🔥 Trending CVEs - Last 30 Days

CVE-2019-25335 is an authentication bypass vulnerability in PRO-7070 Hazır Profesyonel Web Sitesi version 1.0. Attackers can gain administrative acce...

CVE-2019-25329 is a buffer overflow vulnerability in FTP Navigator 8.03 that allows attackers to crash the application via denial of service by overwr...

SurfOffline Professional 2.2.0.103 contains a structured exception handler overflow vulnerability in project name input. Attackers can crash the appli...

This vulnerability allows any pod within a Kubernetes cluster to send unauthorized AdmissionReview requests to Yoke's Air Traffic Controller webhook e...

Scraparr versions 3.0.0-beta through 3.0.1 expose Readarr API keys in Prometheus metrics when Readarr integration is enabled without an alias. This al...

This vulnerability allows remote attackers to cause moderate CPU usage spikes (2-4 times normal) on ntpd-rs servers with NTS enabled by sending malfor...

This vulnerability allows unauthenticated attackers to cause denial of service in Traefik reverse proxy by exploiting a STARTTLS timeout bypass. Attac...

This vulnerability in FrankenPHP worker mode allows session data from one user's request to be accessible to another user's request processed by the s...

A stack overflow vulnerability in the ZBarcode_Encode function of Monkeybread Software MBS DynaPDF Plugin v21.3.1.1 allows attackers to cause Denial o...

A heap buffer overflow vulnerability in Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service (DoS) by sending a specially...

CVE-2019-25347 is a SQL injection vulnerability in thesystem App 1.0 that allows attackers to bypass authentication by injecting malicious SQL code in...

CVE-2025-69807 is a buffer overflow vulnerability in p2r3 Bareiron that allows unauthenticated remote attackers to send specially crafted packets to c...

CVE-2025-69806 is an out-of-bounds read vulnerability in p2r3 bareiron software that allows unauthenticated remote attackers to leak relative informat...

This vulnerability allows authenticated users with REST/GraphQL API access in FreePBX to escalate privileges by forging JWTs using the api-oauth.key p...

This vulnerability in Halo blogging software allows remote attackers to cause denial of service by sending specially crafted payloads to the public co...

An unauthenticated attacker can exploit this vulnerability by manipulating URLs to read arbitrary files from the Valmet DNA Web Tools server. This aff...

This CVE describes a memory handling vulnerability in Apple operating systems and Safari that could allow a remote attacker to cause denial-of-service...

This CVE describes a path handling vulnerability (CWE-22) in multiple Apple operating systems and Safari that allows a remote attacker to write arbitr...

This CVE describes a logging vulnerability where sensitive user information was not properly redacted in system logs. Attackers with access to log fil...

This CVE describes a Bluetooth denial-of-service vulnerability affecting multiple Apple operating systems. An attacker in a privileged network positio...

This vulnerability allows remote attackers to read arbitrary local files on systems running vulnerable Keras versions by exploiting a flaw in the HDF5...

A logic vulnerability in macOS allows remote attackers to cause denial-of-service conditions. This affects macOS Sequoia before 15.7.4 and macOS Sonom...

CVE-2026-26029 is a command injection vulnerability in sf-mcp-server that allows attackers to execute arbitrary shell commands by injecting malicious ...

Pillow versions 10.3.0 through 12.1.0 contain an out-of-bounds write vulnerability when processing specially crafted PSD image files. This could allow...

CVE-2020-37213 is a buffer overflow vulnerability in TextCrawler Pro that allows attackers to cause denial of service by crashing the application. Att...

CVE-2020-37214 is a directory traversal vulnerability in Voyager 1.3.0 that allows attackers to read sensitive system files by manipulating the asset ...

CVE-2020-37209 is a buffer overflow vulnerability in SpotFTP 3.0.0.0 that allows attackers to crash the application by entering a 1000-character paylo...

CVE-2020-37210 is a buffer overflow vulnerability in SpotIE 2.9.5 that allows attackers to cause denial of service by crashing the application. Attack...

SpotMSN 2.4.6 contains a buffer overflow vulnerability in the registration name field that allows attackers to crash the application by inputting a 10...

NetworkSleuth 3.0.0.0 contains a buffer overflow vulnerability in the registration key validation that allows attackers to crash the application by su...

RemShutdown 2.9.0.0 contains a buffer overflow vulnerability in its registration key input field that allows attackers to crash the application via de...

CVE-2020-37205 is a buffer overflow vulnerability in RemShutdown 2.9.0.0 that allows attackers to crash the application by sending overly long input t...

CVE-2020-37207 is a buffer overflow vulnerability in SpotDialup's registration key field that allows attackers to crash the application by pasting a 1...

CVE-2020-37197 is a buffer overflow vulnerability in Dnss Domain Name Search Software that allows attackers to cause denial of service by crashing the...

NBMonitor 1.6.6.0 contains a buffer overflow vulnerability in its registration key input field that allows attackers to crash the application by pasti...

NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration key input field. Attackers can crash the application by supplying...

CVE-2020-37191 is a buffer overflow vulnerability in Top Password Software Dialup Password Recovery 1.30 that allows attackers to crash the applicatio...

CVE-2020-37193 is a denial of service vulnerability in ZIP Password Recovery 2.30 where attackers can crash the application by providing a specially c...

BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration name input field that allows attackers to crash the application via d...

CVE-2020-37185 is a buffer overflow vulnerability in Backup Key Recovery 2.2.5 that allows attackers to crash the application by sending overly long i...

CVE-2020-37188 is a buffer overflow vulnerability in SpotOutlook 1.2.6 that allows attackers to cause denial of service by crashing the application. A...

TaskCanvas 1.4.0 contains a buffer overflow vulnerability in the registration code input field that allows attackers to cause denial of service by cra...

CVE-2020-37180 is a denial of service vulnerability in GTalk Password Finder 2.2.1 where attackers can crash the application by supplying an oversized...

AVideo Platform 8.1 contains an information disclosure vulnerability that allows attackers to enumerate user details through the playlistsFromUser.jso...

KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can cause applicati...

CVE-2020-37104 allows unauthenticated attackers to download database backup files from ASTPP VoIP billing software by brute-forcing predictable 6-digi...

CVE-2024-26480 is an information disclosure vulnerability in Statping-ng v0.91.0 that allows attackers to access sensitive information through crafted...

CVE-2024-26477 is an information disclosure vulnerability in Statping-ng v0.91.0 that allows attackers to access sensitive information through crafted...

A race condition vulnerability in Chrome DevTools allows attackers to potentially corrupt memory objects when users perform specific UI gestures and h...

This vulnerability in Sunbird-Ed portal version 1.13.4 disables TLS/SSL certificate validation, allowing attackers to intercept and potentially modify...