Export limit exceeded: 337763 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337763 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-32101 | 1 Studiocms | 1 S3-storage | 2026-03-12 | 7.6 High |
| StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.3.1, the S3 storage manager's isAuthorized() function is declared async (returns Promise<boolean>) but is called without await in both the POST and PUT handlers. Since a Promise object is always truthy in JavaScript, !isAuthorized(type) always evaluates to false, completely bypassing the authorization check. Any authenticated user with the lowest visitor role can upload, delete, rename, and list all files in the S3 bucket. This vulnerability is fixed in 0.3.1. | ||||
| CVE-2026-31877 | 1 Frappe | 1 Frappe | 2026-03-12 | N/A |
| Frappe is a full-stack web application framework. Prior to 15.84.0 and 14.99.0, a specially crafted request made to a certain endpoint could result in SQL injection, allowing an attacker to extract information they wouldn't otherwise be able to. This vulnerability is fixed in 15.84.0 and 14.99.0. | ||||
| CVE-2018-25159 | 1 Epross | 1 Avcon6 Systems Management Platform | 2026-03-12 | 9.8 Critical |
| Epross AVCON6 systems management platform contains an object-graph navigation language (OGNL) injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by injecting malicious OGNL expressions. Attackers can send crafted requests to the login.action endpoint with OGNL payloads in the redirect parameter to instantiate ProcessBuilder objects and execute system commands with root privileges. | ||||
| CVE-2019-25463 | 1 Nsauditor | 1 Spotie Internet Explorer Password Recovery | 2026-03-12 | 6.2 Medium |
| SpotIE Internet Explorer Password Recovery 2.9.5 contains a denial of service vulnerability in the registration key input field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 256-character payload into the Key field during registration to trigger a buffer overflow and crash the application. | ||||
| CVE-2019-25465 | 1 Hisilicon | 1 Hiipcam | 2026-03-12 | 7.5 High |
| Hisilicon HiIpcam V100R003 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by exploiting directory listing in the cgi-bin directory. Attackers can request the getadslattr.cgi endpoint to retrieve ADSL credentials and network configuration parameters including usernames, passwords, and DNS settings. | ||||
| CVE-2019-25466 | 1 Sharing-file | 1 Easy File Sharing Web Server | 2026-03-12 | 8.4 High |
| Easy File Sharing Web Server 7.2 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by creating a malicious username. Attackers can craft a username with a payload containing 4059 bytes of padding followed by a nseh value and seh pointer to trigger the overflow when adding a new user account. | ||||
| CVE-2019-25467 | 1 Verypdf | 1 Docprint Pro | 2026-03-12 | 8.4 High |
| Verypdf docPrint Pro 8.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized alphanumeric encoded payload in the User Password or Master Password fields. Attackers can craft a malicious payload with encoded shellcode and SEH chain manipulation to bypass protections and execute a MessageBox proof-of-concept when the password fields are processed during PDF encryption. | ||||
| CVE-2019-25468 | 1 Netgain Systems | 1 Netgain Em Plus | 2026-03-12 | 9.8 Critical |
| NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the script_test.jsp endpoint. Attackers can send POST requests with shell commands embedded in the 'content' parameter to execute code and retrieve command output. | ||||
| CVE-2019-25469 | 1 Newsoftwares | 1 Folder Lock | 2026-03-12 | 6.2 Medium |
| Folder Lock 7.7.9 contains a buffer overflow vulnerability in the serial number registration field that allows local attackers to crash the application by submitting an oversized payload. Attackers can paste a 6000-byte buffer of arbitrary data into the 'Serial Number and Registration Key' field to trigger a denial of service condition. | ||||
| CVE-2019-25470 | 1 Ewon | 1 Ewon | 2026-03-12 | 7.5 High |
| eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint. Attackers can send POST requests to /wrcgi.bin/wsdReadForm with base64-encoded partial credentials and a crafted wsdList parameter to extract encrypted passwords for all users, which can be decrypted using a hardcoded XOR key. | ||||
| CVE-2019-25471 | 1 Filethingie | 1 Filethingie | 2026-03-12 | 9.8 Critical |
| FileThingie 2.5.7 contains an arbitrary file upload vulnerability that allows attackers to upload malicious files by sending ZIP archives through the ft2.php endpoint. Attackers can upload ZIP files containing PHP shells, use the unzip functionality to extract them into accessible directories, and execute arbitrary commands through the extracted PHP files. | ||||
| CVE-2019-25476 | 1 Top Password Software | 1 Outlook Password Recovery | 2026-03-12 | 6.2 Medium |
| Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the User Name and Registration Code field to trigger a denial of service condition. | ||||
| CVE-2019-25477 | 1 Top Password Software | 1 Rar Password Recovery | 2026-03-12 | 6.2 Medium |
| RAR Password Recovery 1.80 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the registration dialog. Attackers can craft a malicious input string exceeding 6000 bytes and paste it into the User Name and Registration Code field to trigger an application crash. | ||||
| CVE-2019-25478 | 1 Getgosoft | 1 Getgo Download Manager | 2026-03-12 | 7.5 High |
| GetGo Download Manager 6.2.2.3300 contains a buffer overflow vulnerability that allows remote attackers to cause denial of service by sending HTTP responses with excessively long headers. Attackers can craft malicious HTTP responses with oversized header values to crash the application and make it unavailable. | ||||
| CVE-2019-25480 | 1 Armbot | 1 Armbot | 2026-03-12 | 7.5 High |
| ARMBot contains an unrestricted file upload vulnerability in upload.php that allows unauthenticated attackers to upload arbitrary files by manipulating the file parameter with path traversal sequences. Attackers can upload PHP files with traversal payloads ../public_html/ to write executable code to the web root and achieve remote code execution. | ||||
| CVE-2019-25483 | 1 Comtrend | 1 Ar-5310 | 2026-03-12 | 8.4 High |
| Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $( ). Attackers can inject arbitrary commands through the $( ) syntax when passed as arguments to allowed commands like ping to execute unrestricted shell access. | ||||
| CVE-2019-25485 | 1 R-project | 1 R | 2026-03-12 | 6.2 Medium |
| R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the GUI Preferences language menu field that allows local attackers to bypass DEP and ASLR protections. Attackers can inject a crafted payload through the Language for menus preference to trigger a structured exception handler chain pivot and execute arbitrary shellcode with application privileges. | ||||
| CVE-2019-25486 | 1 Varient | 1 Varient Sql Inj. | 2026-03-12 | 8.2 High |
| Varient 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user_id parameter. Attackers can submit POST requests with crafted SQL payloads in the user_id field to bypass authentication and extract sensitive database information. | ||||
| CVE-2019-25487 | 1 Sapido | 1 Rb-1732 | 2026-03-12 | 9.8 Critical |
| SAPIDO RB-1732 V2.0.43 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the formSysCmd endpoint. Attackers can send POST requests with the sysCmd parameter containing shell commands to execute code on the device with router privileges. | ||||
| CVE-2025-12555 | 1 Gitlab | 1 Gitlab | 2026-03-12 | 4.3 Medium |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD disabled due to improper authorization checks. | ||||