Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.7 MEDIUM
CVE-2020-37132 — UltraVNC Launcher 1.2.4.0 - 'Password' Denial of Service

UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local attackers to crash the application. Attackers can paste an overly long …

ultravnc | Denial of Service
Feb 05, 2026 Feb 09, 2026
Feb 05, 2026
Feb 09, 2026
6.7 MEDIUM
CVE-2020-37131 — Product Key Explorer 4.2.2.0 - 'Key' Denial of Service

Nsauditor Product Key Explorer 4.2.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting a specially crafted registration key. Attackers can…

product_key_explorer | Denial of Service
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
7.5 HIGH
CVE-2020-37130 — Nsauditor 3.2.0.0 - 'Name' Denial of Service

Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can create a malicious payload of 1000 byte…

nsauditor | Remote | Denial of Service
Feb 05, 2026 Feb 09, 2026
Feb 05, 2026
Feb 09, 2026
9.8 CRITICAL
CVE-2020-37129 — Memu Play 7.1.3 - Insecure Folder Permissions

Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.exe executable. Attackers can replace the service executable with a ma…

memu | Remote | Misconfiguration
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
6.7 MEDIUM
CVE-2020-37128 — ZOC Terminal 7.25.5 - 'Script' Denial of Service

ZOC Terminal 7.25.5 contains a script processing vulnerability that allows local attackers to crash the application by loading a maliciously crafted REXX script file. Attackers can generate an oversi…

| Denial of Service
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
9.8 CRITICAL
CVE-2020-37127 — dnsmasq-utils 2.79-1 - 'dhcp_release' Denial of Service

Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core…

Remote | Memory Corruption
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
9.8 CRITICAL
CVE-2020-37126 — Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH)

Free Desktop Clock 3.0 contains a stack overflow vulnerability in the Time Zones display name input that allows attackers to overwrite Structured Exception Handler (SEH) registers. Attackers can expl…

Remote | Memory Corruption
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
9.8 CRITICAL
CVE-2020-37125 — Edimax Technology EW-7438RPn-v3 Mini 1.27 - Remote Code Execution

Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands through the /goform/mp endpoint. Attackers can exploi…

ew-7438rpn_mini_firmware ew-7438rpn_mini | Remote | Injection
Feb 05, 2026 Feb 18, 2026
Feb 05, 2026
Feb 18, 2026
9.8 CRITICAL
CVE-2020-37124 — B64dec 1.1.2 - Buffer Overflow (SEH Overflow + Egg Hunter)

B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an e…

Remote | Memory Corruption
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
9.8 CRITICAL
CVE-2020-37123 — Pinger 1.0 - Remote Code Execution

Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.ph…

Remote | Injection
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
9.8 CRITICAL
CVE-2020-37121 — CODE::BLOCKS 16.01 - Buffer Overflow (SEH) UNICODE

CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler with crafted Unicode characters. Attackers can …

Remote | Memory Corruption
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
9.8 CRITICAL
CVE-2020-37120 — Rubo DICOM Viewer 2.0 - Buffer Overflow (SEH)

Rubo DICOM Viewer 2.0 contains a buffer overflow vulnerability in the DICOM server name input field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malici…

Remote | Memory Corruption
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
9.8 CRITICAL
CVE-2020-37119 — Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS…

nsauditor | Remote | Memory Corruption
Feb 05, 2026 Feb 09, 2026
Feb 05, 2026
Feb 09, 2026
5.1 MEDIUM
CVE-2020-37118 — P5 FNIP-8x16A FNIP-4xSH 1.0.20 - Cross-Site Request Forgery (Add Admin)

P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user interaction. Attackers can craft malicious web …

Remote | Cross-Site Request Forgery
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
8.8 HIGH
CVE-2020-37117 — jizhiCMS 1.6.7 - Arbitrary File Download

jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated administrators to download arbitrary files. Attackers can exploit the vulnerabilit…

jizhicms | Remote | Path Traversal
Feb 05, 2026 Feb 24, 2026
Feb 05, 2026
Feb 24, 2026
8.8 HIGH
CVE-2025-68722 — Axigen Mail Server CSRF

Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery (CSRF) vulnerability in the WebAdmin interface through improper handling of the _s (breadcrumb) param…

axigen_mail_server | Remote | Cross-Site Request Forgery
Feb 05, 2026 Feb 24, 2026
Feb 05, 2026
Feb 24, 2026
9.1 CRITICAL
CVE-2025-68721 — Axigen Mail Server SSL Certificate Access Control Bypass

Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gai…

axigen_mail_server | Remote | Authorization
Feb 05, 2026 Feb 13, 2026
Feb 05, 2026
Feb 13, 2026
8.8 HIGH
CVE-2020-37151 — phpMyChat Plus 1.98 'deluser.php' SQL Injection

phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmc_username parameter that allows attackers to manipulate database queries. Attackers can exploit boole…

phpmychat-plus | Remote | Injection
Feb 05, 2026 Feb 20, 2026
Feb 05, 2026
Feb 20, 2026
5.4 MEDIUM
CVE-2026-1927 — GreenShift - Animation and Page Builder Blocks <= 12.6 - Missing Authorization to Authent…

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshift_app_pass_validation() function…

greenshift_-_animation_and_page_builder_blocks | Remote | Authorization
Feb 05, 2026 Mar 03, 2026
Feb 05, 2026
Mar 03, 2026
8.7 HIGH
CVE-2026-1523 — Path Traversal in Digitek from Grupo Azkoyen

Path Traversal vulnerability in Digitek ADT1100 and Digitek DT950 from PRIMION DIGITEK, S.L.U (Azkoyen Group). This vulnerability allows an attacker to access arbitrary files in the server's file sys…

Remote | Path Traversal
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
Showing 20 of 5134 Results