|
621
|
8.4 |
HIGH
Local
|
-
|
-
|
Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious userna…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25301
|
2026-05-1 00:44 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
622
|
8.4 |
HIGH
Local
|
-
|
-
|
Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploita…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25304
|
2026-05-1 00:44 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
623
|
8.4 |
HIGH
Local
|
-
|
-
|
SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25307
|
2026-05-1 00:44 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
624
|
8.8 |
HIGH
Network
|
-
|
-
|
BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attack…
New
|
CWE-22
Path Traversal
|
CVE-2018-25308
|
2026-05-1 00:44 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
625
|
6.2 |
MEDIUM
Local
|
-
|
-
|
SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can in…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25313
|
2026-05-1 00:44 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
626
|
7.5 |
HIGH
Network
|
-
|
-
|
Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence.
Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both hea…
Update
|
CWE-444
HTTP Request Smuggling
|
CVE-2026-40560
|
2026-05-1 00:13 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
627
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Dell Disk Library for Mainframe, version(s) DLm 8700/2700 contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A low privileged attacker with remote access could potentially exploit this vu…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-23773
|
2026-05-1 00:13 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
628
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Jenkins Microsoft Entra ID (previously Azure AD) Plugin 666.v6060de32f87d and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks.
Update
|
CWE-601
Open Redirect
|
CVE-2026-42525
|
2026-05-1 00:13 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
629
|
- |
|
-
|
-
|
Netskope was notified about a potential gap in the Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to tri…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-2810
|
2026-05-1 00:13 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
630
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server.
This issue affects all MongoDB Server v8.2 versions, all MongoDB Serv…
Update
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-6914
|
2026-05-1 00:13 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
