Total CVEs

142,265

Critical Severity

3,947

High Severity

14,217

Last 7 Days

1,925
Quick preset (or use dates below)
Clear Filters
Showing 11,821 - 11,840 of 14,217 CVEs
CVE-2020-37193 HIGH - 7.5

ZIP Password Recovery 2.30 contains a denial of service vulnerability that allows attackers to crash the application by providing maliciously crafted input. Attackers can create a specially prepared text file with specific characters to trigger an application crash when selecting a ZIP file.

Vendor: Top Password Software
Product: ZIP Password Recovery
Published: Feb 11, 2026
Source: NVD
CVE-2020-37191 HIGH - 7.5

Top Password Software Dialup Password Recovery 1.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting a large 5000-character payload into the User Name and Registration Code inpu...

Vendor: Top Password Software
Product: Top Password Software Dialup Password Recovery
Published: Feb 11, 2026
Source: NVD
CVE-2020-37190 HIGH - 7.5

Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Registration Code input fields.

Vendor: Top Password Software
Product: Top Password Firefox Password Recovery
Published: Feb 11, 2026
Source: NVD
CVE-2020-37189 HIGH - 7.5

TaskCanvas 1.4.0 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration field to trigger an application crash.

Vendor: DigitalVolcano Software
Product: TaskCanvas
Published: Feb 11, 2026
Source: NVD
CVE-2020-37188 HIGH - 7.5

SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A' characters into the 'Name' field, causing the application to become unresponsiv...

Vendor: Nsasoft
Product: Nsauditor SpotOutlook
Published: Feb 11, 2026
Source: NVD
CVE-2020-37187 HIGH - 7.5

SpotDialup 1.6.7 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

Vendor: Nsasoft
Product: Nsauditor SpotDialup
Published: Feb 11, 2026
Source: NVD
CVE-2020-37185 HIGH - 7.5

Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.

Vendor: Nsasoft
Product: Nsauditor Backup Key Recovery
Published: Feb 11, 2026
Source: NVD
CVE-2020-37182 HIGH - 7.5

Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf() buffer without proper length checking to overwrite memory and cause a segmentation fault, resulting in pro...

Vendor: troglobit
Product: Redir
Published: Feb 11, 2026
Source: NVD
CVE-2020-37180 HIGH - 7.5

GTalk Password Finder 2.2.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash.

Vendor: Nsasoft
Product: Nsauditor GTalk Password Finder
Published: Feb 11, 2026
Source: NVD
CVE-2020-37179 HIGH - 7.5

APKF Product Key Finder 2.5.8.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.

Vendor: Nsasoft
Product: Nsauditor APKF Product Key Finder
Published: Feb 11, 2026
Source: NVD
CVE-2020-37178 HIGH - 7.5

KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash.

Vendor: Keepass
Product: KeePass Password Safe
Published: Feb 11, 2026
Source: NVD
CVE-2020-37177 HIGH - 7.5

BOOTP Turbo 2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Structured Exception Handler (SEH). Attackers can generate a malicious payload of 2196 bytes with specific byte patterns to trigger an application crash and corrupt the SEH ch...

Vendor: Weird Solutions
Product: BOOTP Turbo
Published: Feb 11, 2026
Source: NVD
CVE-2020-37175 HIGH - 7.5

P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buffer into the Camera ID field to trigger an application crash on iOS devices.

Vendor: Ka Ming Cheung
Product: P2PWIFICAM2 for iOS
Published: Feb 11, 2026
Source: NVD
CVE-2020-37173 HIGH - 7.5

AVideo Platform 8.1 contains an information disclosure vulnerability that allows attackers to enumerate user details through the playlistsFromUser.json.php endpoint. Attackers can retrieve sensitive user information including email, password hash, and administrative status by manipulating the users_...

Vendor: AVideo
Product: AVideo Platform
Published: Feb 11, 2026
Source: NVD
CVE-2020-37104 HIGH - 7.5

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database inf...

Vendor: ASTPP
Product: ASTPP
Published: Feb 11, 2026
Source: NVD
CVE-2024-26480 HIGH - 7.5

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the admin parameter.

Published: Feb 11, 2026
Source: NVD
CVE-2024-26477 HIGH - 7.5

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazon_sns, export endpoints.

Published: Feb 11, 2026
Source: NVD
CVE-2026-2321 HIGH - 8.8

Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Vendor: google
Product: chrome
Published: Feb 11, 2026
Source: NVD
CVE-2026-2319 HIGH - 7.5

Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures and install a malicious extension to potentially exploit object corruption via a malicious file. (Chromium security severity: Medium)

Vendor: google
Product: chrome
Published: Feb 11, 2026
Source: NVD
CVE-2026-2315 HIGH - 8.8

Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Vendor: google
Product: chrome
Published: Feb 11, 2026
Source: NVD