Latest CVE Feed
-
6.8
MEDIUMCVE-2026-1301
In builds with PubSub and JSON enabled, a crafted JSON message can cause the decoder to write beyond a heap-allocated array before authentication, reliably crashing the process and corrupting memory.... Read more
Affected Products :- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2020-37138
10-Strike Network Inventory Explorer 9.03 contains a buffer overflow vulnerability in the file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malicious text file with carefully constructed payload to tri... Read more
Affected Products :- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-15336
Tanium addressed an incorrect default permissions vulnerability in Performance.... Read more
Affected Products : service_performance- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Authorization
-
9.8
CRITICALCVE-2020-37127
Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcp_release process by sending ... Read more
Affected Products :- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2020-37123
Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system comman... Read more
Affected Products :- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Injection
-
7.5
HIGHCVE-2020-37130
Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can create a malicious payload of 1000 bytes of repeated characters to trigger an application crash... Read more
Affected Products : nsauditor- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Denial of Service
-
6.5
MEDIUMCVE-2025-15343
Tanium addressed an incorrect default permissions vulnerability in Enforce.... Read more
Affected Products : service_enforce- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Authorization
-
6.5
MEDIUMCVE-2025-15341
Tanium addressed an incorrect default permissions vulnerability in Benchmark.... Read more
Affected Products : service_benchmark- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Authorization
-
9.8
CRITICALCVE-2020-37124
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to... Read more
Affected Products :- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2020-37120
Rubo DICOM Viewer 2.0 contains a buffer overflow vulnerability in the DICOM server name input field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious text file with carefully constructed payload to exec... Read more
Affected Products :- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Memory Corruption
-
8.6
HIGHCVE-2020-37137
PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()' function that allows attackers to execute arbitrary code through an eval() function with unsanitized POST data. Attackers can exploit the vulnerability by sending ... Read more
Affected Products :- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-15330
Tanium addressed an improper input validation vulnerability in Deploy.... Read more
Affected Products : service_deploy- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
-
4.3
MEDIUMCVE-2025-15334
Tanium addressed an information disclosure vulnerability in Threat Response.... Read more
Affected Products : service_threatresponse- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Information Disclosure
-
6.5
MEDIUMCVE-2025-15337
Tanium addressed an incorrect default permissions vulnerability in Patch.... Read more
Affected Products : service_patch- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Authorization
-
3.7
LOWCVE-2025-15323
Tanium addressed an improper certificate validation vulnerability in Tanium Appliance.... Read more
Affected Products : tanos- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Misconfiguration
-
4.9
MEDIUMCVE-2025-15329
Tanium addressed an information disclosure vulnerability in Threat Response.... Read more
Affected Products : service_threatresponse- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Information Disclosure
-
5.0
MEDIUMCVE-2025-15328
Tanium addressed an improper link resolution before file access vulnerability in Enforce.... Read more
Affected Products : service_enforce- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Path Traversal
-
4.3
MEDIUMCVE-2025-15327
Tanium addressed an improper access controls vulnerability in Deploy.... Read more
Affected Products : service_deploy- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Authorization
-
3.1
LOWCVE-2025-15289
Tanium addressed an improper access controls vulnerability in Interact.... Read more
Affected Products : service_interact- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Authorization
-
9.8
CRITICALCVE-2020-37126
Free Desktop Clock 3.0 contains a stack overflow vulnerability in the Time Zones display name input that allows attackers to overwrite Structured Exception Handler (SEH) registers. Attackers can exploit the vulnerability by crafting a malicious Unicode in... Read more
Affected Products :- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Memory Corruption