Export limit exceeded: 366311 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366311 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366311 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366311 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25751 | 1 Cmsjunkie | 1 J-classifiedsmanager | 2026-07-15 | 8.2 High |
| Joomla Component J-ClassifiedsManager 3.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can submit crafted SQL payloads in the categorySearch, adType, and citySearch parameters to the displayads component to extract sensitive database information including usernames, databases, and version details. | ||||
| CVE-2019-25747 | 2 Brocade, Network-inventory-advisor | 2 Network Advisor, Network Inventory Advisor | 2026-07-15 | 7.8 High |
| Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with LocalSystem privileges when the service starts or restarts. | ||||
| CVE-2019-25746 | 2 Slicedinvoices, Wordpress | 2 Sliced Invoices, Wordpress | 2026-07-15 | 7.1 High |
| WordPress Sliced Invoices 3.8.2 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send requests to the admin.php endpoint with action=duplicate_quote_invoice and malicious 'post' values to extract sensitive database information or modify data. | ||||
| CVE-2019-25744 | 3 Popup Builder, Sygnoos, Wordpress | 3 Popup Builder, Popup Builder, Wordpress | 2026-07-15 | 5.4 Medium |
| WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the post_title parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payloads in the post_title field that execute when pages or posts display popup selections. | ||||
| CVE-2019-25740 | 1 Joomsky | 1 Js Jobs | 2026-07-15 | 6.5 Medium |
| Joomla com_jsjobs 1.2.6 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating custom userfield parameters. Attackers can send POST requests to the job.savejob task with path traversal sequences in the field_2 parameter to delete arbitrary files accessible to the web server. | ||||
| CVE-2019-25735 | 1 Allplayer | 1 Allplayer | 2026-07-15 | 8.4 High |
| AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code execution to run arbitrary commands with user privileges. | ||||
| CVE-2019-25718 | 1 Draeger | 1 Infinity Explorer C700 | 2026-07-15 | 8.4 High |
| Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause the device to display incorrect or no information from the connected Delta Family patient monitor. | ||||
| CVE-2019-25717 | 1 Draeger | 2 Infinity Delta, Infinity Kappa | 2026-07-15 | 4.3 Medium |
| Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration details from the exposed log files. | ||||
| CVE-2019-25716 | 1 Draeger | 2 Infinity Delta, Infinity Kappa | 2026-07-15 | 6.5 Medium |
| Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cause the monitor to reboot by sending a malformed network packet. Attackers can repeatedly send malformed network packets to disrupt patient monitoring until the device falls back to default configuration and loses network connectivity. | ||||
| CVE-2019-25693 | 2 Montala, Resourcespace | 2 Resourcespace, Resourcespace | 2026-07-15 | 7.1 High |
| ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collection_edit.php. Attackers can submit POST requests with crafted SQL payloads in the keywords field to extract sensitive database information including schema names, user credentials, and other confidential data. | ||||
| CVE-2019-25677 | 1 Rarlab | 1 Winrar | 2026-07-15 | 6.2 Medium |
| WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing an access violation at memory address 004F1DB8 when the application attempts to read invalid data. | ||||
| CVE-2019-25675 | 3 Arcasolutions, Edirectory, Microfocus | 3 Edirectory, Edirectory, Edirectory | 2026-07-15 | 8.2 High |
| eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection to authenticate as administrator, then leverage authenticated file disclosure vulnerabilities in language_file.php to read arbitrary PHP files from the server. | ||||
| CVE-2019-25652 | 2 Ubiquiti, Ui | 2 Unifi Network Controller, Unifi Network Controller | 2026-07-15 | 7.5 High |
| UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept SMTP traffic and obtain credentials by exploiting the insecure SSL host verification mechanism in the SMTP certificate validation process. | ||||
| CVE-2019-25651 | 2 Ubiquiti, Ui | 6 Unifi Uap-ac Firmware, Unifi Uap Firmware, Unifi Usg Firmware and 3 more | 2026-07-15 | 8.3 High |
| Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weaknesses that allow attackers to recover encryption keys from captured traffic. Attackers with adjacent network access can capture sufficient encrypted traffic and exploit AES-CBC mode vulnerabilities to derive the encryption keys, enabling unauthorized control and management of network devices. | ||||
| CVE-2019-25643 | 1 Endonesia | 1 Endonesia | 2026-07-15 | 8.2 High |
| eNdonesia Portal v8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bid parameter. Attackers can send GET requests to banners.php with crafted SQL payloads in the bid parameter to extract sensitive database information from the INFORMATION_SCHEMA tables. | ||||
| CVE-2019-25631 | 1 Aida64 | 2 Aida64, Aida64 Business | 2026-07-15 | 8.4 High |
| AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellcode. Attackers can inject egg hunter shellcode through the SMTP display name field in preferences or report wizard functionality to trigger the overflow and execute code with application privileges. | ||||
| CVE-2019-25604 | 1 Dvd-x-player | 1 Dvd X Player | 2026-07-15 | 8.4 High |
| DVDXPlayer Pro 5.5 contains a local buffer overflow vulnerability with structured exception handling that allows local attackers to execute arbitrary code by crafting malicious playlist files. Attackers can create a specially crafted .plf file containing shellcode and NOP sleds that overflows a buffer and hijacks the SEH chain to execute arbitrary code with application privileges. | ||||
| CVE-2019-25597 | 2 Nsasoft, Nsauditor | 2 Nsauditor, Nsauditor | 2026-07-15 | 6.2 Medium |
| NSauditor 3.1.2.0 contains a buffer overflow vulnerability in the SNMP Auditor Community field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a large payload into the Community field and trigger the Walk function to cause a denial of service condition. | ||||
| CVE-2019-25589 | 2 Ejinshan, Emtec | 3 Terminal Security System, Zoc, Zoc Terminal | 2026-07-15 | 6.2 Medium |
| ZOC Terminal 7.23.4 contains a buffer overflow vulnerability in the Shell field of Program Settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a crafted payload into the Shell configuration field and trigger a crash when accessing the Command Shell feature. | ||||
| CVE-2019-25574 | 2 Greencms, Njtech | 2 Greencms, Greencms | 2026-07-15 | 6.5 Medium |
| Green CMS 2.x contains a path traversal vulnerability that allows authenticated attackers to download arbitrary files and directories by injecting directory traversal sequences. Attackers can manipulate the theme_name parameter in the themeexporthandle action or supply base64-encoded file paths to the downfile action to retrieve sensitive files outside intended directories. | ||||