CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12605 matches found

CVE•added 2026/02/06 5:56 p.m.•10 views

CVE-2026-24776

OpenProject prior to 17.0.2 vulnerable to a logic flaw in the drag-and-drop handler for agenda items. The target meeting section was not validated to belong to the same meeting (or backlog in recurring meetings), enabling an attacker to move an agenda item to a different meeting, causing confusio...

4.3CVSS5.6AI score0.0019EPSS

Exploits0References2Affected Software1

CVE•added 2026/02/05 4:13 p.m.•9 views

CVE-2020-37139

CVE-2020-37139 affects Odin Secure FTP Expert 7.6.3. The issue is a local denial-of-service vulnerability caused by a buffer overflow triggered by pasting 108 bytes of repeated characters into site information/connection fields, which crashes the application. Multiple connected sources corroborat...

8.4CVSS5.7AI score0.00184EPSS

Exploits0References3

RedHat Linux•added 2026/02/05 2:43 p.m.•6 views

netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

A flaw was found in Netty netty-codec-http. This vulnerability allows request smuggling via CRLF Carriage Return Line Feed injection with the request URI when constructing a request...

6.5CVSS5.7AI score0.00292EPSS

Exploits1References5

CNNVD•added 2026/02/05 12:0 a.m.•8 views

Wing FTP Server 代码问题漏洞

Wing FTP Server is an open-source, cross-platform FTP server software developed by Wing FTP Server. Version 6.0.7 of Wing FTP Server has a code vulnerability caused by an unquoted service path. This vulnerability could allow local attackers to execute arbitrary code and gain system privileges...

8.5CVSS7.7AI score0.00222EPSS

Exploits1References3

CNNVD•added 2026/02/05 12:0 a.m.•6 views

Odin Secure FTP Expert 安全漏洞

Odin Secure FTP Expert is an FTP client software developed by Odin Secure Corporation. Version 7.6.3 of Odin Secure FTP Expert contains a security vulnerability, which stems from improper handling of site information fields, potentially leading to application crashes...

8.4CVSS5.7AI score0.00184EPSS

Exploits0References3

Cvelist•added 2026/02/04 11:15 p.m.•29 views

CVE-2019-25267 Wing FTP Server 6.0.7 - Unquoted Service Path

Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launche...

8.5CVSS0.00222EPSS

Exploits1References3

OSV•added 2026/02/04 5:16 p.m.•4 views

UBUNTU-CVE-2026-23055

In the Linux kernel, the following vulnerability has been resolved: i2c: riic: Move suspend handling to NOIRQ phase Commit 53326135d0e0 "i2c: riic: Add suspend/resume support" added suspend support for the Renesas I2C driver and following this change on RZ/G3E the following WARNING is seen on...

5.6AI score0.00166EPSS

Exploits0References6

ATTACKERKB•added 2026/02/04 4:47 p.m.•5 views

CVE-2026-25055

n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those...

7.1CVSS6.4AI score0.01713EPSS

Exploits0References2Affected Software1

CVE•added 2026/02/04 4:7 p.m.•13 views

CVE-2026-23058

CVE-2026-23058 relates to a memory-leak in the Linux kernel can: ems_usb path. The description across sources states that URBs used for USB-in transfers are anchored in ems_usb_open() and submitted, but the USB framework can unanchor URBs before the complete callback, causing URBs to be released ...

5.2AI score0.00173EPSS

Exploits0References7

NVD•added 2026/02/03 11:16 p.m.•10 views

CVE-2020-37087

Easy Transfer Wifi Transfer v1.7 for iOS contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious scripts by manipulating the oldPath, newPath, and path parameters in Create Folder and Move/Edit functions. Attackers can exploit improper input...

5.1CVSS0.00342EPSS

Exploits0References4

NVD•added 2026/02/03 10:16 p.m.•7 views

CVE-2020-37086

Easy Transfer 1.7 iOS mobile application contains a directory traversal vulnerability that allows remote attackers to access unauthorized file system paths without authentication. Attackers can exploit the vulnerability by manipulating path parameters in GET and POST requests to list or download...

6.9CVSS0.00499EPSS

Exploits0References4

OSV•added 2026/02/03 10:16 p.m.•4 views

CVE-2020-37069

Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the NLST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code...

9.8CVSS6.2AI score0.00575EPSS

Exploits1References4

OSV•added 2026/02/03 10:16 p.m.•4 views

CVE-2020-37068

Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the LIST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code...

9.8CVSS6.2AI score0.00575EPSS

Exploits1References4

NVD•added 2026/02/03 10:16 p.m.•3 views

CVE-2020-37069

9.8CVSS0.00575EPSS

Exploits1References4

Cvelist•added 2026/02/03 10:9 p.m.•28 views

CVE-2020-37087 Easy Transfer 1.7 for iOS - Persistent Cross-Site Scripting

5.1CVSS0.00342EPSS

Exploits0References4

CVE•added 2026/02/03 10:1 p.m.•12 views

CVE-2020-37086

CVE-2020-37086 affects Easy Transfer 1.7 for iOS. A directory-traversal vulnerability allows unauthenticated attackers to access unauthorized file-system paths by manipulating path parameters in GET/POST requests, enabling listing/downloading sensitive files and injecting scripts into application...

6.9CVSS5.5AI score0.00499EPSS

Exploits0References4