Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-27306 ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Attacker re... | 8.4 | HIGH | β | 0 |
| CVE-2016-20044 PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malic... | 8.4 | HIGH | β | 0 |
| CVE-2026-23853 Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13... | 8.4 | HIGH | β | 0 |
| CVE-2026-28821 A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8... | 8.4 | HIGH | β | 0 |
| CVE-2019-25629 AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functionality that allows local attackers to execute arbitrary code by supplying a malicio... | 8.4 | HIGH | β | 0 |
| CVE-2026-22593 EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-one check in IsoMux certificate filename handling causes a stack-based buffer overflow when a filename length equals `MA... | 8.4 | HIGH | β | 0 |
| CVE-2026-32920 OpenClaw before 2026.3.12 automatically discovers and loads plugins from .OpenClaw/extensions/ without explicit trust verification, allowing arbitrary code execution. Attackers can execute malicious c... | 8.4 | HIGH | β | 0 |
| CVE-2018-25222 SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft mal... | 8.4 | HIGH | β | 0 |
| CVE-2019-25627 FlexHEX 2.71 contains a local buffer overflow vulnerability in the Stream Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overflow. ... | 8.4 | HIGH | β | 0 |
| CVE-2018-25213 Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Att... | 8.4 | HIGH | β | 0 |
| CVE-2019-25626 River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code... | 8.4 | HIGH | β | 0 |
| CVE-2018-25212 Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers ... | 8.4 | HIGH | β | 0 |
| CVE-2026-32845 cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate() function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplyi... | 8.4 | HIGH | β | 0 |
| CVE-2019-25701 Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers c... | 8.4 | HIGH | β | 0 |
| CVE-2016-20047 EKG Gadu 1.9~pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Att... | 8.4 | HIGH | β | 0 |
| CVE-2020-37024 Nidesoft DVD Ripper 5.2.18 contains a local buffer overflow vulnerability in the License Code registration parameter that allows attackers to execute arbitrary code. Attackers can craft a malicious pa... | 8.4 | HIGH | β | 0 |
| CVE-2026-24930 UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability. | 8.4 | HIGH | β | 0 |
| CVE-2026-24926 Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability. | 8.4 | HIGH | β | 0 |
| CVE-2020-37142 10-Strike Network Inventory Explorer 8.54 contains a structured exception handler buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting SEH records. Attackers ca... | 8.4 | HIGH | β | 0 |
| CVE-2020-37040 Code Blocks 17.12 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious file name with Unicode characters. Attackers can trigger the vu... | 8.4 | HIGH | β | 0 |
| CVE-2020-37036 RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payl... | 8.4 | HIGH | β | 0 |
| CVE-2020-37031 Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory through the 'File' input parameter. Attackers can craft... | 8.4 | HIGH | β | 0 |
| CVE-2026-35570 OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Versions prior to 0.5.1 have a logic flaw in `bashToolHasPermission()` inside `src/tools/BashTool/... | 8.4 | HIGH | β | 0 |
| CVE-2020-37029 FTPDummy 4.80 contains a local buffer overflow vulnerability in its preference file handling that allows attackers to execute arbitrary code. Attackers can craft a malicious preference file with caref... | 8.4 | HIGH | β | 0 |
| CVE-2020-37028 Socusoft Photo to Video Converter Professional 8.07 contains a local buffer overflow vulnerability in the 'Output Folder' input field that allows attackers to execute arbitrary code. Attackers can cra... | 8.4 | HIGH | β | 0 |
| CVE-2020-37025 Port Forwarding Wizard 4.8.0 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code through a long request in the Register feature. Attackers can craft a malici... | 8.4 | HIGH | β | 0 |
| CVE-2020-37001 Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the Pack File feature that allows attackers to execute arbitrary code by overflowing the 'Archive To' input field. Attac... | 8.4 | HIGH | β | 0 |
| CVE-2020-36971 Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License C... | 8.4 | HIGH | β | 0 |
| CVE-2020-36970 PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized ... | 8.4 | HIGH | β | 0 |
| CVE-2026-40706 In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfs_build_permissions_posix() in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by craft... | 8.4 | HIGH | β | 0 |
| CVE-2020-36965 docPrint Pro 8.0 contains a local buffer overflow vulnerability in the 'Add URL' input field that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payl... | 8.4 | HIGH | β | 0 |
| CVE-2026-4857 IdentityIQ 8.5, all IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ 8.4 patch levels prior to 8.4p4 allow authenticated users assigned the Debug Pages Read Only capabili... | 8.4 | HIGH | β | 0 |
| CVE-2018-25255 10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attack... | 8.4 | HIGH | β | 0 |
| CVE-2018-25261 Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious ... | 8.4 | HIGH | β | 0 |
| CVE-2018-25260 MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. At... | 8.4 | HIGH | β | 0 |
| CVE-2018-25259 Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception ... | 8.4 | HIGH | β | 0 |
| CVE-2026-5398 The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the invoking process then exits, the termin... | 8.4 | HIGH | β | 0 |
| CVE-2026-32221 Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally. | 8.4 | HIGH | β | 0 |
| CVE-2019-25631 AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellc... | 8.4 | HIGH | β | 0 |
| CVE-2019-25691 Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitatio... | 8.4 | HIGH | β | 0 |
| CVE-2026-32162 Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally. | 8.4 | HIGH | β | 0 |
| CVE-2025-70798 Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | 8.4 | HIGH | β | 0 |
| CVE-2018-25258 RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers ca... | 8.4 | HIGH | β | 0 |
| CVE-2025-70802 Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | 8.4 | HIGH | β | 0 |
| CVE-2018-25218 PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. ... | 8.4 | HIGH | β | 0 |
| CVE-2019-25607 Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers ca... | 8.4 | HIGH | β | 0 |
| CVE-2019-25633 AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email pre... | 8.4 | HIGH | β | 0 |
| CVE-2016-20039 Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulnerability in the gamma parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers... | 8.4 | HIGH | β | 0 |
| CVE-2018-25251 Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craf... | 8.4 | HIGH | β | 0 |
| CVE-2026-33572 OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissions, allowing local users to read transcript contents. Attackers with local access can read transcrip... | 8.4 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.