7.1

CVSS4.0

CVE-2019-25574 - Green CMS 2.x Path Traversal Arbitrary File Download

Green CMS 2.x contains a path traversal vulnerability that allows authenticated attackers to download arbitrary files and directories by injecting directory traversal sequences. Attackers can manipulate the theme_name parameter in the themeexporthandle action or supply base64-encoded file paths to …

πŸ“… Published: March 21, 2026, 3:30 p.m. πŸ”„ Last Modified: March 21, 2026, 3:30 p.m.

7.1

CVSS4.0

CVE-2019-25573 - Green CMS 2.x SQL Injection via cat Parameter

Green CMS 2.x contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cat parameter. Attackers can send GET requests to index.php with m=admin, c=posts, a=index parameters and inject SQL code in the cat par…

πŸ“… Published: March 21, 2026, 3:30 p.m. πŸ”„ Last Modified: March 21, 2026, 3:30 p.m.

5.3

CVSS4.0

CVE-2026-4516 - Foundation Agents MetaGPT DataInterpreter write_analysis_code.py injection

A vulnerability was found in Foundation Agents MetaGPT up to 0.8.1. This vulnerability affects unknown code of the file metagpt/actions/di/write_analysis_code.py of the component DataInterpreter. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has be…

πŸ“… Published: March 21, 2026, 3:02 p.m. πŸ”„ Last Modified: March 21, 2026, 3:02 p.m.

6.9

CVSS4.0

CVE-2019-25572 - NordVPN 6.19.6 Denial of Service via Email Field Buffer Overflow

NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash.

πŸ“… Published: March 21, 2026, 12:47 p.m. πŸ”„ Last Modified: March 21, 2026, 12:47 p.m.

6.9

CVSS4.0

CVE-2019-25571 - MediaMonkey 4.1.23 Denial of Service via Malformed URL

MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a U…

πŸ“… Published: March 21, 2026, 12:47 p.m. πŸ”„ Last Modified: March 21, 2026, 12:47 p.m.

6.8

CVSS4.0

CVE-2019-25570 - RealTerm Serial Terminal 2.0.0.70 Denial of Service via Port Field

RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger…

πŸ“… Published: March 21, 2026, 12:47 p.m. πŸ”„ Last Modified: March 21, 2026, 12:47 p.m.

6.9

CVSS4.0

CVE-2019-25569 - RealTerm Serial Terminal 2.0.0.70 SEH Overflow Crash

RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulnerability in the Echo Port field that allows local attackers to crash the application by triggering a structured exception handler (SEH) chain corruption. Attackers can craft a malicious input string with 268 bytes of padd…

πŸ“… Published: March 21, 2026, 12:47 p.m. πŸ”„ Last Modified: March 21, 2026, 12:47 p.m.

9.3

CVSS4.0

CVE-2019-25568 - Memu Play 6.0.7 Privilege Escalation via Insecure File Permissions

Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by replacing the MemuService.exe executable. Attackers can rename and overwrite MemuService.exe in the installation directory with a malicious executable, which executes with s…

πŸ“… Published: March 21, 2026, 12:47 p.m. πŸ”„ Last Modified: March 21, 2026, 12:47 p.m.

6.9

CVSS4.0

CVE-2019-25567 - Valentina Studio 9.0.5 Linux Buffer Overflow via Host Field

Valentina Studio 9.0.5 Linux contains a buffer overflow vulnerability in the Host field of the connection dialog that allows local attackers to crash the application by supplying an oversized input string. Attackers can trigger the vulnerability by pasting a crafted buffer exceeding 264 bytes into …

πŸ“… Published: March 21, 2026, 12:47 p.m. πŸ”„ Last Modified: March 21, 2026, 12:47 p.m.

6.9

CVSS4.0

CVE-2019-25566 - TransMac 12.3 Denial of Service via Volume Name Field

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during disk…

πŸ“… Published: March 21, 2026, 12:47 p.m. πŸ”„ Last Modified: March 21, 2026, 12:47 p.m.
Total resulsts: 339267
Page 2 of 33,927
Β« previous page Β» next page
Filters