🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2020-37015 | High | 7.5 |
Ruijie Networks Switch eWeb S29_RGOS 11.4 contains a directory traversal vulnerability that allows unauthenticated attac…
|
✅ Patch | Jan 29, 2026 |
| CVE-2025-7713 | High | 7.5 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Inte…
|
✅ Patch | Jan 29, 2026 |
| CVE-2025-7714 | High | 7.5 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive…
|
✅ Patch | Jan 29, 2026 |
| CVE-2026-25061 | High | 7.5 |
tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame …
|
⚡ Exploit ✅ Patch | Jan 29, 2026 |
| CVE-2020-37005 | High | 7.1 |
TimeClock Software 1.01 contains an authenticated time-based SQL injection vulnerability that allows attackers to enumer…
|
✅ Patch | Jan 29, 2026 |
| CVE-2025-14386 | High | 8.8 |
The Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization plugin for WordPress …
|
✅ Patch | Jan 28, 2026 |
| CVE-2026-0844 | High | 8.8 |
The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including…
|
✅ Patch | Jan 28, 2026 |
| CVE-2026-22243 | High | 8.8 |
EGroupware is a Web based groupware server written in PHP. A SQL Injection vulnerability exists in the core components o…
|
⚡ Exploit ✅ Patch | Jan 28, 2026 |
| CVE-2026-24685 | High | 8.8 |
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitr…
|
✅ Patch | Jan 28, 2026 |
| CVE-2020-36970 | High | 8.4 |
PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system file…
|
✅ Patch | Jan 28, 2026 |
| CVE-2020-36972 | High | 8.2 |
SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'id_post' parameter of the details controller that a…
|
⚡ Exploit ✅ Patch | Jan 28, 2026 |
| CVE-2025-59891 | High | 8.0 |
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.…
|
✅ Patch | Jan 28, 2026 |
| CVE-2025-59892 | High | 8.0 |
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.…
|
✅ Patch | Jan 28, 2026 |
| CVE-2025-59893 | High | 8.0 |
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.…
|
✅ Patch | Jan 28, 2026 |
| CVE-2025-59894 | High | 8.0 |
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.…
|
✅ Patch | Jan 28, 2026 |
| CVE-2026-24840 | High | 8.0 |
Dokploy is a free, self-hostable Platform as a Service (PaaS). In versions prior to 0.26.6, a hardcoded credential in th…
|
⚡ Exploit ✅ Patch | Jan 28, 2026 |
| CVE-2020-36984 | High | 7.8 |
EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute…
|
✅ Patch | Jan 28, 2026 |
| CVE-2020-36985 | High | 7.8 |
IP Watcher 3.0.0.30 contains an unquoted service path vulnerability in its Windows service configuration that allows loc…
|
✅ Patch | Jan 28, 2026 |
| CVE-2020-36986 | High | 7.8 |
Prey 1.9.6 contains an unquoted service path vulnerability that allows local users to potentially execute code with elev…
|
✅ Patch | Jan 28, 2026 |
| CVE-2020-36987 | High | 7.8 |
Program Access Controller 1.2.0.0 contains an unquoted service path vulnerability in PACService.exe that allows local at…
|
✅ Patch | Jan 28, 2026 |