Total
3942 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-31979 | 1 Fossies | 1 Catdoc | 2026-02-18 | N/A | 7.8 HIGH |
| Catdoc v0.95 was discovered to contain a global buffer overflow via the function process_file at /src/reader.c. | |||||
| CVE-2026-1110 | 1 Cijliu | 1 Librtsp | 2026-02-18 | 4.3 MEDIUM | 5.3 MEDIUM |
| A flaw has been found in cijliu librtsp up to 2ec1a81ad65280568a0c7c16420d7c10fde13b04. This affects the function rtsp_parse_method. This manipulation causes buffer overflow. It is possible to launch the attack on the local host. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2020-37201 | 1 Nsasoft | 1 Netsharewatcher | 2026-02-17 | N/A | 7.5 HIGH |
| NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration name input that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash. | |||||
| CVE-2026-24793 | 1 Azerothcore | 1 Azerothcore | 2026-02-17 | N/A | 9.8 CRITICAL |
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in azerothcore azerothcore-wotlk (deps/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects azerothcore-wotlk: through v4.0.0. | |||||
| CVE-2026-1108 | 1 Cijliu | 1 Librtsp | 2026-02-17 | 4.3 MEDIUM | 5.3 MEDIUM |
| A security vulnerability has been detected in cijliu librtsp up to 2ec1a81ad65280568a0c7c16420d7c10fde13b04. The affected element is the function rtsp_rely_dumps. The manipulation leads to buffer overflow. An attack has to be approached locally. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-1109 | 1 Cijliu | 1 Librtsp | 2026-02-17 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was detected in cijliu librtsp up to 2ec1a81ad65280568a0c7c16420d7c10fde13b04. The impacted element is the function rtsp_parse_request. The manipulation results in buffer overflow. Attacking locally is a requirement. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-2068 | 1 Utt | 2 520w, 520w Firmware | 2026-02-13 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/formSyslogConf. The manipulation of the argument ServerIp results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-2070 | 1 Utt | 2 520w, 520w Firmware | 2026-02-13 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in UTT 进取 520W 1.7.7-180627. The affected element is the function strcpy of the file /goform/formPolicyRouteConf. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-2071 | 1 Utt | 2 520w, 520w Firmware | 2026-02-13 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formP2PLimitConfig. Performing a manipulation of the argument except results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2022-37020 | 1 Hp | 52 Elite Slice, Elite Slice Firmware, Elite Slice For Meeting Rooms and 49 more | 2026-02-13 | N/A | 6.8 MEDIUM |
| Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. | |||||
| CVE-2020-37213 | 2026-02-12 | N/A | 7.5 HIGH | ||
| TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-byte payload and paste it into the activation field to trigger an application crash. | |||||
| CVE-2020-37190 | 2026-02-12 | N/A | 7.5 HIGH | ||
| Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Registration Code input fields. | |||||
| CVE-2020-37188 | 2026-02-12 | N/A | 7.5 HIGH | ||
| SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A' characters into the 'Name' field, causing the application to become unresponsive. | |||||
| CVE-2020-37179 | 2026-02-12 | N/A | 7.5 HIGH | ||
| APKF Product Key Finder 2.5.8.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash. | |||||
| CVE-2020-37180 | 2026-02-12 | N/A | 7.5 HIGH | ||
| GTalk Password Finder 2.2.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash. | |||||
| CVE-2020-37202 | 2026-02-12 | N/A | 7.5 HIGH | ||
| NetworkSleuth 3.0.0.0 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash. | |||||
| CVE-2020-37203 | 2026-02-12 | N/A | 7.5 HIGH | ||
| Office Product Key Finder 1.5.4 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the registration code input. Attackers can create a specially crafted text file and paste it into the 'Name and Key' field to trigger an application crash. | |||||
| CVE-2020-37215 | 2026-02-12 | N/A | 7.5 HIGH | ||
| MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized input in the registration code field. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the 'User Name and Registration Code' field to trigger an application crash. | |||||
| CVE-2020-37185 | 2026-02-12 | N/A | 7.5 HIGH | ||
| Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash. | |||||
| CVE-2020-37195 | 2026-02-12 | N/A | 7.5 HIGH | ||
| BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash. | |||||