|
2141
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can crea…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2018-25378
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2142
|
8.2 |
HIGH
Network
|
-
|
-
|
Collectric CMU 1.0 contains a boolean-based blind SQL injection vulnerability in the lang parameter that allows unauthenticated attackers to manipulate database queries during authentication. Attacke…
|
CWE-89
SQL Injection
|
CVE-2018-25379
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2143
|
7.1 |
HIGH
Network
|
-
|
-
|
Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filter_type_id, filter_pid_id, and filter_s…
|
CWE-89
SQL Injection
|
CVE-2018-25380
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2144
|
7.1 |
HIGH
Network
|
-
|
-
|
Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can injec…
|
CWE-89
SQL Injection
|
CVE-2018-25381
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2145
|
8.6 |
HIGH
Network
|
powerdns
|
authoritative
|
Insufficient Validation of Names During AXFR
|
CWE-77
Command Injection
|
CVE-2026-42000
|
2026-05-27 04:38 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2146
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Smartshop 1 contains a cross-site request forgery vulnerability that allows attackers to modify user profiles by tricking authenticated users into submitting malicious requests. Attackers can craft H…
|
CWE-352
Origin Validation Error
|
CVE-2018-25343
|
2026-05-27 04:37 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2147
|
8.4 |
HIGH
Local
|
-
|
-
|
10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering …
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2018-25344
|
2026-05-27 04:37 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2148
|
8.4 |
HIGH
Local
|
-
|
-
|
10-Strike Network Scanner 3.0 contains a local buffer overflow vulnerability in the host name field that allows attackers to bypass SafeSEH protections and execute arbitrary code. Attackers can craft…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25345
|
2026-05-27 04:37 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2149
|
7.1 |
HIGH
Network
|
-
|
-
|
WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMa…
|
CWE-89
SQL Injection
|
CVE-2018-25346
|
2026-05-27 04:37 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2150
|
7.1 |
HIGH
Network
|
-
|
-
|
WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through the FormMakerSQLMapping and generete_csv_f…
|
CWE-89
SQL Injection
|
CVE-2018-25347
|
2026-05-27 04:37 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
