Export limit exceeded: 345048 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345048 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-27628 | 2 Py-pdf, Pypdf Project | 2 Pypdf, Pypdf | 2026-04-16 | 7.5 High |
| pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This has been fixed in pypdf 6.7.2. As a workaround, one may apply the patch manually. | ||||
| CVE-2026-27747 | 1 Spip | 2 Interface Traduction Objets, Spip | 2026-04-16 | 8.8 High |
| The SPIP interface_traduction_objets plugin versions prior to 2.2.2 contain an authenticated SQL injection vulnerability in interface_traduction_objets_pipelines.php. When handling translation requests, the plugin reads the id_parent parameter from user-supplied input and concatenates it directly into a SQL WHERE clause in a call to sql_getfetsel() without input validation or parameterization. An authenticated attacker with editor-level privileges can inject crafted SQL expressions into the id_parent parameter to manipulate the backend query. Successful exploitation can result in disclosure or modification of database contents and may lead to denial of service depending on the database configuration and privileges. | ||||
| CVE-2026-27746 | 1 Spip | 2 Jeux, Spip | 2026-04-16 | 6.1 Medium |
| The SPIP jeux plugin versions prior to 4.1.1 contain a reflected cross-site scripting (XSS) vulnerability in the pre_propre pipeline. The plugin incorporates untrusted request parameters into HTML output without proper output encoding, allowing attackers to inject arbitrary script content into pages that render a jeux block. When a victim is induced to visit a crafted URL, the injected content is reflected into the response and executed in the victim's browser context. | ||||
| CVE-2026-27745 | 1 Spip | 2 Interface Traduction Objets, Spip | 2026-04-16 | 8.8 High |
| The SPIP interface_traduction_objets plugin versions prior to 2.2.2 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Because fields prefixed with an underscore bypass protection mechanisms and the hidden content is rendered with filtering disabled, an authenticated attacker with editor-level privileges can inject crafted content that is evaluated through SPIP's template processing chain, resulting in execution of code in the context of the web server. | ||||
| CVE-2026-34519 | 2 Aio-libs, Aiohttp | 2 Aiohttp, Aiohttp | 2026-04-16 | 5.3 Medium |
| AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter when creating a Response may be able to inject extra headers or similar exploits. This issue has been patched in version 3.13.4. | ||||
| CVE-2026-34520 | 2 Aio-libs, Aiohttp | 2 Aiohttp, Aiohttp | 2026-04-16 | 9.1 Critical |
| AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4. | ||||
| CVE-2026-34525 | 2 Aio-libs, Aiohttp | 2 Aiohttp, Aiohttp | 2026-04-16 | 5.3 Medium |
| AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4. | ||||
| CVE-2026-34531 | 1 Miguelgrinberg | 1 Flask-httpauth | 2026-04-16 | 6.5 Medium |
| Flask-HTTPAuth provides Basic, Digest and Token HTTP authentication for Flask routes. Prior to version 4.8.1, in a situation where the client makes a request to a token protected resource without passing a token, or passing an empty token, Flask-HTTPAuth would invoke the application's token verification callback function with the token argument set to an empty string. If the application had any users in its database with an empty string set as their token, then it could potentially authenticate the client request against any of those users. This issue has been patched in version 4.8.1. | ||||
| CVE-2019-25618 | 1 Admin-express | 1 Adminexpress | 2026-04-16 | 6.2 Medium |
| AdminExpress 1.2.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the System Compare feature. Attackers can paste a large buffer of characters into the Folder Path field and trigger the comparison function to cause the application to become unresponsive or crash. | ||||
| CVE-2019-25591 | 1 Nsasoft | 1 Nsauditor Dnss Domain Name Search Software | 2026-04-16 | 6.2 Medium |
| DNSS Domain Name Search Software 2.1.8 contains a buffer overflow vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can trigger a denial of service by pasting a malicious registration code containing 300 repeated characters into the Name/Key field via the Register menu option. | ||||
| CVE-2019-25594 | 1 Xlinesoft | 1 Phprunner | 2026-04-16 | 6.2 Medium |
| ASPRunner.NET 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the table name field. Attackers can input a buffer of 10000 characters in the table name parameter during database table creation to trigger an application crash. | ||||
| CVE-2019-25595 | 1 Jetaudio | 1 Jetaudio | 2026-04-16 | 6.2 Medium |
| jetAudio 8.1.7.20702 Basic contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string through the URL input handler. Attackers can trigger the crash by pasting a buffer of 5000 characters into the Open URL dialog, causing the application to terminate abnormally. | ||||
| CVE-2019-25599 | 1 Nsauditor | 1 Backup Key Recovery | 2026-04-16 | 6.2 Medium |
| Backup Key Recovery 2.2.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 or more characters into the Name field during registration to trigger a crash when submitting the form. | ||||
| CVE-2019-25600 | 1 Uvnc | 1 Ultravnc Viewer | 2026-04-16 | 6.5 Medium |
| UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized string to the VNC Server input field. Attackers can paste a malicious string containing 256 repeated characters into the VNC Server field and click Connect to trigger a buffer overflow that crashes the viewer. | ||||
| CVE-2019-25603 | 1 Tuneclone | 1 Tuneclone | 2026-04-16 | 8.4 High |
| TuneClone 2.20 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address pointing to a ROP gadget, then paste it into the license code field to trigger code execution and establish a bind shell. | ||||
| CVE-2019-25604 | 1 Dvd-x-player | 1 Dvd X Player | 2026-04-16 | 8.4 High |
| DVDXPlayer Pro 5.5 contains a local buffer overflow vulnerability with structured exception handling that allows local attackers to execute arbitrary code by crafting malicious playlist files. Attackers can create a specially crafted .plf file containing shellcode and NOP sleds that overflows a buffer and hijacks the SEH chain to execute arbitrary code with application privileges. | ||||
| CVE-2019-25606 | 1 Alloksoft | 1 Fast Avi Mpeg Joiner | 2026-04-16 | 5.5 Medium |
| Fast AVI MPEG Joiner 1.2.0812 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the License Name field. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the License Name input field to trigger a denial of service condition when the Register button is clicked. | ||||
| CVE-2019-25607 | 1 Labf | 1 Axessh | 2026-04-16 | 8.4 High |
| Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute shellcode with system privileges. | ||||
| CVE-2019-25608 | 1 Iperius | 1 Iperius Backup | 2026-04-16 | 8.4 High |
| Iperius Backup 6.1.0 contains a privilege escalation vulnerability that allows low-privilege users to execute arbitrary programs with elevated privileges by creating backup jobs. Attackers can configure backup jobs to execute malicious batch files or programs before or after backup operations, which run with the privileges of the Iperius Backup Service account (Local System or Administrator), enabling privilege escalation and arbitrary code execution. | ||||
| CVE-2019-25611 | 1 Skyqinsc | 1 Miniftp | 2026-04-16 | 8.4 High |
| MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function that allows local attackers to execute arbitrary code by supplying oversized configuration values. Attackers can craft a miniftpd.conf file with values exceeding 128 bytes to overflow stack buffers and overwrite the return address, enabling code execution with root privileges. | ||||