🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-33661 | High | 8.6 |
Pay is an open-source payment SDK extension package for various Chinese payment services. Prior to version 3.7.20, the `…
|
⚡ Exploit ✅ Patch | Mar 26, 2026 |
| CVE-2026-32857 | High | 8.6 |
Firecrawl version 2.8.0 and prior contain a server-side request forgery (SSRF) protection bypass vulnerability in the Pl…
|
— | Mar 26, 2026 |
| CVE-2018-25213 | High | 8.4 |
Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2018-25218 | High | 8.4 |
PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that all…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2018-25219 | High | 8.4 |
PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2018-25212 | High | 8.4 |
Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-22593 | High | 8.4 |
EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-one check in IsoMux certificate filename…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2019-25650 | High | 8.4 |
River Past CamDo 3.7.6 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local att…
|
— | Mar 26, 2026 |
| CVE-2026-23995 | High | 8.4 |
EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initi…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2018-25217 | High | 8.4 |
PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers t…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2025-55262 | High | 8.3 |
HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensiti…
|
— | Mar 26, 2026 |
| CVE-2018-25206 | High | 8.2 |
KomSeo Cart 1.3 contains an SQL injection vulnerability that allows attackers to inject SQL commands through the 'my_ite…
|
— | Mar 26, 2026 |
| CVE-2018-25202 | High | 8.2 |
SAT CFDI 3.3 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting S…
|
— | Mar 26, 2026 |
| CVE-2018-25203 | High | 8.2 |
Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate …
|
— | Mar 26, 2026 |
| CVE-2018-25205 | High | 8.2 |
ASP.NET jVideo Kit 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL comma…
|
— | Mar 26, 2026 |
| CVE-2018-25209 | High | 8.2 |
OpenBiz Cubi Lite 3.0.8 contains a SQL injection vulnerability in the login form that allows unauthenticated attackers t…
|
— | Mar 26, 2026 |
| CVE-2018-25208 | High | 8.2 |
qdPM 9.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information b…
|
— | Mar 26, 2026 |
| CVE-2018-25210 | High | 8.2 |
WebOfisi E-Ticaret 4.0 contains an SQL injection vulnerability in the 'urun' GET parameter of the endpoint that allows u…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2025-12805 | High | 8.1 |
A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to …
|
— | Mar 26, 2026 |
| CVE-2025-41368 | High | 8.1 |
Problem in the Small HTTP Server v3.06.36 service. An authenticated path traversal vulnerability in '/' allows remote us…
|
— | Mar 26, 2026 |