Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10846
Total
736
Critical
3127
High
3471
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2019-25707 | HIGH | 7.1 | eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. … | Apr 12, 2026 |
| CVE-2019-25706 | HIGH | 7.5 | Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom-0 backup file containing sensitive information by sending a simple … | Apr 12, 2026 |
| CVE-2019-25705 | HIGH | 8.4 | Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized … | Apr 12, 2026 |
| CVE-2019-25703 | HIGH | 7.1 | ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. … | Apr 12, 2026 |
| CVE-2019-25701 | HIGH | 8.4 | Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured … | Apr 12, 2026 |
| CVE-2019-25699 | HIGH | 7.1 | Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authenticated attackers to extract database information through time-based, blind, and … | Apr 12, 2026 |
| CVE-2019-25697 | HIGH | 8.2 | CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can … | Apr 12, 2026 |
| CVE-2019-25695 | HIGH | 8.4 | R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. … | Apr 12, 2026 |
| CVE-2019-25693 | HIGH | 7.1 | ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in … | Apr 12, 2026 |
| CVE-2019-25691 | HIGH | 8.4 | Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception … | Apr 12, 2026 |
| CVE-2019-25689 | HIGH | 8.4 | HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers … | Apr 12, 2026 |
| CVE-2018-25258 | HIGH | 8.4 | RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. … | Apr 12, 2026 |
| CVE-2018-25257 | HIGH | 7.1 | Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name … | Apr 12, 2026 |
| CVE-2017-20239 | MEDIUM | 6.1 | MDwiki contains a cross-site scripting vulnerability that allows remote attackers to execute arbitrary JavaScript by injecting malicious code through the location hash parameter. Attackers can … | Apr 12, 2026 |
| CVE-2026-6126 | HIGH | 7.3 | A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation … | Apr 12, 2026 |
| CVE-2026-6125 | MEDIUM | 6.3 | A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow … | Apr 12, 2026 |
| CVE-2026-6124 | HIGH | 8.8 | A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation … | Apr 12, 2026 |
| CVE-2026-6123 | HIGH | 8.8 | A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a manipulation of … | Apr 12, 2026 |
| CVE-2026-6122 | HIGH | 8.8 | A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. … | Apr 12, 2026 |
| CVE-2026-6121 | HIGH | 8.8 | A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. … | Apr 12, 2026 |
| CVE-2026-6120 | HIGH | 8.8 | A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the … | Apr 12, 2026 |
| CVE-2026-6119 | MEDIUM | 6.3 | A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get of the component API Endpoint. Such manipulation leads … | Apr 12, 2026 |
| CVE-2026-31413 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybe_fork_scalars() for BPF_OR maybe_fork_scalars() is called for both BPF_AND … | Apr 12, 2026 |
| CVE-2026-6118 | MEDIUM | 6.3 | A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function add_mcp_server of the file astrbot/dashboard/routes/tools.py of the component MCP Endpoint. This … | Apr 12, 2026 |
| CVE-2026-6117 | MEDIUM | 6.3 | A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of the file astrbot/dashboard/routes/plugin.py of the component install-upload Endpoint. … | Apr 12, 2026 |