Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2026-25593 OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were la... | 8.4 | HIGH | — | 0 |
| CVE-2019-25633 AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email pre... | 8.4 | HIGH | — | 0 |
| CVE-2019-25631 AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellc... | 8.4 | HIGH | — | 0 |
| CVE-2026-32845 cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate() function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplyi... | 8.4 | HIGH | — | 0 |
| CVE-2016-20037 xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundari... | 8.4 | HIGH | — | 0 |
| CVE-2019-25634 Base64 Decoder 1.1.2 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers ... | 8.4 | HIGH | — | 0 |
| CVE-2019-25681 Xlight FTP Server 3.9.1 contains a structured exception handler (SEH) overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buf... | 8.4 | HIGH | — | 0 |
| CVE-2016-20040 TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an o... | 8.4 | HIGH | — | 0 |
| CVE-2026-23995 EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routi... | 8.4 | HIGH | — | 0 |
| CVE-2026-22593 EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-one check in IsoMux certificate filename handling causes a stack-based buffer overflow when a filename length equals `MA... | 8.4 | HIGH | — | 0 |
| CVE-2019-25650 River Past CamDo 3.7.6 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_enc... | 8.4 | HIGH | — | 0 |
| CVE-2018-25218 PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. ... | 8.4 | HIGH | — | 0 |
| CVE-2018-25213 Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Att... | 8.4 | HIGH | — | 0 |
| CVE-2018-25212 Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers ... | 8.4 | HIGH | — | 0 |
| CVE-2017-20228 Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Attackers can craft m... | 8.4 | HIGH | — | 0 |
| CVE-2018-25217 PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attacke... | 8.4 | HIGH | — | 0 |
| CVE-2025-70802 Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | 8.4 | HIGH | — | 0 |
| CVE-2025-70798 Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | 8.4 | HIGH | — | 0 |
| CVE-2019-25637 X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers ca... | 8.4 | HIGH | — | 0 |
| CVE-2026-28832 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to disclose kernel memory. | 8.4 | HIGH | — | 0 |
| CVE-2016-20038 yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Attackers can cr... | 8.4 | HIGH | — | 0 |
| CVE-2016-20042 TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious c... | 8.4 | HIGH | — | 0 |
| CVE-2016-20041 Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized argument to the -p parameter. Attackers c... | 8.4 | HIGH | — | 0 |
| CVE-2019-25626 River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code... | 8.4 | HIGH | — | 0 |
| CVE-2016-20043 NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft... | 8.4 | HIGH | — | 0 |
| CVE-2016-20044 PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malic... | 8.4 | HIGH | — | 0 |
| CVE-2016-20039 Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulnerability in the gamma parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers... | 8.4 | HIGH | — | 0 |
| CVE-2026-40113 PraisonAI is a multi-agent teams system. Prior to 4.5.128, deploy.py constructs a single comma-delimited string for the gcloud run deploy --set-env-vars argument by directly interpolating openai_model... | 8.4 | HIGH | — | 0 |
| CVE-2019-25627 FlexHEX 2.71 contains a local buffer overflow vulnerability in the Stream Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overflow. ... | 8.4 | HIGH | — | 0 |
| CVE-2019-25629 AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functionality that allows local attackers to execute arbitrary code by supplying a malicio... | 8.4 | HIGH | — | 0 |
| CVE-2026-28821 A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8... | 8.4 | HIGH | — | 0 |
| CVE-2019-25611 MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function that allows local attackers to execute arbitrary code by supplying oversized configuration values. Attackers can... | 8.4 | HIGH | — | 0 |
| CVE-2019-25619 FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inj... | 8.4 | HIGH | — | 0 |
| CVE-2019-25607 Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers ca... | 8.4 | HIGH | — | 0 |
| CVE-2019-25670 River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_e... | 8.4 | HIGH | — | 0 |
| CVE-2026-35020 Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the command lookup helper and deep-link terminal launcher that allows local attackers to execute arbitra... | 8.4 | HIGH | — | 0 |
| CVE-2026-28463 OpenClaw versions prior to 2026.2.14 contain an arbitrary file read vulnerability in the exec-approvals allowlist validation that checks pre-expansion argv tokens but executes using real shell expansi... | 8.4 | HIGH | — | 0 |
| CVE-2026-4788 IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user. | 8.4 | HIGH | — | 0 |
| CVE-2019-25615 Lavavo CD Ripper 4.20 contains a structured exception handling (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License ... | 8.4 | HIGH | — | 0 |
| CVE-2019-25656 R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler (SEH) overwrite by supplying malicious i... | 8.4 | HIGH | — | 0 |
| CVE-2026-28520 arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, t... | 8.4 | HIGH | — | 0 |
| CVE-2019-25609 JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointer... | 8.4 | HIGH | — | 0 |
| CVE-2018-25251 Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craf... | 8.4 | HIGH | — | 0 |
| CVE-2019-25608 Iperius Backup 6.1.0 contains a privilege escalation vulnerability that allows low-privilege users to execute arbitrary programs with elevated privileges by creating backup jobs. Attackers can configu... | 8.4 | HIGH | — | 0 |
| CVE-2019-25604 DVDXPlayer Pro 5.5 contains a local buffer overflow vulnerability with structured exception handling that allows local attackers to execute arbitrary code by crafting malicious playlist files. Attacke... | 8.4 | HIGH | — | 0 |
| CVE-2019-25603 TuneClone 2.20 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers... | 8.4 | HIGH | — | 0 |
| CVE-2026-0710 A flaw was found in SIPp. A remote attacker could exploit this by sending specially crafted Session Initiation Protocol (SIP) messages during an active call. This vulnerability, a NULL pointer derefer... | 8.4 | HIGH | — | 0 |
| CVE-2022-50918 VIVE Runtime Service 1.0.0.4 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binar... | 8.4 | HIGH | — | 0 |
| CVE-2018-25255 10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attack... | 8.4 | HIGH | — | 0 |
| CVE-2026-22037 The @fastify/express plugin adds full Express compatibility to Fastify. A security vulnerability exists in @fastify/express prior to version 4.0.3 where middleware registered with a specific path pref... | 8.4 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.