6.9

CVSS4.0

CVE-2019-25587 - BulletProof FTP Server 2019.0.0.50 Storage-Path Denial of Service

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enable the Override Storage-Path setting and paste a buffer of …

πŸ“… Published: March 22, 2026, 12:11 a.m. πŸ”„ Last Modified: March 22, 2026, 12:15 a.m.

6.9

CVSS4.0

CVE-2019-25586 - Deluge 1.3.15 Denial of Service via URL Field

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Attackers can paste a buffer of 5000 characters into the 'From URL' field during torrent addition to trigger an application crash.

πŸ“… Published: March 22, 2026, 12:11 a.m. πŸ”„ Last Modified: March 22, 2026, 12:15 a.m.

6.9

CVSS4.0

CVE-2019-25585 - Deluge 1.3.15 Denial of Service via Webseeds Field

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash.

πŸ“… Published: March 22, 2026, 12:11 a.m. πŸ”„ Last Modified: March 22, 2026, 12:15 a.m.

6.9

CVSS4.0

CVE-2019-25584 - RarmaRadio 2.72.3 Server Field Buffer Overflow Denial of Service

RarmaRadio 2.72.3 contains a buffer overflow vulnerability in the Server field of the Network settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a malicious payload exceeding 4000 bytes into the Server field via the Settings me…

πŸ“… Published: March 22, 2026, 12:11 a.m. πŸ”„ Last Modified: March 22, 2026, 12:15 a.m.

6.9

CVSS4.0

CVE-2019-25583 - RarmaRadio 2.72.3 Username Field Denial of Service

RarmaRadio 2.72.3 contains a denial of service vulnerability in the Username field that allows local attackers to crash the application by submitting excessively long input. Attackers can paste a buffer of 5000 bytes into the Username field via Settings > Network to trigger an application crash.

πŸ“… Published: March 22, 2026, 12:11 a.m. πŸ”„ Last Modified: March 22, 2026, 12:15 a.m.

4.8

CVSS4.0

CVE-2026-4530 - apconw Aix-DB terminology_retriever.py sql injection

A security flaw has been discovered in apconw Aix-DB up to 1.2.3. This impacts an unknown function of the file agent/text2sql/rag/terminology_retriever.py. Performing a manipulation of the argument Description results in sql injection. The attack requires a local approach. The exploit has been rele…

πŸ“… Published: March 21, 2026, 11:32 p.m. πŸ”„ Last Modified: March 21, 2026, 11:32 p.m.

8.7

CVSS4.0

CVE-2026-4529 - D-Link DHP-1320 SOAP redirect_count_down_page stack-based overflow

A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This vulne…

πŸ“… Published: March 21, 2026, 11:02 p.m. πŸ”„ Last Modified: March 21, 2026, 11:02 p.m.

8.1

CVSS3.1

CVE-2026-3629 - Import and export users and customers <= 1.29.7 - Privilege Escalation to Administrator via save_ex…

The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'save_extra_user_profile_fields' function not properly restricting which user meta keys can be updated via profile fields. The 'get_r…

πŸ“… Published: March 21, 2026, 10:24 p.m. πŸ”„ Last Modified: March 21, 2026, 10:24 p.m.

6.9

CVSS4.0

CVE-2026-4528 - trueleaf ApiFlow URL Validation http_proxy.service.ts validateUrlSecurity server-side request forge…

A vulnerability was determined in trueleaf ApiFlow 0.9.7. The impacted element is the function validateUrlSecurity of the file packages/server/src/service/proxy/http_proxy.service.ts of the component URL Validation Handler. This manipulation causes server-side request forgery. Remote exploitation o…

πŸ“… Published: March 21, 2026, 10:02 p.m. πŸ”„ Last Modified: March 21, 2026, 10:02 p.m.

2.3

CVSS4.0

CVE-2026-2756 - OmniPEMF NeoRhythm BLE missing authentication

A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308. This affects an unknown function of the component BLE Interface. Such manipulation leads to missing authentication. The attack can only be initiated within the local network. This attack is characterized by high comple…

πŸ“… Published: March 21, 2026, 5:32 p.m. πŸ”„ Last Modified: March 21, 2026, 5:32 p.m.
Total resulsts: 339285
Page 2 of 33,929
Β« previous page Β» next page
Filters