Total
336347 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-25068 | 2026-02-06 | N/A | N/A | ||
|
alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplg_decode_control_mixer1() function reads the num_channels field from untrusted .tplg data and uses it as a loop bound without validating it against the fixed-size channel array (SND_TPLG_MAX_CHAN). A crafted topology file with an excessive num_channels value can cause out-of-bounds heap writes, leading to a crash.
|
|||||
| CVE-2020-37121 | 2026-02-05 | N/A | 5.5 MEDIUM | ||
|
CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler with crafted Unicode characters. Attackers can create a malicious M3U playlist file with 536 bytes of buffer and shellcode to trigger remote code execution.
|
|||||
| CVE-2026-0536 | 1 Autodesk | 1 3ds Max | 2026-02-05 | N/A | 7.8 HIGH |
|
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
|
|||||
| CVE-2025-56451 | 1 Seeyon | 1 A8\+ Collaborative Management | 2026-02-05 | N/A | 6.1 MEDIUM |
|
Cross site scripting vulnerability in seeyon Zhiyuan A8+ Collaborative Management Software 7.0 via the topValue parameter to the seeyon/main.do endpoint.
|
|||||
| CVE-2025-69581 | 1 Chamilo | 1 Chamilo Lms | 2026-02-05 | N/A | 5.5 MEDIUM |
|
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to view confidential information. This leads to profiling, impersonation, targeted attacks, and significant privacy risks.
|
|||||
| CVE-2026-23520 | 1 Arcane | 1 Arcane | 2026-02-05 | N/A | 9.0 CRITICAL |
|
Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane’s updater service supported lifecycle labels com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update that allowed defining a command to run before or after a container update. The label value is passed directly to /bin/sh -c without sanitization or validation. Because any authenticated user (not limited to administrators) can create proje ...
Show More |
|||||
| CVE-2026-20977 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 5.5 MEDIUM |
|
Improper access control in Emergency Sharing prior to SMR Feb-2026 Release 1 allows local attackers to interrupt its functioning.
|
|||||
| CVE-2026-20978 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.1 MEDIUM |
|
Improper authorization in KnoxGuardManager prior to SMR Feb-2026 Release 1 allows local attackers to bypass the persistence configuration of the application.
|
|||||
| CVE-2025-66648 | 1 Vega-functions Project | 1 Vega-functions | 2026-02-05 | N/A | 7.2 HIGH |
|
vega-functions provides function implementations for the Vega expression language. Prior to version 6.1.1, for sites that allow users to supply untrusted user input, malicious use of an internal function (not part of the public API) could be used to run unintentional javascript (XSS). This issue is fixed in vega-functions `6.1.1`. There is no workaround besides upgrading. Using `vega.expressionInterpreter` as described in CSP safe mode does not prevent this issue.
|
|||||
| CVE-2025-59467 | 1 Ui | 1 Argentina Afip Invoices | 2026-02-05 | N/A | 7.5 HIGH |
|
A Cross-Site Scripting (XSS) vulnerability in the UCRM Argentina AFIP invoices Plugin (v1.2.0 and earlier) could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page.
This plugin is disabled by default.
Affected Products:
UCRM Argentina AFIP invoices Plugin (Version 1.2.0 and earlier)
Mitigation:
Update UCRM Argentina AFIP invoices Plugin to Version 1.3.0 or later.
|
|||||
| CVE-2026-20983 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 7.8 HIGH |
|
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.
|
|||||
| CVE-2026-20982 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.0 MEDIUM |
|
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.
|
|||||
| CVE-2026-20981 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.6 MEDIUM |
|
Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.
|
|||||
| CVE-2025-13774 | 1 Progress | 1 Flowmon Anomaly Detection System | 2026-02-05 | N/A | 8.8 HIGH |
|
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands.
|
|||||
| CVE-2026-20979 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 7.8 HIGH |
|
Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.
|
|||||
| CVE-2026-20980 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.8 MEDIUM |
|
Improper input validation in PACM prior to SMR Feb-2026 Release 1 allows physical attacker to execute arbitrary commands.
|
|||||
| CVE-2026-0571 | 1 Yeqifu | 1 Warehouse | 2026-02-05 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function createResponseEntity of the file warehouse\src\main\java\com\yeqifu\sys\common\AppFileUtils.java. The manipulation of the argument path results in path traversal. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. This product operates on a rolling release basis, ensuring continuous delivery. Cons ...
Show More |
|||||
| CVE-2025-55462 | 1 Eramba | 1 Eramba | 2026-02-05 | N/A | 6.5 MEDIUM |
|
A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true. This permits malicious third-party websites to perform authenticated cross-origin requests against the Eramba API, including endpoints like /system-api/login and /system-api/user/me. The response includes sensitive user session data (ID, name, email, access groups), wh ...
Show More |
|||||
| CVE-2026-22771 | 1 Envoyproxy | 1 Gateway | 2026-02-05 | N/A | 8.8 HIGH |
|
Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Prior to 1.5.7 and 1.6.2, EnvoyExtensionPolicy Lua scripts executed by Envoy proxy can be used to leak the proxy's credentials. These credentials can then be used to communicate with the control plane and gain access to all secrets that are used by Envoy proxy, e.g. TLS private keys and credentials used for downstream and upstream communication. This vulnerability is fixed in ...
Show More |
|||||
| CVE-2026-22777 | 1 Comfy | 1 Comfyui-manager | 2026-02-05 | N/A | 7.5 HIGH |
|
ComfyUI-Manager is an extension designed to enhance the usability of ComfyUI. Prior to versions 3.39.2 and 4.0.5, an attacker can inject special characters into HTTP query parameters to add arbitrary configuration values to the config.ini file. This can lead to security setting tampering or modification of application behavior. This issue has been patched in versions 3.39.2 and 4.0.5.
|
|||||
| CVE-2026-22704 | 1 Psu | 1 Haxcms-nodejs | 2026-02-05 | N/A | 8.0 HIGH |
|
HAX CMS helps manage microsite universe with PHP or NodeJs backends. In versions 11.0.6 to before 25.0.0, HAX CMS is vulnerable to stored XSS, which could lead to account takeover. This issue has been patched in version 25.0.0.
|
|||||
| CVE-2026-22703 | 1 Sigstore | 1 Cosign | 2026-02-05 | N/A | 5.5 MEDIUM |
|
Cosign provides code signing and transparency for containers and binaries. Prior to versions 2.6.2 and 3.0.4, Cosign bundle can be crafted to successfully verify an artifact even if the embedded Rekor entry does not reference the artifact's digest, signature or public key. When verifying a Rekor entry, Cosign verifies the Rekor entry signature, and also compares the artifact's digest, the user's public key from either a Fulcio certificate or provided by the user, and the artifact signature to th ...
Show More |
|||||
| CVE-2026-22030 | 1 Shopify | 2 React-router, Remix-run\/react | 2026-02-05 | N/A | 6.5 MEDIUM |
|
React Router is a router for React. In @remix-run/server-runtime version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, React Router (or Remix v2) is vulnerable to CSRF attacks on document POST requests to UI routes when using server-side route action handlers in Framework Mode, or when using React Server Actions in the new unstable RSC modes. There is no impact if Declarative Mode (<BrowserRouter>) or Data Mode (createBrowserRouter/<RouterProvider>) is being used. This issue has been p ...
Show More |
|||||
| CVE-2020-37134 | 2026-02-05 | N/A | 7.5 HIGH | ||
|
UltraVNC Viewer 1.2.4.0 contains a denial of service vulnerability that allows attackers to crash the application by manipulating VNC Server input. Attackers can generate a malformed 256-byte payload and paste it into the VNC Server connection dialog to trigger an application crash.
|
|||||
| CVE-2020-37128 | 2026-02-05 | N/A | 6.2 MEDIUM | ||
|
ZOC Terminal 7.25.5 contains a script processing vulnerability that allows local attackers to crash the application by loading a maliciously crafted REXX script file. Attackers can generate an oversized script with 20,000 repeated characters to trigger an application crash and cause a denial of service.
|
|||||
| CVE-2020-37120 | 2026-02-05 | N/A | 9.8 CRITICAL | ||
|
Rubo DICOM Viewer 2.0 contains a buffer overflow vulnerability in the DICOM server name input field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious text file with carefully constructed payload to execute arbitrary code by overwriting SEH and triggering remote code execution.
|
|||||
| CVE-2020-37138 | 2026-02-05 | N/A | 9.8 CRITICAL | ||
|
10-Strike Network Inventory Explorer 9.03 contains a buffer overflow vulnerability in the file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malicious text file with carefully constructed payload to trigger a stack-based buffer overflow and bypass data execution prevention through a ROP chain.
|
|||||
| CVE-2020-37145 | 2026-02-05 | N/A | 4.3 MEDIUM | ||
|
HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user accounts with elevated privileges.
|
|||||
| CVE-2020-37139 | 2026-02-05 | N/A | 8.4 HIGH | ||
|
Odin Secure FTP Expert 7.6.3 contains a local denial of service vulnerability that allows attackers to crash the application by manipulating site information fields. Attackers can generate a buffer overflow by pasting 108 bytes of repeated characters into connection fields, causing the application to crash.
|
|||||
| CVE-2020-37127 | 2026-02-05 | N/A | 5.5 MEDIUM | ||
|
Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcp_release process by sending a crafted input string longer than 16 characters.
|
|||||
| CVE-2020-37140 | 2026-02-05 | N/A | 5.5 MEDIUM | ||
|
Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigger an application crash.
|
|||||
| CVE-2020-37118 | 2026-02-05 | N/A | 3.5 LOW | ||
|
P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user interaction. Attackers can craft malicious web pages to add new admin users, change passwords, and modify system configurations by tricking authenticated users into loading a specially crafted page.
|
|||||
| CVE-2020-37124 | 2026-02-05 | N/A | 9.8 CRITICAL | ||
|
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during base64 decoding process.
|
|||||
| CVE-2020-37123 | 2026-02-05 | N/A | 9.8 CRITICAL | ||
|
Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters.
|
|||||
| CVE-2020-37148 | 2026-02-05 | N/A | 3.5 LOW | ||
|
P5 FNIP-8x16A/FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from a stored cross-site scripting vulnerability. Input passed to several GET/POST parameters is not properly sanitized before being returned to the user, allowing attackers to execute arbitrary HTML and script code in a user's browser session in the context of the affected site. This can be exploited by submitting crafted input to the label modification functionality, such as the 'lab4' parameter in config.html.
|
|||||
| CVE-2020-37126 | 2026-02-05 | N/A | 9.8 CRITICAL | ||
|
Free Desktop Clock 3.0 contains a stack overflow vulnerability in the Time Zones display name input that allows attackers to overwrite Structured Exception Handler (SEH) registers. Attackers can exploit the vulnerability by crafting a malicious Unicode input that triggers an access violation and potentially execute arbitrary code.
|
|||||
| CVE-2020-37131 | 2026-02-05 | N/A | 6.2 MEDIUM | ||
|
Nsauditor Product Key Explorer 4.2.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting a specially crafted registration key. Attackers can generate a payload of 1000 bytes of repeated characters and paste it into the 'Key' input field to trigger the application crash.
|
|||||
| CVE-2026-1301 | 2026-02-05 | N/A | N/A | ||
|
In builds with PubSub and JSON enabled, a crafted JSON message can cause the decoder to write beyond a heap-allocated array before authentication, reliably crashing the process and corrupting memory.
|
|||||
| CVE-2020-37144 | 2026-02-05 | N/A | 5.3 MEDIUM | ||
|
Exagate SYSGuard 6001 contains a cross-site request forgery vulnerability that allows attackers to create unauthorized admin accounts through a crafted HTML form. Attackers can trick users into submitting a malicious form to /kulyon.php that adds a new user with administrative privileges without the victim's consent.
|
|||||
| CVE-2020-37136 | 2026-02-05 | N/A | 7.5 HIGH | ||
|
ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers to crash the application. Attackers can overwrite the private key file input with a 2000-byte buffer, causing the application to become unresponsive when attempting to create SSH key files.
|
|||||