|
2461
|
8.4 |
HIGH
Local
|
-
|
-
|
Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can …
|
CWE-276
Incorrect Default Permissions
|
CVE-2018-25359
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2462
|
8.4 |
HIGH
Local
|
-
|
-
|
AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured ex…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2018-25360
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2463
|
6.8 |
MEDIUM
Local
|
-
|
-
|
Soroush IM Desktop App 0.17.0 contains an authentication bypass vulnerability that allows local attackers to remove passcodes by injecting pre-encrypted database entries using a constant encryption k…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2018-25361
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2464
|
8.2 |
HIGH
Network
|
-
|
-
|
Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit unio…
|
CWE-89
SQL Injection
|
CVE-2018-25362
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2465
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Twitter-Clone 1 contains a cross-site request forgery vulnerability that allows remote attackers to force victims to delete posts by crafting malicious HTML forms. Attackers can create hidden forms t…
|
CWE-352
Origin Validation Error
|
CVE-2018-25363
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2466
|
8.2 |
HIGH
Network
|
-
|
-
|
Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the name parameter. Attackers can sub…
|
CWE-89
SQL Injection
|
CVE-2018-25364
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2467
|
7.5 |
HIGH
Network
|
-
|
-
|
PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use pat…
|
CWE-22
Path Traversal
|
CVE-2018-25365
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2468
|
8.4 |
HIGH
Local
|
-
|
-
|
CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by injecting malicious payload into the Site Manager label field. Attackers can craft a p…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25366
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2469
|
6.2 |
MEDIUM
Local
|
-
|
-
|
NASA openVSP 3.16.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the geometry name field. Attackers can tri…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25367
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2470
|
7.5 |
HIGH
Network
|
-
|
-
|
Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers ca…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2018-25368
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
