Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12557
Total
848
Critical
3598
High
3936
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2018-25253 | MEDIUM | 6.2 | Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by … | Apr 04, 2026 |
| CVE-2018-25252 | MEDIUM | 6.2 | FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site … | Apr 04, 2026 |
| CVE-2018-25251 | HIGH | 8.4 | Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) … | Apr 04, 2026 |
| CVE-2018-25250 | HIGH | 7.2 | MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects … | Apr 04, 2026 |
| CVE-2018-25249 | MEDIUM | 6.4 | MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through arcade game score comments. Attackers … | Apr 04, 2026 |
| CVE-2018-25248 | HIGH | 7.2 | MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can … | Apr 04, 2026 |
| CVE-2018-25247 | MEDIUM | 6.1 | MyBB Like Plugin 3.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating posts or threads with unvalidated subject content. … | Apr 04, 2026 |
| CVE-2018-25245 | HIGH | 7.5 | 7 Tik 1.0.1.0 contains a denial of service vulnerability that allows attackers to crash the application by submitting excessively long input strings to the search … | Apr 04, 2026 |
| CVE-2018-25244 | MEDIUM | 6.2 | Eco Search 1.0.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the … | Apr 04, 2026 |
| CVE-2018-25243 | MEDIUM | 6.2 | FastTube 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search … | Apr 04, 2026 |
| CVE-2018-25242 | MEDIUM | 6.2 | One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the … | Apr 04, 2026 |
| CVE-2018-25241 | HIGH | 7.5 | VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. … | Apr 04, 2026 |
| CVE-2018-25240 | MEDIUM | 6.2 | Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search … | Apr 04, 2026 |
| CVE-2018-25239 | MEDIUM | 6.2 | Smart VPN 1.1.3.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the search interface. … | Apr 04, 2026 |
| CVE-2018-25238 | MEDIUM | 6.2 | VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search … | Apr 04, 2026 |
| CVE-2016-20061 | HIGH | 7.8 | sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers to escalate privileges by exploiting the service binary … | Apr 04, 2026 |
| CVE-2016-20060 | HIGH | 7.8 | Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. … | Apr 04, 2026 |
| CVE-2016-20059 | HIGH | 7.8 | IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can … | Apr 04, 2026 |
| CVE-2016-20058 | HIGH | 7.8 | Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers … | Apr 04, 2026 |
| CVE-2016-20057 | HIGH | 7.8 | NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the … | Apr 04, 2026 |
| CVE-2016-20056 | HIGH | 7.8 | Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth and SpyEmrgSrv services that allows local attackers to escalate privileges by inserting … | Apr 04, 2026 |
| CVE-2016-20055 | HIGH | 7.8 | IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileges. Attackers can place a … | Apr 04, 2026 |
| CVE-2016-20053 | MEDIUM | 5.3 | Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by tricking authenticated administrators into visiting malicious … | Apr 04, 2026 |
| CVE-2016-20052 | CRITICAL | 9.8 | Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews_files directory. Attackers … | Apr 04, 2026 |
| CVE-2016-20051 | MEDIUM | 5.3 | Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can … | Apr 04, 2026 |