Lucene search
K

93 matches found

Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.9 views

PT-2026-49413

Unauthenticated Arbitrary File Deletion in Contact Form Extender for Divi Save Entries, File Upload & Country Code Field = 1.0.6 versions...

8.6CVSS5.3AI score0.00442EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 6:46 a.m.11 views

CVE-2026-8143 Booking Calendar – Event Calendar <= 2.1.6 - Unauthenticated Stored Cross-Site Scripting via Multiple Parameters

The HBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hbcountryiso', 'hbusastateiso', and 'hbcanadaprovinceiso' parameters in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS6AI score0.0019EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/25 2:15 p.m.12 views

CVE-2018-25377

Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the...

8.6CVSS6.5AI score0.00182EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/26 1:19 p.m.34 views

CVE-2018-25285 Fathom 2.4 Denial of Service via Authorization Code Buffer Overflow

Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of...

6.8CVSS0.0013EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/26 1:19 p.m.8 views

EUVD-2018-21805

Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of...

6.8CVSS5.8AI score0.0013EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/26 1:19 p.m.11 views

CVE-2018-25285

Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of...

6.8CVSS5.7AI score0.0013EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.12 views

PT-2026-35255

Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of...

6.8CVSS5.7AI score0.0013EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/04/21 10:5 a.m.7 views

WordPress Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field plugin <= 1.0.6 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by babyhack@OPCIA in WordPress Plugin Contact Form Extender for Divi Save Entries, File Upload & Country Code Field versions = 1.0.6...

5.8AI score0.00442EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/12 12:28 p.m.4 views

CVE-2019-25689

HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigge...

8.6CVSS6.7AI score0.00206EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/04/12 12:28 p.m.19 views

CVE-2019-25689

CVE-2019-25689 affects HTML5 Video Player version 1.2.5. The vulnerability is a local buffer overflow triggered by an oversized key code string entered into the KEY CODE field in the Help Register dialog, enabling arbitrary code execution and allowing an attacker to spawn a calculator process. Do...

8.6CVSS6.7AI score0.00206EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.8 views

HTML5 Video Player 缓冲区错误漏洞

Html5Videoplayer is a web video playback component implemented using HTML5 technology by Html5Videoplayer Inc. Version 1.2.5 of HTML5 Video Player contains a buffer overflow vulnerability, which stems from insufficient input validation of the KEYCODE field. This vulnerability could lead to a loca...

8.6CVSS6.3AI score0.00206EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/26 3:30 p.m.5 views

EUVD-2019-20037

River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a large payload of repeated characters into the 'E-Mail and Activation Cod...

6.8CVSS6.1AI score0.00113EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.6 views

CVE-2019-25475

SQL Server Password Changer 1.90 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can inject 6000 bytes of data into the User Name and Registration Code field to trigger a denial of service condition...

6.9CVSS6.1AI score0.00123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:5 p.m.5 views

CVE-2019-25477

RAR Password Recovery 1.80 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the registration dialog. Attackers can craft a malicious input string exceeding 6000 bytes and paste it into the User Name and Registration...

6.9CVSS6.1AI score0.00123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:5 p.m.5 views

CVE-2019-25484

WinMPG iPod Convert 3.0 contains a buffer overflow vulnerability in the Register dialog that allows local attackers to crash the application by supplying an oversized payload. Attackers can paste a large string of characters into the User Name and User Code field to trigger a denial of service...

6.9CVSS6.1AI score0.00123EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 1:24 p.m.6 views

CVE-2019-25649

CVE-2019-25649 affects River Past Audio Converter 7.7.16. A local buffer overflow in the activation code field (E‑Mail and Activation Code) allows a local attacker to crash the application by supplying an oversized input string, triggering a denial of service. The provided documents do not includ...

6.8CVSS6.1AI score0.00113EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.7 views

PassFab Excel Password Recovery 缓冲区错误漏洞

PassFab Excel Password Recovery is a Excel file password recovery tool developed by PassFab Corporation. The version Excel Password Recovery Professional 8.2.0.0 contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the E-Mail and Registrations Code field, whic...

6.8CVSS6.1AI score0.00176EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/21 3:33 p.m.5 views

EUVD-2019-19878

Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field duri...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/21 12:47 p.m.25 views

CVE-2019-25565 Magic Iso Maker 5.5 Buffer Overflow Denial of Service

Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field duri...

6.9CVSS0.00183EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/21 12:47 p.m.4 views

CVE-2019-25565

Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field duri...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4
Rows per page
Query Builder