CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7280 matches found

Positive Technologies•added 2026/02/04 12:0 a.m.•2 views

PT-2026-6495

Impact Config partition measurement was moved from PCR 13 to PCR 14 in a commit, but PCR 14 was not added to the list of PCRs that seal/unseal the vault key. As a result, an attacker can remove the disk, use another server to modify the files in the config partition, and then re-insert the disk...

8.8CVSS5.4AI score0.00161EPSS

Exploits0References6

CNNVD•added 2026/02/04 12:0 a.m.•4 views

Navidrome 安全漏洞

Navidrome is an open-source web-based music collection server and streaming service developed by Navidrome. It allows users to listen to their music collections from any browser or mobile device. Versions of Navidrome prior to 0.60.0 contained a security vulnerability that occurred when attemptin...

9.2CVSS5.8AI score0.00455EPSS

Exploits1References2

Positive Technologies•added 2026/02/04 12:0 a.m.•4 views

PT-2026-6437

Summary Authenticated users can crash the Navidrome server by supplying an excessively large size parameter to /rest/getCoverArt or to a shared-image URL /share/img/. When processing such requests, the server attempts to create an extremely large resized image, causing uncontrolled memory growth...

9.2CVSS5.5AI score0.00455EPSS

Exploits1References5

NVD•added 2026/02/03 3:16 p.m.•5 views

CVE-2020-37099

Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe' to inject malicious...

8.5CVSS0.00119EPSS

Exploits0References3

NVD•added 2026/02/03 3:16 p.m.•3 views

CVE-2020-37098

Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with...

8.5CVSS0.00119EPSS

Exploits0References3

CVE•added 2026/02/03 2:49 p.m.•6 views

CVE-2020-37099

Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration (C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe), enabling local attackers to inject malicious executables and escalate privileges. Affected component: the Disk Savvy service. Root c...

8.5CVSS5.7AI score0.00119EPSS

Exploits0References3

Cvelist•added 2026/02/03 2:49 p.m.•26 views

CVE-2020-37099 Disk Savvy Enterprise 12.3.18 - 'disksvs.exe' Unquoted Service Path

8.5CVSS0.00119EPSS

Exploits0References3

ATTACKERKB•added 2026/02/03 2:49 p.m.•2 views

CVE-2020-37099

8.5CVSS5.7AI score0.00119EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/02/03 2:49 p.m.•4 views

CVE-2020-37099 Disk Savvy Enterprise 12.3.18 - 'disksvs.exe' Unquoted Service Path

8.5CVSS5.7AI score0.00119EPSS

Exploits0References3

EUVD•added 2026/02/03 2:49 p.m.•5 views

EUVD-2020-30977

8.5CVSS5.7AI score0.00119EPSS

Exploits0References3

CVE•added 2026/02/03 2:49 p.m.•10 views

CVE-2020-37098

Disk Sorter Enterprise 12.4.16 is affected by an unquoted service path vulnerability that can allow local attackers to execute arbitrary code with LocalSystem privileges by exploiting the unquoted path in the service configuration. The CVE description and multiple connected sources confirm the vu...

8.5CVSS6AI score0.00119EPSS

Exploits0References3

Cvelist•added 2026/02/03 2:49 p.m.•27 views

CVE-2020-37098 Disk Sorter Enterprise 12.4.16 - Unquoted Service Path

8.5CVSS0.00119EPSS

Exploits0References3

ATTACKERKB•added 2026/02/03 2:49 p.m.•1 views

CVE-2020-37098

8.5CVSS6AI score0.00119EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/02/03 2:49 p.m.•3 views

CVE-2020-37098 Disk Sorter Enterprise 12.4.16 - Unquoted Service Path

8.5CVSS6AI score0.00119EPSS

Exploits0References3

EUVD•added 2026/02/03 2:49 p.m.•3 views

EUVD-2020-30978

8.5CVSS6AI score0.00119EPSS

Exploits0References3

CNNVD•added 2026/02/03 12:0 a.m.•7 views

Flexense Disk Sorter Enterprise 代码问题漏洞

Flexense Disk Sorter Enterprise is a file management and disk space analysis software developed by Flexense Corporation. Version 12.4.16 of Flexense Disk Sorter Enterprise contains a code vulnerability. This vulnerability stems from a service path vulnerability in service configurations that lack...

8.5CVSS6.2AI score0.00119EPSS

Exploits0References3

CNNVD•added 2026/02/03 12:0 a.m.•4 views

Flexense Disk Savvy Enterprise 代码问题漏洞

Flexense Disk Savvy Enterprise is a hard drive space analysis tool provided by Flexense Corporation. Version 12.3.18 of Flexense Disk Savvy Enterprise contains a code vulnerability. This vulnerability stems from a service path vulnerability in service configurations that lacks quotes. Attackers c...

8.5CVSS5.9AI score0.00119EPSS

Exploits0References3

Positive Technologies•added 2026/02/03 12:0 a.m.•3 views

PT-2026-5847

8.5CVSS6AI score0.00119EPSS

Exploits0References3

Positive Technologies•added 2026/02/03 12:0 a.m.•5 views

PT-2026-5848

Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:Program FilesDisk Savvy Enterprisebindisksvs.exe' to inject malicious...

8.5CVSS5.9AI score0.00119EPSS

Exploits0References3

Microsoft Secure•added 2026/02/02 9:4 p.m.•14 views

Infostealers without borders: macOS, Python stealers, and platform abuse

Infostealer threats are rapidly expanding beyond traditional Windows-focused campaigns, increasingly targeting macOS environments, leveraging cross-platform languages such as Python, and abusing trusted platforms and utilities to silently deliver credential-stealing malware at scale. Since late...

6.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by