Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2020-37130

    Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can create a malicious payload of 1000 bytes of repeated characters to trigger an application crash... Read more

    Affected Products : nsauditor
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Denial of Service

  • 5.1

    MEDIUM
    CVE-2020-37148

    P5 FNIP-8x16A/FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from a stored cross-site scripting vulnerability. Input passed to several GET/POST parameters is not properly sanitized before being returned to the user, allowing attackers to execute arbitrary HT... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Cross-Site Scripting

  • 8.8

    HIGH
    CVE-2025-15330

    Tanium addressed an improper input validation vulnerability in Deploy.... Read more

    Affected Products : service_deploy
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026

  • 8.6

    HIGH
    CVE-2020-37137

    PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()' function that allows attackers to execute arbitrary code through an eval() function with unsanitized POST data. Attackers can exploit the vulnerability by sending ... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Injection

  • 6.6

    MEDIUM
    CVE-2025-15312

    Tanium addressed an improper output sanitization vulnerability in Tanium Appliance.... Read more

    Affected Products : tanos
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Information Disclosure

  • 9.8

    CRITICAL
    CVE-2020-37127

    Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcp_release process by sending ... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Memory Corruption

  • 5.1

    MEDIUM
    CVE-2020-37152

    PHP-Fusion 9.03.50 panels.php is vulnerable to cross-site scripting (XSS) via the 'panel_content' POST parameter. The application fails to properly sanitize user input before rendering it in the browser, allowing attackers to inject arbitrary JavaScript. ... Read more

    Affected Products : php-fusion
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2020-37119

    Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass... Read more

    Affected Products : nsauditor
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Memory Corruption

  • 7.0

    HIGH
    CVE-2026-0715

    Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial i... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Authentication

  • 8.4

    HIGH
    CVE-2020-37142

    10-Strike Network Inventory Explorer 8.54 contains a structured exception handler buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting SEH records. Attackers can craft a malicious payload targeting the 'Computer' pa... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Memory Corruption

  • 6.7

    MEDIUM
    CVE-2020-37131

    Nsauditor Product Key Explorer 4.2.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting a specially crafted registration key. Attackers can generate a payload of 1000 bytes of repeated characters... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2020-37134

    UltraVNC Viewer 1.2.4.0 contains a denial of service vulnerability that allows attackers to crash the application by manipulating VNC Server input. Attackers can generate a malformed 256-byte payload and paste it into the VNC Server connection dialog to t... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Denial of Service

  • 9.8

    CRITICAL
    CVE-2020-37123

    Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system comman... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2020-37117

    jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated administrators to download arbitrary files. Attackers can exploit the vulnerability by sending crafted POST requests with malicious filepa... Read more

    Affected Products : jizhicms
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Path Traversal

  • 6.3

    MEDIUM
    CVE-2025-15325

    Tanium addressed an improper input validation vulnerability in Discover.... Read more

    Affected Products : service_discover
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026

  • 7.5

    HIGH
    CVE-2020-37133

    UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to tr... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Denial of Service

  • 4.3

    MEDIUM
    CVE-2025-15331

    Tanium addressed an uncontrolled resource consumption vulnerability in Connect.... Read more

    Affected Products : service_connect
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Denial of Service

  • 4.3

    MEDIUM
    CVE-2025-15334

    Tanium addressed an information disclosure vulnerability in Threat Response.... Read more

    Affected Products : service_threatresponse
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Information Disclosure

  • 8.1

    HIGH
    CVE-2020-37149

    Edimax EW-7438RPn-v3 Mini 1.27 is vulnerable to cross-site request forgery (CSRF) that can lead to command execution. An attacker can trick an authenticated user into submitting a crafted form to the /goform/mp endpoint, resulting in arbitrary command exe... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Cross-Site Request Forgery

  • 0.0

    NA
    CVE-2025-68643

    Axigen Mail Server before 10.5.57 allows stored Cross-Site Scripting (XSS) in the handling of the timeFormat account preference parameter. Attackers can exploit this by deploying a multi-stage attack. In the first stage, a malicious JavaScript payload is ... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Cross-Site Scripting
Showing 20 of 4560 Results