CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

73 matches found

CVE-2018-25426 WinMTR 0.91 Denial of Service via Buffer Overflow

WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow...

8.7CVSS6AI score0.00041EPSS

Exploits1References4

ATTACKERKB•added 5 days ago•13 views

CVE-2018-25426

8.7CVSS6AI score0.00041EPSS

Exploits1References4Affected Software1

CNNVD•added 5 days ago•4 views

WinMTR 安全漏洞

WinMTR is an open-source network diagnostic tool developed by WinMTR. Version 0.91 of WinMTR contains a security vulnerability, which stems from a buffer overflow. This vulnerability could allow attackers to cause the application to crash by sending malicious load files containing repeated...

8.7CVSS6.2AI score0.00041EPSS

Exploits1References4

Cvelist•added 2026/05/27 5:31 a.m.•25 views

CVE-2026-8048 My Email Shortcode <= 0.91 - [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')]

The My Email Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'subject' shortcode attribute in the 'my-email' shortcode in all versions up to, and including, 0.91 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...

6.4CVSS0.00032EPSS

Exploits0References3

ATTACKERKB•added 2026/05/27 5:31 a.m.•5 views

CVE-2026-8048

6AI score0.00032EPSS

Exploits0References4

EUVD•added 2026/05/27 5:31 a.m.•4 views

EUVD-2026-32075

6.4CVSS6AI score0.00032EPSS

Exploits0References3

CVE•added 2026/05/27 5:31 a.m.•7 views

CVE-2026-8048

The CVE-2026-8048 entry concerns the WordPress plugin My Email Shortcode. Affected: plugin versions up to and including 0.91. Vulnerability: Stored Cross-Site Scripting via the subject attribute of the my-email shortcode, caused by insufficient input sanitization and output escaping. Impact: auth...

6.4CVSS6AI score0.00032EPSS

Exploits0References3

Patchstack•added 2026/05/26 5:20 p.m.•4 views

WordPress My Email Shortcode plugin <= 0.91 - [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')] vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability discovered by zakaria in WordPress Plugin My Email Shortcode versions = 0.91...

6.4CVSS5.8AI score0.00032EPSS

Exploits0References1Affected Software1

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в inkscape

Inkscape version 0.91 is vulnerable to a out-of-bounds write vulnerability, which may allow an attacker to arbitrarily execute code...

7.8CVSS7.2AI score0.00394EPSS

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в inkscape

Inkscape version 0.91 has a vulnerability where an uninitialized pointer exists, which may allow an attacker to access unauthorized information...

4.3CVSS5.8AI score0.0016EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в inkscape

Inkscape 0.91 is vulnerable to a out-of-bounds read, which may allow an attacker to access unauthorized information...

3.5CVSS5.8AI score0.0016EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2001-1177

Malware in sbrugna...

10CVSS6.4AI score0.03792EPSS

Exploits1References5

Tenable Nessus•added 2025/08/20 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2021-42700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information. CVE-2021-42700 Note that Nessus...

3.5CVSS5AI score0.0016EPSS

Exploits1References2

Tenable Nessus•added 2025/08/20 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2021-42702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information. CVE-2021-42702 Note that Ness...

4.3CVSS4.9AI score0.0016EPSS

Exploits1References2

SUSE CVE•added 2023/02/15 6:21 a.m.•1 views

SUSE CVE-2004-0386

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header...

10CVSS8.3AI score0.36771EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 4:27 a.m.•1 views

SUSE CVE-2018-11574

Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files...

9.8CVSS7.2AI score0.00406EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 3:37 a.m.•2 views

SUSE CVE-2021-42704

Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code...

7.8CVSS7.8AI score0.00394EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 3:37 a.m.•0 views

SUSE CVE-2021-42700

Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information...

3.5CVSS4.5AI score0.0016EPSS

Exploits1References3