🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2019-25557 | Medium | 6.2 |
TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability that allows local attackers to crash the applic…
|
— | Mar 21, 2026 |
| CVE-2019-25558 | Medium | 6.2 |
Selfie Studio 2.17 contains a denial of service vulnerability in the Resize Image function that allows local attackers t…
|
— | Mar 21, 2026 |
| CVE-2019-25561 | Medium | 6.2 |
Lyric Maker 2.0.1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by sup…
|
— | Mar 21, 2026 |
| CVE-2019-25563 | Medium | 6.2 |
PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by …
|
— | Mar 21, 2026 |
| CVE-2019-25565 | Medium | 6.2 |
Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows…
|
— | Mar 21, 2026 |
| CVE-2019-25566 | Medium | 6.2 |
TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the…
|
— | Mar 21, 2026 |
| CVE-2019-25567 | Medium | 6.2 |
Valentina Studio 9.0.5 Linux contains a buffer overflow vulnerability in the Host field of the connection dialog that al…
|
— | Mar 21, 2026 |
| CVE-2019-25569 | Medium | 6.2 |
RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulnerability in the Echo Port field that allow…
|
— | Mar 21, 2026 |
| CVE-2019-25571 | Medium | 6.2 |
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by op…
|
— | Mar 21, 2026 |
| CVE-2019-25572 | Medium | 6.2 |
NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submit…
|
— | Mar 21, 2026 |
| CVE-2025-13910 | Medium | 6.1 |
The WP-WebAuthn plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the `wwa_auth` AJA…
|
— | Mar 21, 2026 |
| CVE-2026-1647 | Medium | 6.1 |
The Comment Genius plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` p…
|
— | Mar 21, 2026 |
| CVE-2026-2277 | Medium | 6.1 |
The rexCrawler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' and 'regex' parameters…
|
— | Mar 21, 2026 |
| CVE-2026-2427 | Medium | 6.1 |
The itsukaita plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'day_from' and 'day_to' param…
|
— | Mar 21, 2026 |
| CVE-2026-2723 | Medium | 6.1 |
The Post Snippits plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
|
— | Mar 21, 2026 |
| CVE-2026-3572 | Medium | 6.1 |
The iTracker360 plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Stored Cross-Site Scripting …
|
— | Mar 21, 2026 |
| CVE-2026-4069 | Medium | 6.1 |
The Alfie – Feed Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'naam' parameter in al…
|
— | Mar 21, 2026 |
| CVE-2026-32045 | Medium | 5.9 |
OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes,…
|
— | Mar 21, 2026 |
| CVE-2026-32057 | Medium | 5.9 |
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pair…
|
— | Mar 21, 2026 |
| CVE-2024-13785 | Medium | 5.6 |
The The Contact Form, Survey, Quiz & Popup Form Builder – ARForms plugin for WordPress is vulnerable to arbitrary shortc…
|
— | Mar 21, 2026 |