Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.8 CRITICAL
CVE-2019-25362 — WMV to AVI MPEG DVD WMV Convertor 4.6.1217 - Buffer OverFlow

WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the license name and license code fields. Attackers …

wmv_to_avi_mpeg_dvd_wmv_convertor | Remote | Memory Corruption
Feb 18, 2026 Feb 27, 2026
Feb 18, 2026
Feb 27, 2026
9.8 CRITICAL
CVE-2019-25361 — Ayukov NFTP client 1.71 - 'SYST' Buffer Overflow

Ayukov NFTP client 1.71 contains a buffer overflow vulnerability in the SYST command handling that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted SYST comma…

Remote | Memory Corruption
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
9.8 CRITICAL
CVE-2019-25360 — Aida64 6.10.5200 - Buffer Overflow

Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. Attackers…

aida64 | Remote | Memory Corruption
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
8.8 HIGH
CVE-2019-25359 — SD.NET RIM 4.7.3c - 'idtyp' SQL Injection

SD.NET RIM versions before 4.7.3c contain a SQL injection vulnerability that allows attackers to inject malicious SQL statements through POST parameters 'idtyp' and 'idgremium'. Attackers can exploit…

Remote | Injection
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
8.7 HIGH
CVE-2019-25358 — FileOptimizer 14.00.2524 - Denial of Service

FileOptimizer 14.00.2524 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the FileOptimizer32.ini configuration file. Attackers can overwrite …

Remote | Denial of Service
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
8.4 HIGH
CVE-2019-25357 — Control Center PRO 6.2.9 - Local Stack Based BufferOverflow

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). Attac…

control_center | Memory Corruption
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
6.1 MEDIUM
CVE-2019-25356 — Bematech Printer MP-4200 TH Cross-Site Scripting

Bematech (formerly Logic Controls, now Elgin) MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST…

Remote | Cross-Site Scripting
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
8.7 HIGH
CVE-2019-25355 — Genivia gSOAP 2.8 - 'gSOAP' Path Traversal

gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive fi…

gsoap | Remote | Path Traversal
Feb 18, 2026 Feb 26, 2026
Feb 18, 2026
Feb 26, 2026
7.5 HIGH
CVE-2019-25354 — iSmartViewPro 1.3.34 - Denial of Service

iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer int…

Remote | Denial of Service
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
7.5 HIGH
CVE-2019-25353 — Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service

Foscam Video Management System 1.1.4.9 contains a denial of service vulnerability in the username input field that allows attackers to crash the application. Attackers can overwrite the username with…

Remote | Denial of Service
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
8.7 HIGH
CVE-2019-25352 — Genivia Crystal Live HTTP Server 6.01 - 'Crystal Live HTTP Server' Path Traversal

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. Attackers can use multiple '../' sequ…

Remote | Path Traversal
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
8.8 HIGH
CVE-2019-25351 — Centova Cast 3.2.11 - Arbitrary File Download

Centova Cast 3.2.11 contains a file download vulnerability that allows authenticated attackers to retrieve arbitrary system files through the server.copyfile API endpoint. Attackers can exploit the v…

Remote | Path Traversal
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
7.5 HIGH
CVE-2019-25350 — XMedia Recode 3.4.8.6 - '.m3u' Denial Of Service

XMedia Recode 3.4.8.6 contains a denial of service vulnerability that allows attackers to crash the application by loading a specially crafted .m3u playlist file. Attackers can create a malicious .m3…

Remote | Denial of Service
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
7.5 HIGH
CVE-2019-25349 — scadaApp for iOS 1.1.4.0 - 'Servername' Denial of Service

ScadaApp for iOS 1.1.4.0 contains a denial of service vulnerability that allows attackers to crash the application by inputting an oversized buffer in the Servername field. Attackers can paste a 257-…

Remote | Denial of Service
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
6.2 MEDIUM
CVE-2019-25326 — ipPulse 1.92 - 'Enter Key' Denial of Service

ipPulse 1.92 contains a denial of service vulnerability that allows local attackers to crash the application by providing an oversized input in the Enter Key field. Attackers can generate a 256-byte …

ippulse | Denial of Service
Feb 18, 2026 Feb 24, 2026
Feb 18, 2026
Feb 24, 2026
7.5 HIGH
CVE-2026-2668 — Rongzhitong Visual Integrated Command and Dispatch Platform User add access control

A vulnerability was found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This affects an unknown function of the file /dm/dispatch/user/add of the component User Handl…

visual_integrated_command_and_dispatch_platform | Remote | Authorization
Feb 18, 2026 Feb 26, 2026
Feb 18, 2026
Feb 26, 2026
5.5 MEDIUM
CVE-2026-2667 — Rongzhitong Visual Integrated Command and Dispatch Platform api access control

A vulnerability has been found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. The impacted element is an unknown function of the file /dispatch/api?cmd=userinfo. The m…

visual_integrated_command_and_dispatch_platform | Remote | Authorization
Feb 18, 2026 Feb 26, 2026
Feb 18, 2026
Feb 26, 2026
7.5 HIGH
CVE-2026-24746 — InvoicePlane has a Stored Cross-Site Scripting (XSS) issue

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting (XSS) vulnerability occurs in the Edit Quotes functions of InvoicePla…

invoiceplane | Remote | Cross-Site Scripting
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.2 HIGH
CVE-2026-1999 — Server-Side Request Forgery in GitHub Enterprise Server Webhook Delivery Allows Access to…

A Server-Side Request Forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to access internal services bound to loopback or unspecified addresses…

enterprise_server | Remote | Authorization
Feb 18, 2026 Mar 03, 2026
Feb 18, 2026
Mar 03, 2026
6.5 MEDIUM
CVE-2026-1355 — Missing Authorization Check in GitHub Enterprise Server Allows Unauthorized Uploads to Re…

A Missing Authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to upload unauthorized content to another user’s repository migration export due to a missing…

enterprise_server | Remote | Authorization
Feb 18, 2026 Feb 19, 2026
Feb 18, 2026
Feb 19, 2026
Showing 20 of 5064 Results