|
4731
|
7.5 |
HIGH
Network
|
-
|
-
|
PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use pat…
|
CWE-22
Path Traversal
|
CVE-2018-25365
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4732
|
8.4 |
HIGH
Local
|
-
|
-
|
CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by injecting malicious payload into the Site Manager label field. Attackers can craft a p…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25366
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4733
|
6.2 |
MEDIUM
Local
|
-
|
-
|
NASA openVSP 3.16.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the geometry name field. Attackers can tri…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25367
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4734
|
7.5 |
HIGH
Network
|
-
|
-
|
Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers ca…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2018-25368
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4735
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Visual Ping 0.8.0.0 contains a buffer overflow vulnerability in input field handling that allows local attackers to crash the application by supplying oversized data. Attackers can inject malicious p…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25369
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4736
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Admidio 3.3.5 contains a cross-site request forgery vulnerability that allows low-privilege users to increase their permissions by exploiting improper origin checking. Attackers can craft malicious H…
|
CWE-352
Origin Validation Error
|
CVE-2018-25370
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4737
|
8.2 |
HIGH
Network
|
-
|
-
|
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality…
|
CWE-89
SQL Injection
|
CVE-2018-25371
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4738
|
8.2 |
HIGH
Network
|
-
|
-
|
MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email param…
|
CWE-89
SQL Injection
|
CVE-2018-25372
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4739
|
8.4 |
HIGH
Local
|
-
|
-
|
SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability in the registration name field that allows local attackers to execute arbitrary code by exploiting …
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2018-25373
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4740
|
7.5 |
HIGH
Network
|
-
|
-
|
Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers …
|
CWE-22
Path Traversal
|
CVE-2018-25374
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
