|
671
|
5.5 |
MEDIUM
Local
|
angryip
|
angry_ip_scanner
|
Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can …
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2018-25266
|
2026-04-28 02:28 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
672
|
7.8 |
HIGH
Local
|
lizardsystems
|
lanspy
|
LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the scan field. Attackers can craft a payloa…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2018-25268
|
2026-04-28 02:25 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
673
|
9.8 |
CRITICAL
Network
|
thinkphp
|
thinkphp
|
ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing parameter. Attackers can c…
Update
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2018-25270
|
2026-04-28 02:20 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
674
|
5.5 |
MEDIUM
Local
|
helios
|
textpad
|
Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attacke…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2018-25271
|
2026-04-28 02:13 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
675
|
9.8 |
CRITICAL
Network
|
dell
|
powerprotect_dp_series_appliance
data_domain_operating_system
|
Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0…
Update
|
CWE-121
CWE-787
Stack-based Buffer Overflow
Out-of-bounds Write
|
CVE-2026-26354
|
2026-04-28 02:09 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
676
|
6.2 |
MEDIUM
Local
|
apple
|
ipados
iphone_os
|
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2. Notifications marked for deletion could be unexpectedly …
Update
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2026-28950
|
2026-04-28 02:07 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
677
|
9.1 |
CRITICAL
Network
|
espocrm
|
espocrm
|
EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, EspoCRM's built-in formula scripting engine allowing updating attachment's sourceId thus allowing an au…
Update
|
CWE-22
Path Traversal
|
CVE-2026-33656
|
2026-04-28 02:04 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
678
|
7.8 |
HIGH
Local
|
radare
|
radare2
|
radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with …
Update
|
CWE-78
OS Command
|
CVE-2026-40517
|
2026-04-28 02:04 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
679
|
7.5 |
HIGH
Network
|
powerdns
|
recursor
|
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-33256
|
2026-04-28 02:04 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
680
|
7.5 |
HIGH
Network
|
powerdns
|
authoritative
dnsdist
recursor
|
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-33257
|
2026-04-28 02:03 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
