🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-25153 | High | 7.7 |
Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.…
|
✅ Patch | Jan 30, 2026 |
| CVE-2020-37034 | High | 7.5 |
HelloWeb 2.0 contains an arbitrary file download vulnerability that allows remote attackers to download system files by …
|
✅ Patch | Jan 30, 2026 |
| CVE-2020-37038 | High | 7.5 |
Code Blocks 20.03 contains a denial of service vulnerability that allows attackers to crash the application by manipulat…
|
✅ Patch | Jan 30, 2026 |
| CVE-2020-37039 | High | 7.5 |
Frigate 2.02 contains a denial of service vulnerability that allows attackers to crash the application by sending oversi…
|
✅ Patch | Jan 30, 2026 |
| CVE-2020-37041 | High | 7.5 |
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can…
|
⚡ Exploit ✅ Patch | Jan 30, 2026 |
| CVE-2024-4027 | High | 7.5 |
A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames() can cause an…
|
✅ Patch | Jan 30, 2026 |
| CVE-2025-36184 | High | 7.2 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 could allow an instance owner to execu…
|
✅ Patch | Jan 30, 2026 |
| CVE-2026-24780 | High | 8.8 |
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that aut…
|
⚡ Exploit ✅ Patch | Jan 29, 2026 |
| CVE-2026-25047 | High | 8.8 |
deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution …
|
⚡ Exploit ✅ Patch | Jan 29, 2026 |
| CVE-2020-37001 | High | 8.4 |
Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the Pack File feature that allows attack…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-36999 | High | 8.2 |
Elaniin CMS 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard by manipul…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37004 | High | 8.2 |
Ultimate Project Manager CRM PRO 2.0.5 contains a blind SQL injection vulnerability that allows attackers to extract use…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37006 | High | 8.2 |
berliCRM 1.0.24 contains a SQL injection vulnerability in the 'src_record' parameter that allows remote attackers to man…
|
✅ Patch | Jan 29, 2026 |
| CVE-2026-1610 | High | 8.1 |
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this issue is some unknown functionality of t…
|
✅ Patch | Jan 29, 2026 |
| CVE-2025-7016 | High | 8.0 |
Improper Access Control vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Aut…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37016 | High | 7.8 |
BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with eleva…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37020 | High | 7.8 |
SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37021 | High | 7.8 |
10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local a…
|
✅ Patch | Jan 29, 2026 |
| CVE-2026-25116 | High | 7.6 |
Runtipi is a personal homeserver orchestrator. Starting in version 4.5.0 and prior to version 4.7.2, an unauthenticated …
|
⚡ Exploit ✅ Patch | Jan 29, 2026 |
| CVE-2020-36995 | High | 7.5 |
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application …
|
✅ Patch | Jan 29, 2026 |