Total
332650 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-37204 | 1 Nsauditor | 1 Nsauditor Remshutdown | 2026-02-12 | 7.5 High |
| RemShutdown 2.9.0.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash. | ||||
| CVE-2020-37195 | 1 Nsasoft | 1 Blueauditor | 2026-02-12 | 7.5 High |
| BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash. | ||||
| CVE-2026-20619 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to access sensitive user data. | ||||
| CVE-2026-20623 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26.3. An app may be able to access protected user data. | ||||
| CVE-2026-20640 | 1 Apple | 1 Ios And Ipados | 2026-02-12 | N/A |
| An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac. | ||||
| CVE-2026-20656 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-02-12 | N/A |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. An app may be able to access a user's Safari history. | ||||
| CVE-2026-2321 | 1 Google | 1 Chrome | 2026-02-12 | 6.5 Medium |
| Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-26234 | 1 Albrecht Jung | 1 Jung Smart Visu Server | 2026-02-12 | 8.8 High |
| JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host header. Attackers can manipulate proxied requests to generate tainted responses, enabling cache poisoning, potential phishing, and redirecting users to malicious domains. | ||||
| CVE-2025-10969 | 2026-02-12 | 9.8 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection.This issue affects E-Commerce Package: through 27112025. | ||||
| CVE-2026-2003 | 2026-02-12 | 4.3 Medium | ||
| Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected. | ||||
| CVE-2025-15577 | 1 Valmet | 1 Valmet Dna Web Tools | 2026-02-12 | N/A |
| An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older. | ||||
| CVE-2026-21722 | 1 Grafana | 2 Grafana, Grafana Enterprise | 2026-02-12 | 5.3 Medium |
| Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did not leak any annotations that would not otherwise be visible on the public dashboard. | ||||
| CVE-2020-37104 | 1 Astpp | 1 Astpp | 2026-02-12 | 7.5 High |
| ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database information from the /database_backup/ directory. | ||||
| CVE-2020-37177 | 1 Weird Solutions | 1 Bootpturbo | 2026-02-12 | 7.5 High |
| BOOTP Turbo 2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Structured Exception Handler (SEH). Attackers can generate a malicious payload of 2196 bytes with specific byte patterns to trigger an application crash and corrupt the SEH chain. | ||||
| CVE-2020-37191 | 1 Top Password Software | 1 Top Password Software Dialup Password Recovery | 2026-02-12 | 7.5 High |
| Top Password Software Dialup Password Recovery 1.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting a large 5000-character payload into the User Name and Registration Code input fields. | ||||
| CVE-2020-37198 | 1 Digitalvolcano | 1 Duplicate Cleaner | 2026-02-12 | 7.5 High |
| Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application crash. | ||||
| CVE-2020-37199 | 1 Nsauditor | 1 Nbmonitor | 2026-02-12 | 7.5 High |
| NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash. | ||||
| CVE-2020-37205 | 1 Nsasoft | 1 Nsauditor Remshutdown | 2026-02-12 | 7.5 High |
| RemShutdown 2.9.0.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' registration field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash. | ||||
| CVE-2020-37209 | 1 Nsasoft | 1 Nsauditor Spotftp Ftp Password Recovery | 2026-02-12 | 7.5 High |
| SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash. | ||||
| CVE-2020-37211 | 1 Nsasoft | 1 Nsauditor Spotim | 2026-02-12 | 7.5 High |
| SpotIM 2.2 contains a denial of service vulnerability that allows attackers to crash the application by inputting a large buffer in the registration name field. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash. | ||||