Skip to main content
CVE-2025-15467 HIGH POC PATCH CISA Act Now

OpenSSL has a critical out-of-bounds write when parsing CMS AuthEnvelopedData/EnvelopedData with malicious AEAD parameters, enabling potential RCE.

OpenSSL RCE Buffer Overflow Memory Corruption
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.0%
Threat
5.3
CVE-2020-36942 HIGH POC This Week

Victor Cms versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP Victor Cms
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-24747 HIGH POC PATCH This Week

PyTorch is a Python package that provides tensor computation. [CVSS 8.8 HIGH]

Python Pytorch Checkpoint Code Injection RCE
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2020-36938 HIGH POC This Week

WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory. [CVSS 8.8 HIGH]

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2021-47902 HIGH POC This Week

Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'q' search parameter. [CVSS 8.2 HIGH]

SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2020-36951 HIGH POC This Week

Phpscript-sgh 0.1.0 contains a time-based blind SQL injection vulnerability in the admin interface that allows attackers to manipulate database queries through the 'id' parameter. [CVSS 8.2 HIGH]

SQLi
NVD GitHub Exploit-DB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-24741 HIGH POC PATCH This Week

Arbitrary file deletion in ConvertX prior to version 0.17.0 allows authenticated attackers to remove files outside the intended upload directory by exploiting insufficient path validation in the POST /delete endpoint. The vulnerability enables attackers to supply path traversal sequences that bypass directory restrictions, with impact limited only by server process permissions. Public exploit code exists for this HIGH severity flaw, though a patch is available in version 0.17.0.

Path Traversal Convertx
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-24490 HIGH POC PATCH This Week

MobSF versions prior to 4.4.5 are vulnerable to stored XSS through unsanitized rendering of Android manifest attributes in HTML reports, allowing attackers to inject malicious JavaScript by uploading crafted APK files. Public exploit code exists for this vulnerability, and successful exploitation enables session hijacking and account takeover of security analysts using the framework. Upgrade to version 4.4.5 or later to remediate.

Android XSS Mobile Security Framework
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2020-36980 HIGH POC This Week

its Windows service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

Windows Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36983 HIGH POC This Week

Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36982 HIGH POC This Week

MotoHelperService.exe service contains a vulnerability that allows attackers to potentially inject malicious code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36981 HIGH POC This Week

PST Service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36979 HIGH POC This Week

Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup. [CVSS 7.8 HIGH]

Windows
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36977 HIGH POC This Week

ElevationService executable contains a vulnerability that allows attackers to potentially inject malicious code (CVSS 7.8).

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36976 HIGH POC This Week

its service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36975 HIGH POC This Week

EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36974 HIGH POC This Week

Realtek Andrea RT Filters 1.0.64.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24882 HIGH POC PATCH This Week

Stack-based buffer overflow in GnuPG's tpm2daemon (versions before 2.5.17) allows a local attacker to corrupt the daemon's stack by sending a crafted PKDECRYPT command targeting TPM-backed RSA or ECC keys, potentially achieving arbitrary code execution in the daemon's context. The flaw affects GnuPG and the bundled Gpg4win distribution and has been patched by upstream and major Linux vendors (Red Hat, SUSE). Publicly available exploit code exists, though the EPSS score is negligible (0.01%) and it is not listed in CISA KEV (no public exploit identified as actively exploited in the wild).

Buffer Overflow Stack Overflow Gpg4win Gnupg
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23881 HIGH POC PATCH This Week

Kyverno versions up to 1.16.3 is affected by allocation of resources without limits or throttling (CVSS 7.7).

Denial Of Service Kyverno Suse
NVD GitHub
CVSS 3.1
7.7
EPSS
0.1%
CVE-2020-36939 HIGH POC This Week

Cassandra Web 0.5.0 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating path traversal parameters. [CVSS 7.5 HIGH]

Apache Path Traversal
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-36946 HIGH POC This Week

SyncBreeze 10.0.28 contains a denial of service vulnerability in the login endpoint that allows remote attackers to crash the service. Attackers can send an oversized payload in the login request to overwhelm the application and potentially disrupt service availability. [CVSS 7.5 HIGH]

Denial Of Service Syncbreeze
NVD Exploit-DB VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2020-36949 HIGH POC This Week

Tapinradio versions up to 2.13.7 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Denial Of Service Tapinradio
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24477 HIGH POC This Week

Anythingllm versions up to 1.10.0 contains a vulnerability that allows attackers to complete compromise of the semantic search / retrieval functionality and indirec (CVSS 7.5).

Information Disclosure AI / ML Anythingllm
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24486 HIGH POC PATCH This Week

Arbitrary file write in python-multipart prior to 0.0.22 lets remote attackers place uploaded files outside the intended upload directory by supplying a filename that begins with an absolute path (e.g. '/etc/...'). The flaw only manifests in deployments that enable the non-default options UPLOAD_DIR plus UPLOAD_KEEP_FILENAME=True, where os.path.join silently discards the configured directory. Publicly available exploit code exists (Exploit-DB 52543, GHSA-wp53-j4wj-2cfg), though EPSS is very low (0.03%, 7th percentile) and it is not in CISA KEV.

Python Path Traversal Python Multipart
NVD GitHub Exploit-DB VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-1448 HIGH POC This Week

Remote code execution in D-Link DIR-615 firmware through os command injection via the ipaddr parameter in the Web Management Interface allows unauthenticated remote attackers to execute arbitrary commands. The vulnerability affects unsupported firmware versions up to 4.10, and public exploit code is available. No patch has been released by the vendor.

D-Link PHP Command Injection Dir 615 Firmware
NVD VulDB
CVSS 3.1
7.2
EPSS
0.5%
CVE-2026-24478 HIGH POC This Week

AnythingLLM versions prior to 1.10.0 contain a path traversal vulnerability in the DrupalWiki integration that allows malicious administrators or attackers with admin privileges to write arbitrary files to the server, potentially achieving remote code execution through configuration file overwriting or malicious script injection. Public exploit code exists for this vulnerability, and no patch is currently available for affected deployments. The attack requires high-level privileges but carries critical risk due to the ability to completely compromise server integrity.

Drupal RCE Path Traversal AI / ML Anythingllm
NVD GitHub
CVSS 3.1
7.2
EPSS
0.2%
CVE-2026-24779 HIGH POC PATCH This Week

vLLM before version 0.14.1 contains a server-side request forgery vulnerability in the MediaConnector class where inconsistent URL parsing between libraries allows attackers to bypass host restrictions and force the server to make arbitrary requests to internal network resources. Public exploit code exists for this vulnerability, which poses significant risk in containerized environments where a compromised vLLM instance could be leveraged to access restricted internal systems. The vulnerability affects users running vLLM's multimodal features with untrusted input.

Python SSRF Denial Of Service Vllm Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2020-36947 HIGH POC This Week

LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. [CVSS 7.1 HIGH]

SQLi Librenms
NVD GitHub Exploit-DB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-41726 HIGH This Week

A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes. [CVSS 8.8 HIGH]

Integer Overflow RCE
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-24869 HIGH PATCH This Week

Firefox versions prior to 147.0.2 contain a use-after-free vulnerability in the Layout: Scrolling and Overflow component that can be triggered by user interaction, allowing remote attackers to achieve code execution with high integrity and confidentiality impact. The vulnerability requires network access and user interaction but does not require authentication, making it exploitable through malicious web content. No patch is currently available for this vulnerability.

Use After Free Memory Corruption Buffer Overflow Mozilla
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-24345 HIGH This Week

Ezcast Pro Dongle Ii Firmware versions up to 1.17478.146 is affected by improper input validation (CVSS 8.8).

CSRF Ezcast Pro Dongle Ii Firmware
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-24778 HIGH PATCH This Week

Ghost is an open source content management system. [CVSS 8.8 HIGH]

XSS Ghost Portal
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-55102 HIGH This Week

A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too Big" with more than 15 different source address can lead to denial of service.

Denial Of Service Threadx Netx Duo
NVD GitHub
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-21721 HIGH PATCH This Week

Dashboard permission API fails to validate scope boundaries, allowing authenticated users with permission management rights on any single dashboard to read and modify permissions across all organization dashboards. This privilege escalation affects multi-user dashboard environments where permission isolation is expected. No patch is currently available.

Privilege Escalation Authentication Bypass Grafana
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-24765 HIGH POC PATCH GHSA This Week

Unsafe deserialization in PHPUnit versions before 8.5.52, 9.6.33, 10.5.62, 11.5.50, and 12.5.8 allows local attackers to execute arbitrary code by placing malicious serialized objects in `.coverage` files that are deserialized without validation during PHPT test execution. An attacker with file write access can exploit the `cleanupForCoverage()` method's lack of object class restrictions to trigger gadget chains through `__wakeup()` methods. This high-severity vulnerability (CVSS 7.8) affects developers and CI/CD systems running PHPUnit on Linux systems.

RCE Deserialization Debian Linux Phpunit Red Hat +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-0648 HIGH This Week

Memory corruption in ThreadX RTOS CreateCounter() function allows local attackers with user privileges to trigger hard faults or corrupt kernel memory by exhausting the counter pool, which causes an unchecked error code to be cast as a wild pointer. The vulnerability stems from incorrect error validation logic that fails to detect counter allocation failures, enabling subsequent writes to arbitrary memory addresses. No patch is currently available.

Buffer Overflow Threadx
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-41727 HIGH This Week

A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access. [CVSS 7.8 HIGH]

Authentication Bypass
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24875 HIGH This Week

An integer overflow vulnerability in yoyofr modizer before version 4.1.1 allows local attackers with user interaction to achieve high-impact compromise including confidentiality, integrity, and availability violations. The vulnerability requires local access and user interaction to trigger, enabling attackers to execute arbitrary code or cause denial of service through integer wraparound conditions. No patch is currently available for this vulnerability.

Integer Overflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24873 HIGH This Week

Out-of-bounds memory read in Rinnegatamante lpp-vita before version r6 allows local attackers with user interaction to read sensitive data, modify memory, or crash the application. The vulnerability requires local access and user interaction to trigger, affecting the integrity and confidentiality of affected systems. No patch is currently available.

Buffer Overflow Information Disclosure
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-1361 HIGH This Week

ASDA-Soft Stack-based Buffer Overflow Vulnerability [CVSS 7.8 HIGH]

Buffer Overflow Stack Overflow Asda Soft
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33234 HIGH This Week

NVIDIA runx contains a vulnerability where an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Denial Of Service Privilege Escalation Code Injection Information Disclosure AI / ML
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-69420 HIGH PATCH This Week

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. [CVSS 7.5 HIGH]

OpenSSL Denial Of Service
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-1315 HIGH This Week

Unauthenticated remote attackers can crash core system services on Tapo C220 and C520WS cameras by sending specially crafted files to the firmware update endpoint, bypassing authentication and integrity checks. This results in a persistent denial of service condition that requires manual device reboot to restore functionality. No patch is currently available for affected firmware versions.

Denial Of Service Tapo C520ws Firmware Tapo C220 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-22259 HIGH PATCH This Week

Suricata versions prior to 8.0.3 and 7.0.14 are vulnerable to a denial of service condition where specially crafted DNP3 traffic triggers excessive memory consumption, potentially exhausting system memory and causing the service to crash. An unauthenticated attacker on the network can exploit this by sending malicious DNP3 packets to cause the IDS/IPS engine to become unavailable. A patch is available in the latest versions, and users can mitigate the risk by disabling the DNP3 parser if not required.

Denial Of Service Suricata Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-69421 HIGH PATCH CISA This Week

Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. [CVSS 7.5 HIGH]

OpenSSL Null Pointer Dereference Denial Of Service RCE
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-24828 HIGH This Week

A memory leak in is-Engine before version 3.3.4 allows remote attackers to cause a denial of service by exhausting server memory without requiring authentication or user interaction. The vulnerability affects all versions of is-Engine prior to 3.3.4 and has a high CVSS score of 7.5 due to its network-accessible nature and ease of exploitation. No patch is currently available for this issue.

Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-24827 HIGH This Week

Commander-Genius prior to pull request 358 contains an out-of-bounds write vulnerability that allows remote attackers to cause denial of service through network access without authentication or user interaction. The vulnerability stems from improper memory boundary validation in the application, enabling attackers to crash the service or potentially execute arbitrary code. No patch is currently available for this issue.

Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-24831 HIGH This Week

Ix Ray Engine 1.6 before version 1.3 contains an infinite loop vulnerability that allows remote attackers to cause denial of service without authentication or user interaction. The flaw stems from an unreachable exit condition in a processing loop, enabling attackers to exhaust system resources and render the application unresponsive. No patch is currently available for this high-severity issue.

Denial Of Service Ix Ray Engine 1.6
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-22258 HIGH PATCH This Week

Uncontrolled buffer expansion in Suricata's DCERPC parser allows remote attackers to trigger unbounded memory allocation and cause denial of service by sending specially crafted DCERPC traffic. The vulnerability affects versions prior to 8.0.3 and 7.0.14 across DCERPC/UDP, DCERPC/TCP, and SMB protocols, with TCP being partially protected by default stream depth limits. Patches are available, and administrators can mitigate by disabling vulnerable parsers or configuring stream reassembly depth limits.

Denial Of Service Suricata Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-23593 HIGH This Week

web-based management interface of HPE Aruba Networking Fabric Composer is affected by path traversal (CVSS 7.5).

Path Traversal
NVD
CVSS 3.1
7.5
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy