|
841
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25285
|
2026-04-28 03:55 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
842
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can in…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25286
|
2026-04-28 03:55 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
843
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Drive Power Manager 1.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25287
|
2026-04-28 03:55 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
844
|
6.2 |
MEDIUM
Local
|
-
|
-
|
StyleWriter 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 6000-byte payload into the…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25288
|
2026-04-28 03:55 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
845
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Softdisk 3.0.3 contains a buffer overflow vulnerability in the registration code dialog that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger th…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25289
|
2026-04-28 03:55 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
846
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the v…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25290
|
2026-04-28 03:55 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
847
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Project64 2.3.2 contains a buffer overflow vulnerability in the Plugin Directory settings field that allows local attackers to crash the application by supplying an excessively long string. Attackers…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25291
|
2026-04-28 03:55 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
848
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Wansview 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can inject 2000-byte payloads into the Cam…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25297
|
2026-04-28 03:55 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
849
|
- |
|
-
|
-
|
Poetry is a dependency manager for Python. Prior to 2.3.4, the extractall() function in src/poetry/utils/helpers.py:410-426 extracts sdist tarballs without path traversal protection on Python version…
Update
|
CWE-22
Path Traversal
|
CVE-2026-41140
|
2026-04-28 03:53 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
850
|
2.2 |
LOW
Network
|
-
|
-
|
@astrojs/cloudflare is an SSR adapter for use with Cloudflare Workers targets. Prior to 13.1.10, the fetch() call for remote images in packages/integrations/cloudflare/src/utils/image-binding-transfo…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-41321
|
2026-04-28 03:53 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
