | MEDIUM | — | 0 |
| CVE-2020-37165 AbsoluteTelnet 11.12 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized license name. Attackers can generate a 2500-character pay... | 6.2 | MEDIUM | — | 0 |
| CVE-2020-37171 TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. Attackers can overwrite the username ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-28544 Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability. | 6.2 | MEDIUM | — | 0 |
| CVE-2020-37164 AbsoluteTelnet 11.12 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized license name. Attackers can generate a 2500-character pay... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-0005 In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permi... | 6.2 | MEDIUM | — | 0 |
| CVE-2020-37170 TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address fi... | 6.2 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.