Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2020-37214 Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in ... | 7.5 | HIGH | — | 0 |
| CVE-2020-37213 TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-b... | 7.5 | HIGH | — | 0 |
| CVE-2020-37212 SpotMSN 2.4.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste ... | 7.5 | HIGH | — | 0 |
| CVE-2020-37211 SpotIM 2.2 contains a denial of service vulnerability that allows attackers to crash the application by inputting a large buffer in the registration name field. Attackers can generate a 1000-character... | 7.5 | HIGH | — | 0 |
| CVE-2020-37210 SpotIE 2.9.5 contains a denial of service vulnerability in the registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste i... | 7.5 | HIGH | — | 0 |
| CVE-2020-37209 SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload a... | 7.5 | HIGH | — | 0 |
| CVE-2020-37208 SpotFTP 3.0.0.0 contains a buffer overflow vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste i... | 7.5 | HIGH | — | 0 |
| CVE-2020-37207 SpotDialup 1.6.7 contains a denial of service vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload a... | 7.5 | HIGH | — | 0 |
| CVE-2020-37206 ShareAlarmPro contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer paylo... | 7.5 | HIGH | — | 0 |
| CVE-2020-37205 RemShutdown 2.9.0.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' registration field. Attackers can generate a 1000-character buff... | 7.5 | HIGH | — | 0 |
| CVE-2020-37204 RemShutdown 2.9.0.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and ... | 7.5 | HIGH | — | 0 |
| CVE-2020-37203 Office Product Key Finder 1.5.4 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the registration code input. Attackers can create a specially ... | 7.5 | HIGH | — | 0 |
| CVE-2020-37202 NetworkSleuth 3.0.0.0 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buff... | 7.5 | HIGH | — | 0 |
| CVE-2020-37201 NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration name input that allows attackers to crash the application. Attackers can generate a 1000-character payload and past... | 7.5 | HIGH | — | 0 |
| CVE-2020-37200 NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration key input that allows attackers to crash the application by supplying oversized input. Attackers can generate a 100... | 7.5 | HIGH | — | 0 |
| CVE-2020-37199 NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and pa... | 7.5 | HIGH | — | 0 |
| CVE-2020-37198 Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generat... | 7.5 | HIGH | — | 0 |
| CVE-2020-37197 Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-characte... | 7.5 | HIGH | — | 0 |
| CVE-2020-37196 Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by providing an oversized registration key. Attackers can generate a 1000-cha... | 7.5 | HIGH | — | 0 |
| CVE-2020-37195 BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer paylo... | 7.5 | HIGH | — | 0 |
| CVE-2020-37194 Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by supplying an overly long registration key. Attackers can generate a 1000-characte... | 7.5 | HIGH | — | 0 |
| CVE-2020-37193 ZIP Password Recovery 2.30 contains a denial of service vulnerability that allows attackers to crash the application by providing maliciously crafted input. Attackers can create a specially prepared t... | 7.5 | HIGH | — | 0 |
| CVE-2020-37192 MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows attackers to read local system files through crafted XML input. Attackers can exploit the 'Favorites' tab... | 6.2 | MEDIUM | — | 0 |
| CVE-2020-37191 Top Password Software Dialup Password Recovery 1.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vul... | 7.5 | HIGH | — | 0 |
| CVE-2020-37190 Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerabilit... | 7.5 | HIGH | — | 0 |
| CVE-2020-37189 TaskCanvas 1.4.0 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload ... | 7.5 | HIGH | — | 0 |
| CVE-2020-37188 SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A'... | 7.5 | HIGH | — | 0 |
| CVE-2020-37187 SpotDialup 1.6.7 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload ... | 7.5 | HIGH | — | 0 |
| CVE-2020-37186 Chevereto 3.13.4 Core contains a remote code execution vulnerability that allows attackers to inject malicious code during database configuration installation. Attackers can manipulate the database ta... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-37185 Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character paylo... | 7.5 | HIGH | — | 0 |
| CVE-2020-37184 Allok Video Converter 4.6.1217 contains a stack overflow vulnerability in the License Name input field that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-37183 Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. At... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-37182 Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf() buffer... | 7.5 | HIGH | — | 0 |
| CVE-2020-37181 Torrent FLV Converter 1.51 Build 117 contains a stack overflow vulnerability that allows attackers to overwrite Structured Exception Handler (SEH) through a malicious registration code input. Attacker... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-37180 GTalk Password Finder 2.2.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-characte... | 7.5 | HIGH | — | 0 |
| CVE-2020-37179 APKF Product Key Finder 2.5.8.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character... | 7.5 | HIGH | — | 0 |
| CVE-2020-37178 KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML... | 7.5 | HIGH | — | 0 |
| CVE-2020-37177 BOOTP Turbo 2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Structured Exception Handler (SEH). Attackers can generate a malicious payl... | 7.5 | HIGH | — | 0 |
| CVE-2020-37176 Torrent 3GP Converter 1.51 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a ma... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-37175 P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buff... | 7.5 | HIGH | — | 0 |
| CVE-2020-37173 AVideo Platform 8.1 contains an information disclosure vulnerability that allows attackers to enumerate user details through the playlistsFromUser.json.php endpoint. Attackers can retrieve sensitive u... | 7.5 | HIGH | — | 0 |
| CVE-2020-37172 AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious reque... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-37158 AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious reque... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-37156 BloodX 1.0 contains an authentication bypass vulnerability in login.php that allows attackers to access the dashboard without valid credentials. Attackers can exploit the vulnerability by sending a cr... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-37153 ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to in... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-37104 ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a li... | 7.5 | HIGH | — | 0 |
| CVE-2019-25313 FlexNet Publisher 11.12.1 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious HTML ... | 4.0 | MEDIUM | — | 0 |
| CVE-2024-50618 A Use of Single-factor Authentication vulnerability in the Authentication component of CIPPlanner CIPAce before 9.17 allows attackers to bypass a protection mechanism. When the system is configured to... | 4.3 | MEDIUM | — | 0 |
| CVE-2024-26480 An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the admin parameter. | 7.5 | HIGH | — | 0 |
| CVE-2024-26479 An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the Command execution function. | 5.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.