CVE Database

110968+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-7044
6.3 MEDIUM

A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The …

Apr 26, 2026
CVE-2026-7043
6.3 MEDIUM

A vulnerability has been found in GreenCMS up to 2.3. This impacts the function pluginAddLocal of the file /index.php?m=admin&c=custom&a=pluginadd. The manipulation leads to unrestricted upload. …

Apr 26, 2026
CVE-2026-7042
7.3 HIGH

A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create_app of the file backend/app/__init__.py of the component REST API …

Apr 26, 2026
CVE-2018-25297
6.2 MEDIUM

Wansview 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can inject 2000-byte payloads …

Apr 26, 2026
CVE-2018-25296
5.5 MEDIUM

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting …

Apr 26, 2026
CVE-2018-25295
6.2 MEDIUM

ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in …

Apr 26, 2026
CVE-2018-25294
7.5 HIGH

CEWE Photoshow 6.3.4 contains a buffer overflow vulnerability in the login dialog that allows attackers to crash the application by submitting oversized input. Attackers can …

Apr 26, 2026
CVE-2018-25293
6.2 MEDIUM

Prime95 29.4b7 contains a buffer overflow vulnerability in the PrimeNet connection dialog that allows local attackers to crash the application by supplying an excessively long …

Apr 26, 2026
CVE-2018-25292
6.2 MEDIUM

Bome Restorator 1793 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name …

Apr 26, 2026
CVE-2018-25291
6.2 MEDIUM

Project64 2.3.2 contains a buffer overflow vulnerability in the Plugin Directory settings field that allows local attackers to crash the application by supplying an excessively …

Apr 26, 2026
CVE-2018-25290
6.2 MEDIUM

Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. …

Apr 26, 2026
CVE-2018-25289
6.2 MEDIUM

Softdisk 3.0.3 contains a buffer overflow vulnerability in the registration code dialog that allows local attackers to crash the application by supplying an oversized string. …

Apr 26, 2026
CVE-2018-25288
6.2 MEDIUM

StyleWriter 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a …

Apr 26, 2026
CVE-2018-25287
5.5 MEDIUM

Drive Power Manager 1.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the …

Apr 26, 2026
CVE-2018-25286
6.2 MEDIUM

Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename …

Apr 26, 2026
CVE-2018-25285
5.5 MEDIUM

Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input …

Apr 26, 2026
CVE-2018-25284
6.2 MEDIUM

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the …

Apr 26, 2026
CVE-2018-25283
8.4 HIGH

iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers …

Apr 26, 2026
CVE-2018-25282
6.2 MEDIUM

Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. …

Apr 26, 2026
CVE-2018-25281
5.5 MEDIUM

iCash 7.6.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload through the Connect to Server …

Apr 26, 2026
CVE-2018-25280
5.5 MEDIUM

Infiltrator Network Security Scanner 4.6 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers …

Apr 26, 2026
CVE-2018-25279
6.2 MEDIUM

jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG …

Apr 26, 2026
CVE-2018-25278
6.2 MEDIUM

PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers …

Apr 26, 2026
CVE-2018-25277
6.2 MEDIUM

PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input …

Apr 26, 2026
CVE-2018-25276
5.5 MEDIUM

RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can …

Apr 26, 2026
CVE-2018-25275
6.2 MEDIUM

Faleemi Plus 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can paste a …

Apr 26, 2026
CVE-2018-25274
6.2 MEDIUM

InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can …

Apr 26, 2026
CVE-2018-25273
6.2 MEDIUM

CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. …

Apr 26, 2026
CVE-2018-25264
6.2 MEDIUM

TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized …

Apr 26, 2026
CVE-2018-25263
8.4 HIGH

Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler …

Apr 26, 2026
CVE-2026-6786
8.1 HIGH

Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption …

Apr 26, 2026
CVE-2026-6785
8.1 HIGH

Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence …

Apr 26, 2026
CVE-2026-7041
3.7 LOW

A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug …

Apr 26, 2026
CVE-2026-7039
7.8 HIGH

A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation …

Apr 26, 2026
CVE-2026-7038
3.3 LOW

A weakness has been identified in tufantunc ssh-mcp up to 1.5.0. Impacted is an unknown function of the file src/index.ts of the component Command Line …

Apr 26, 2026
CVE-2026-7037
9.8 CRITICAL

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. …

Apr 26, 2026
CVE-2026-7036
7.3 HIGH

A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal. …

Apr 26, 2026
CVE-2026-7035
8.8 HIGH

A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of …

Apr 26, 2026
CVE-2026-7034
8.8 HIGH

A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing …

Apr 26, 2026
CVE-2026-7033
8.8 HIGH

A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the …

Apr 26, 2026
CVE-2026-7032
8.8 HIGH

A flaw has been found in Tenda F456 1.0.0.5. Affected is the function SafeEmailFilter of the file /goform/SafeEmailFilter. This manipulation of the argument page causes …

Apr 26, 2026
CVE-2026-7031
8.8 HIGH

A vulnerability was detected in Tenda F456 1.0.0.5. This impacts the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page results in …

Apr 26, 2026
CVE-2026-7030
8.8 HIGH

A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page …

Apr 26, 2026
CVE-2026-7029
8.8 HIGH

A weakness has been identified in Tenda F456 1.0.0.5. The impacted element is the function fromaddressNat of the file /goform/addressNat. Executing a manipulation of the …

Apr 26, 2026
CVE-2026-7028
4.7 MEDIUM

A security flaw has been discovered in CodeAstro Online Job Portal 1.0. The affected element is an unknown function of the file /admin/jobs-admins/delete-jobs.php of the …

Apr 26, 2026
CVE-2026-7027
2.4 LOW

A vulnerability was identified in D-Link DSL-2740R EU_01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless …

Apr 26, 2026
CVE-2026-7026
4.5 MEDIUM

A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the …

Apr 26, 2026
CVE-2026-7025
7.3 HIGH

A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service …

Apr 26, 2026
CVE-2026-7024
5.4 MEDIUM

A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the …

Apr 26, 2026
CVE-2026-7023
6.3 MEDIUM

A vulnerability was detected in ByteDance coze-studio up to 0.5.1. Affected by this vulnerability is the function ExecuteSQL of the file backend/domain/memory/database/service/database_impl.go of the component …

Apr 26, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.