CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

EUVD•added 2026/03/22 3:31 p.m.•1 views

EUVD-2019-19971

Lavavo CD Ripper 4.20 contains a structured exception handling SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Activation Name field. Attackers can craft a payload with controlled buffer data, NSEH jump...

8.6CVSS6.8AI score0.00007EPSS

Exploits0References5

CVE•added 2026/03/22 1:38 p.m.•3 views

CVE-2019-25615

Lavavo CD Ripper 4.20 is affected by a local SEH buffer overflow in the License Activation Name field. A crafted input can overflow the structured exception handling path to execute arbitrary code, with the potential to establish a bind shell on port 3110. The description references payloads usin...

8.6CVSS6.8AI score0.00007EPSS

Exploits0References4

ATTACKERKB•added 2026/03/22 1:38 p.m.•3 views

CVE-2019-25615

8.6CVSS6.8AI score0.00007EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2026/03/22 12:0 a.m.•3 views

PT-2026-27003

8.6CVSS6.8AI score0.00007EPSS

Exploits0References5

CNNVD•added 2026/03/22 12:0 a.m.•2 views

Lavavo CD Ripper 缓冲区错误漏洞

Lavavo CD Ripper is an audio extraction tool developed by the Lavavo company. Version 4.20 of Lavavo CD Ripper contains a buffer overflow vulnerability, which stems from improper handling of structured exceptions and buffer overflows. This vulnerability could allow local attackers to execute...

8.6CVSS6.5AI score0.00007EPSS

Exploits0References4

OSV•added 2026/02/19 1:16 p.m.•1 views

CVE-2019-25405

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the newLicense parameter. Attackers can send POST requests to the license activation endpoint with script payloads in the newLicense fie...

5.4CVSS5.9AI score

Exploits0References4

NVD•added 2026/02/19 1:16 p.m.•4 views

CVE-2019-25405

7.2CVSS0.00013EPSS

Exploits1References4

Vulnrichment•added 2026/02/19 12:2 p.m.•2 views

CVE-2019-25405 Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via license_activation

7.2CVSS5.6AI score0.00013EPSS

Exploits1References4

Cvelist•added 2026/02/19 12:2 p.m.•20 views

CVE-2019-25405 Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via license_activation

7.2CVSS0.00013EPSS

Exploits1References4

ATTACKERKB•added 2026/02/19 12:2 p.m.•3 views

CVE-2019-25405

7.2CVSS5.6AI score0.00013EPSS

Exploits1References4Affected Software1

CVE•added 2026/02/19 12:2 p.m.•5 views

CVE-2019-25405

CVE-2019-25405 affects Comodo Dome Firewall 2.7.0 with a stored XSS in the license activation endpoint (newLicense parameter). An attacker can send crafted input via POST to execute JavaScript in administrators’ browsers. Impact and CVSS details are provided (CVSS‑4.0: 5.3, NETWORK/LOW/LI, UI:P; ...

7.2CVSS5.6AI score0.00013EPSS

Exploits1References4Affected Software1

CNNVD•added 2026/02/19 12:0 a.m.•4 views

Comodo Dome Firewall 跨站脚本漏洞

Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability stems from insufficient input validation of the newLicense parameter at...

7.2CVSS5.6AI score0.00013EPSS

Exploits1References4

Positive Technologies•added 2026/02/19 12:0 a.m.•2 views

PT-2026-20808

7.2CVSS5.6AI score0.00013EPSS

Exploits1References4

CVE•added 2026/02/11 8:37 p.m.•4 views

CVE-2020-37198

CVE-2020-37198 affects Duplicate Cleaner Pro 4.1.3. The vulnerability is a denial of service caused by injecting an oversized buffer into the license key field, with a demonstrated 6000-byte payload that can be pasted into the license activation field to crash the application. Public sources in c...

7.5CVSS5.8AI score0.00014EPSS

Exploits0References3

RedhatCVE•added 2025/11/20 9:36 p.m.•4 views

CVE-2025-34335

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an authenticated command injection vulnerability in the license activation workflow handled by AudioCodesfiles/ActivateLicense.php. When a license file is uploaded, the application derives a new...

8.8CVSS7.6AI score0.00656EPSS

Exploits2References1

NVD•added 2025/11/19 5:15 p.m.•3 views

CVE-2025-34335

8.8CVSS0.00656EPSS

Exploits2References4

OSV•added 2025/11/19 5:15 p.m.•2 views

CVE-2025-34335

8.8CVSS5.9AI score0.00656EPSS

Exploits2References4

Cvelist•added 2025/11/19 4:24 p.m.•7 views

CVE-2025-34335 AudioCodes Fax/IVR Appliance <= 2.6.23 Authenticated Command Injection via ActivateLicense.php

8.7CVSS0.00656EPSS

Exploits2References4

Positive Technologies•added 2025/11/19 12:0 a.m.•5 views

PT-2025-47484

Name of the Vulnerable Software and Affected Versions AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 Description The software contains a command injection issue within the license activation process, specifically in the ''ActivateLicense.php'' file...

8.8CVSS7.1AI score0.00656EPSS

Exploits2References10

CNNVD•added 2025/11/19 12:0 a.m.•2 views

AudioCodes Fax Server 安全漏洞

AudioCodes Fax Server is a fax server from AudioCodes Israel. A security vulnerability exists in AudioCodes Fax Server version 2.6.23 and earlier, which stems from command injection in the license activation workflow and could lead to arbitrary command execution...

8.8CVSS7.3AI score0.00656EPSS

Exploits2References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by