Common Vulnerabilities and Exposures (CVE)

CVE-2025-57796

Jan 28, 2026 17:49:50 UTC

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offl...

CVE-2025-57795

Jan 28, 2026 17:49:34 UTC

Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service component. In default configurations, this flaw can be leveraged to achieve remote code execution.

CVE-2025-33237

Jan 28, 2026 17:49:02 UTC

NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service.

CVE-2025-33220

Jan 28, 2026 17:48:40 UTC

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation ...

CVE-2025-33219

Jan 28, 2026 17:48:07 UTC

NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of pri...

CVE-2025-33218

Jan 28, 2026 17:47:25 UTC

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, escalation o...

CVE-2025-33217

Jan 28, 2026 17:46:41 UTC

NVIDIA Display Driver for Windows contains a vulnerability where an attacker could trigger a use after free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of servic...

CVE-2025-71000

Jan 28, 2026 17:46:41 UTC

An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2025-7195

Jan 28, 2026 17:42:31 UTC

Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/pass...

CVE-2020-36973

Jan 28, 2026 17:35:12 UTC

PDW File Browser 1.3 contains a remote code execution vulnerability that allows authenticated users to upload and rename webshell files to arbitrary web server locations. Attackers can upload a .txt webshell, rename it to .php, and move it ...

CVE-2020-36972

Jan 28, 2026 17:35:11 UTC

SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'id_post' parameter of the details controller that allows attackers to extract database information. Attackers can systematically test and retrieve database contents by inj...

CVE-2020-36971

Jan 28, 2026 17:35:11 UTC

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on ...

CVE-2020-36970

Jan 28, 2026 17:35:11 UTC

PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive file...

CVE-2020-36969

Jan 28, 2026 17:35:10 UTC

M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a c...

CVE-2020-36968

Jan 28, 2026 17:35:10 UTC

M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/...