Export limit exceeded: 352825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10040 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 22211 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (22211 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25276 | 1 Picajet | 1 Roboimport | 2026-04-27 | 5.5 Medium |
| RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields and click Register to trigger an application crash. | ||||
| CVE-2018-25278 | 1 Picajet | 1 Picajet Fx | 2026-04-27 | 6.2 Medium |
| PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields via the Help menu's Register PicaJet dialog to trigger an application crash. | ||||
| CVE-2018-25280 | 1 Infiltration-systems | 1 Infiltrator Network Security Scanner | 2026-04-27 | 5.5 Medium |
| Infiltrator Network Security Scanner 4.6 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a 6000-byte payload into the Scan Target field and trigger a denial of service condition when the Scan button is clicked. | ||||
| CVE-2018-25281 | 1 Maxprog | 1 Icash | 2026-04-27 | 5.5 Medium |
| iCash 7.6.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload through the Connect to Server dialog. Attackers can paste a 7000-byte string into the Host field and click Connect to trigger an application crash. | ||||
| CVE-2018-25284 | 1 Hdtune | 1 Hd Tune Pro | 2026-04-27 | 6.2 Medium |
| HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File > Options > Save dialog's folder/file name input field. | ||||
| CVE-2018-25285 | 1 Fathom | 1 Fathom | 2026-04-27 | 5.5 Medium |
| Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of service condition. | ||||
| CVE-2018-25286 | 1 Hdtune | 1 Easy Photoresq | 2026-04-27 | 6.2 Medium |
| Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition. | ||||
| CVE-2018-25287 | 1 Hdtune | 1 Drive Power Manager | 2026-04-27 | 5.5 Medium |
| Drive Power Manager 1.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a 6000-byte payload into the Name field and click Register to trigger a denial of service condition. | ||||
| CVE-2018-25288 | 1 Editorsoftware | 1 Stylewriter | 2026-04-27 | 6.2 Medium |
| StyleWriter 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 6000-byte payload into the Pattern to Find or Advice Message fields in the Add Pattern dialog to trigger a denial of service condition. | ||||
| CVE-2018-25290 | 1 Ezbsystems | 1 Easyboot | 2026-04-27 | 6.2 Medium |
| Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the vulnerability by accessing File > Tools > Replace Text and pasting a 7000-byte payload into the text fields to cause a denial of service. | ||||
| CVE-2018-25291 | 1 Pj64-emu | 1 Project64 | 2026-04-27 | 6.2 Medium |
| Project64 2.3.2 contains a buffer overflow vulnerability in the Plugin Directory settings field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 6000-byte payload into the Plugin Directory field through the Options > Settings > Directories interface to trigger an application crash when settings are reopened. | ||||
| CVE-2018-25292 | 1 Bome | 1 Restorator | 2026-04-27 | 6.2 Medium |
| Bome Restorator 1793 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can create a malicious payload exceeding 4000 bytes and paste it into the Name input field to trigger an application crash and denial of service. | ||||
| CVE-2018-25297 | 1 Wansview | 1 Wansview | 2026-04-27 | 6.2 Medium |
| Wansview 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can inject 2000-byte payloads into the Camera name and DID number fields during camera addition to trigger application crashes. | ||||
| CVE-2026-41313 | 2 Py-pdf, Pypdf Project | 2 Pypdf, Pypdf | 2026-04-27 | 6.5 Medium |
| pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer `/Size` value in incremental mode. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually. | ||||
| CVE-2026-41168 | 2 Py-pdf, Pypdf Project | 2 Pypdf, Pypdf | 2026-04-27 | 5.3 Medium |
| pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large `/Size` values or object streams with wrong large `/N` values. This has been fixed in pypdf 6.10.1. As a workaround, one may apply the changes from the patch manually. | ||||
| CVE-2026-41239 | 1 Cure53 | 1 Dompurify | 2026-04-27 | 6.8 Medium |
| DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Starting in version 1.0.10 and prior to version 3.4.0, `SAFE_FOR_TEMPLATES` strips `{{...}}` expressions from untrusted HTML. This works in string mode but not with `RETURN_DOM` or `RETURN_DOM_FRAGMENT`, allowing XSS via template-evaluating frameworks like Vue 2. Version 3.4.0 patches the issue. | ||||
| CVE-2018-25264 | 1 Acutesystems | 1 Transmac | 2026-04-27 | 6.2 Medium |
| TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a payload file containing 4000 bytes of data, paste it into the License Key field, and trigger a denial of service condition. | ||||
| CVE-2018-25294 | 1 Cewe-photoworld | 1 Cewe Photo Show | 2026-04-27 | 7.5 High |
| CEWE Photoshow 6.3.4 contains a buffer overflow vulnerability in the login dialog that allows attackers to crash the application by submitting oversized input. Attackers can inject 4000 bytes of data into the email address and password fields to trigger a denial of service condition. | ||||
| CVE-2025-69809 | 1 P2r3 | 1 Bareiron | 2026-04-27 | 9.8 Critical |
| A write-what-where condition in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to write arbitrary values to memory, enabling arbitrary code execution via a crafted packet. | ||||
| CVE-2025-69808 | 1 P2r3 | 1 Bareiron | 2026-04-27 | 9.1 Critical |
| An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to access sensitive information and cause a Denial of Service (DoS) via supplying a crafted packet. | ||||