CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Snyk•added 2026/03/12 2:16 p.m.•2 views

Heap-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7CVSS5.9AI score0.00019EPSS

Github Security Blog•added 2026/03/12 2:16 p.m.•4 views

ImageMagick has heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation

A 32-bit unsigned integer overflow in the XWD X Windows encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur. ================================================================= ==741961==ERROR: AddressSanitizer:...

6.8CVSS6AI score0.00019EPSS

Exploits0References3Affected Software19

Snyk•added 2026/03/12 2:16 p.m.•5 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in WriteXWDImage, when writing an extremely large image, due to an arithmetic overflow in the calculation of bytesperline. Remediation A fix was pushed into the master branch but not yet published. References ...

7CVSS5.8AI score0.00019EPSS

RedHat Linux•added 2026/03/12 1:35 p.m.•3 views

freerdp: FreeRDP global-buffer-overflow

A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...

9.1CVSS5.9AI score0.00115EPSS

Exploits1References6

RedHat Linux•added 2026/03/12 9:11 a.m.•1 views

freerdp: FreeRDP global-buffer-overflow

9.1CVSS5.9AI score0.00115EPSS

Exploits1References6

EUVD•added 2026/03/11 9:31 p.m.•5 views

EUVD-2019-19752

SQL Server Password Changer 1.90 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can inject 6000 bytes of data into the User Name and Registration Code field to trigger a denial of service condition...

EUVD•added 2026/03/11 9:31 p.m.•3 views

EUVD-2019-19754

Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the User Name and Registration Code field to...

EUVD•added 2026/03/11 9:31 p.m.•6 views

EUVD-2019-19756

RAR Password Recovery 1.80 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the registration dialog. Attackers can craft a malicious input string exceeding 6000 bytes and paste it into the User Name and Registration...

EUVD•added 2026/03/11 9:31 p.m.•2 views

EUVD-2019-19742

Folder Lock 7.7.9 contains a buffer overflow vulnerability in the serial number registration field that allows local attackers to crash the application by submitting an oversized payload. Attackers can paste a 6000-byte buffer of arbitrary data into the 'Serial Number and Registration Key' field ...

NVD•added 2026/03/11 7:16 p.m.•2 views

CVE-2019-25469

6.9CVSS0.00019EPSS

CVE•added 2026/03/11 6:23 p.m.•6 views

CVE-2019-25476

Outlook Password Recovery 2.10 is affected by a local buffer overflow vulnerability that can crash the app by supplying a 6000-byte payload in the User Name and Registration Code fields, causing a denial‑of‑service. CVSS metrics show a base score around 6.xx (local, low complexity, availability i...

ATTACKERKB•added 2026/03/11 6:23 p.m.•2 views

CVE-2019-25476

Exploits0References2Affected Software1

CVE•added 2026/03/11 6:23 p.m.•6 views

CVE-2019-25475

The affected software is SQL Server Password Changer version 1.90. The vulnerability is a buffer overflow in the application that allows a local attacker to crash the program by sending an oversized payload, specifically exploiting the User Name and Registration Code fields with around 6000 bytes...

ATTACKERKB•added 2026/03/11 6:23 p.m.•4 views

CVE-2019-25475

Exploits0References2Affected Software1

Cvelist•added 2026/03/11 6:23 p.m.•25 views

CVE-2019-25469 Folder Lock 7.7.9 Denial of Service via Serial Number Field

6.9CVSS0.00019EPSS

SUSE Linux•added 2026/03/11 5:7 p.m.•5 views

Security update for python

This update for python fixes the following issue: CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...

8.3CVSS5.8AI score0.00052EPSS

Exploits0References4

OSV•added 2026/03/11 5:7 p.m.•2 views

SUSE-SU-2026:0873-1 Security update for python

This update for python fixes the following issue: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181...

6CVSS5.8AI score0.00052EPSS

Positive Technologies•added 2026/03/11 12:0 a.m.•4 views

PT-2026-24773