{
"Source": "CVE FEED",
"Title": "CVE-2026-22764 - Dell OpenManage Network Integration Improper Authentication Information Exposure",
"Content": "CVE ID : CVE-2026-22764
Published : Jan. 29, 2026, 10:56 a.m. | 31 minutes ago
Description : Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-22764 - Dell OpenManage Network Integration Improper Authentication Information Exposure",
"Content": "CVE ID : CVE-2026-22764
Published : Jan. 29, 2026, 10:56 a.m. | 31 minutes ago
Description : Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-1586 - Open5GS SGWC s11-handler.c ogs_gtp2_f_teid_to_ip denial of service",
"Content": "CVE ID : CVE-2026-1586
Published : Jan. 29, 2026, 1:15 p.m. | 14 minutes ago
Description : A flaw has been found in Open5GS up to 2.7.5. Impacted is the function ogs_gtp2_f_teid_to_ip of the file /sgwc/s11-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been published and may be used. It is advisable to implement a patch to correct this issue. The issue report is flagged as already-fixed.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-1586 - Open5GS SGWC s11-handler.c ogs_gtp2_f_teid_to_ip denial of service",
"Content": "CVE ID : CVE-2026-1586
Published : Jan. 29, 2026, 1:15 p.m. | 14 minutes ago
Description : A flaw has been found in Open5GS up to 2.7.5. Impacted is the function ogs_gtp2_f_teid_to_ip of the file /sgwc/s11-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been published and may be used. It is advisable to implement a patch to correct this issue. The issue report is flagged as already-fixed.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-1587 - Open5GS SGWC s11-handler.c sgwc_s11_handle_modify_bearer_request denial of service",
"Content": "CVE ID : CVE-2026-1587
Published : Jan. 29, 2026, 1:15 p.m. | 14 minutes ago
Description : A vulnerability has been found in Open5GS up to 2.7.6. The affected element is the function sgwc_s11_handle_modify_bearer_request of the file /sgwc/s11-handler.c of the component SGWC. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Applying a patch is the recommended action to fix this issue. The issue report is flagged as already-fixed.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-1587 - Open5GS SGWC s11-handler.c sgwc_s11_handle_modify_bearer_request denial of service",
"Content": "CVE ID : CVE-2026-1587
Published : Jan. 29, 2026, 1:15 p.m. | 14 minutes ago
Description : A vulnerability has been found in Open5GS up to 2.7.6. The affected element is the function sgwc_s11_handle_modify_bearer_request of the file /sgwc/s11-handler.c of the component SGWC. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Applying a patch is the recommended action to fix this issue. The issue report is flagged as already-fixed.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7015 - Session Hijacking in Akinsoft's QR Menu",
"Content": "CVE ID : CVE-2025-7015
Published : Jan. 29, 2026, 12:16 p.m. | 1 hour, 13 minutes ago
Description : Session Fixation vulnerability in Akฤฑn Software Computer Import Export Industry and Trade Ltd. QR Menu allows Session Fixation.This issue affects QR Menu: before s1.05.12.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7015 - Session Hijacking in Akinsoft's QR Menu",
"Content": "CVE ID : CVE-2025-7015
Published : Jan. 29, 2026, 12:16 p.m. | 1 hour, 13 minutes ago
Description : Session Fixation vulnerability in Akฤฑn Software Computer Import Export Industry and Trade Ltd. QR Menu allows Session Fixation.This issue affects QR Menu: before s1.05.12.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7016 - Improper Access Control in Akinsoft's QR Menu",
"Content": "CVE ID : CVE-2025-7016
Published : Jan. 29, 2026, 12:16 p.m. | 1 hour, 13 minutes ago
Description : Improper Access Control vulnerability in Akฤฑn Software Computer Import Export Industry and Trade Ltd. QR Menu allows Authentication Abuse.This issue affects QR Menu: before s1.05.12.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7016 - Improper Access Control in Akinsoft's QR Menu",
"Content": "CVE ID : CVE-2025-7016
Published : Jan. 29, 2026, 12:16 p.m. | 1 hour, 13 minutes ago
Description : Improper Access Control vulnerability in Akฤฑn Software Computer Import Export Industry and Trade Ltd. QR Menu allows Authentication Abuse.This issue affects QR Menu: before s1.05.12.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-1469 - Stored Cross-Site Scripting (XSS) in RLE NOVA's PlanManager",
"Content": "CVE ID : CVE-2026-1469
Published : Jan. 29, 2026, 12:16 p.m. | 1 hour, 13 minutes ago
Description : Stored Cross-Site Scripting (XSS) in RLE NOVA's PlanManager. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting malicious payload through the โcommentโ and โbrandโ parameters in โ/index.phpโ. The payload is stored by the application and subsequently displayed without proper sanitization when other users access it. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-1469 - Stored Cross-Site Scripting (XSS) in RLE NOVA's PlanManager",
"Content": "CVE ID : CVE-2026-1469
Published : Jan. 29, 2026, 12:16 p.m. | 1 hour, 13 minutes ago
Description : Stored Cross-Site Scripting (XSS) in RLE NOVA's PlanManager. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting malicious payload through the โcommentโ and โbrandโ parameters in โ/index.phpโ. The payload is stored by the application and subsequently displayed without proper sanitization when other users access it. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-13905 - Apache Service Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-13905
Published : Jan. 29, 2026, 3:20 p.m. | 9 minutes ago
Description : CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-13905 - Apache Service Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-13905
Published : Jan. 29, 2026, 3:20 p.m. | 9 minutes ago
Description : CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-1594 - itsourcecode Society Management System add_expenses.php sql injection",
"Content": "CVE ID : CVE-2026-1594
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : A security vulnerability has been detected in itsourcecode Society Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/add_expenses.php. The manipulation of the argument detail leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-1594 - itsourcecode Society Management System add_expenses.php sql injection",
"Content": "CVE ID : CVE-2026-1594
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : A security vulnerability has been detected in itsourcecode Society Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/add_expenses.php. The manipulation of the argument detail leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-1589 - itsourcecode School Management System index.php sql injection",
"Content": "CVE ID : CVE-2026-1589
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/inquiry/index.php. This manipulation of the argument txtsearch causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-1589 - itsourcecode School Management System index.php sql injection",
"Content": "CVE ID : CVE-2026-1589
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/inquiry/index.php. This manipulation of the argument txtsearch causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-1590 - itsourcecode School Management System index.php sql injection",
"Content": "CVE ID : CVE-2026-1590
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : A vulnerability was identified in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/faculty/index.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-1590 - itsourcecode School Management System index.php sql injection",
"Content": "CVE ID : CVE-2026-1590
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : A vulnerability was identified in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/faculty/index.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-1593 - itsourcecode Society Management System edit_expenses_query.php sql injection",
"Content": "CVE ID : CVE-2026-1593
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit_expenses_query.php. Executing a manipulation of the argument detail can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-1593 - itsourcecode Society Management System edit_expenses_query.php sql injection",
"Content": "CVE ID : CVE-2026-1593
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit_expenses_query.php. Executing a manipulation of the argument detail can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7713 - Reflected XSS in Global Medya's PHP CMS",
"Content": "CVE ID : CVE-2025-7713
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows XSS Through HTTP Headers.This issue affects Content Management System (CMS): through 21072025.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7713 - Reflected XSS in Global Medya's PHP CMS",
"Content": "CVE ID : CVE-2025-7713
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows XSS Through HTTP Headers.This issue affects Content Management System (CMS): through 21072025.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7714 - Time Based SQLi in Global Medya's PHP CMS",
"Content": "CVE ID : CVE-2025-7714
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows Command Line Execution through SQL Injection.This issue affects Content Management System (CMS): through 21072025.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7714 - Time Based SQLi in Global Medya's PHP CMS",
"Content": "CVE ID : CVE-2025-7714
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows Command Line Execution through SQL Injection.This issue affects Content Management System (CMS): through 21072025.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-71008 - OneFlow Denial of Service (DoS) Vulnerability",
"Content": "CVE ID : CVE-2025-71008
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : A segmentation violation in the oneflow._oneflow_internal.autograd.Function.FunctionCtx.mark_non_differentiable component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-71008 - OneFlow Denial of Service (DoS) Vulnerability",
"Content": "CVE ID : CVE-2025-71008
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : A segmentation violation in the oneflow._oneflow_internal.autograd.Function.FunctionCtx.mark_non_differentiable component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-71009 - OneFlow Flow.scatter/flow.scatter_add Input Validation Denial of Service",
"Content": "CVE ID : CVE-2025-71009
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : An input validation vulnerability in the flow.scatter/flow.scatter_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted indices.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-71009 - OneFlow Flow.scatter/flow.scatter_add Input Validation Denial of Service",
"Content": "CVE ID : CVE-2025-71009
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : An input validation vulnerability in the flow.scatter/flow.scatter_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted indices.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2020-37018 - GOautodial 4.0 - Persistent Cross-Site Scripting",
"Content": "CVE ID : CVE-2020-37018
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : GOautodial 4.0 contains a persistent cross-site scripting vulnerability that allows authenticated agents to inject malicious scripts through message subjects. Attackers can craft messages with embedded JavaScript that will execute when an administrator reads the message, potentially stealing session cookies or executing client-side attacks.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2020-37018 - GOautodial 4.0 - Persistent Cross-Site Scripting",
"Content": "CVE ID : CVE-2020-37018
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : GOautodial 4.0 contains a persistent cross-site scripting vulnerability that allows authenticated agents to inject malicious scripts through message subjects. Attackers can craft messages with embedded JavaScript that will execute when an administrator reads the message, potentially stealing session cookies or executing client-side attacks.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2020-37020 - SonarQube 8.3.1 - Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37020
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges during service restart.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2020-37020 - SonarQube 8.3.1 - Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37020
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges during service restart.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2020-37021 - Bandwidth Monitor 3.9 - 'Svc10StrikeBandMontitor' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37021
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : 10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2020-37021 - Bandwidth Monitor 3.9 - 'Svc10StrikeBandMontitor' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37021
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : 10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2020-37016 - BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37016
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with elevated privileges during system startup. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will run with LocalSystem privileges.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2020-37016 - BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37016
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with elevated privileges during system startup. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will run with LocalSystem privileges.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2020-37017 - CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37017
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CodeMeter Runtime Server service to inject malicious code that would execute with LocalSystem permissions.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2020-37017 - CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path",
"Content": "CVE ID : CVE-2020-37017
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CodeMeter Runtime Server service to inject malicious code that would execute with LocalSystem permissions.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2020-37010 - BearShare Lite 5.2.5 - 'Advanced Search'Buffer Overflow in (PoC)",
"Content": "CVE ID : CVE-2020-37010
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : BearShare Lite 5.2.5 contains a buffer overflow vulnerability in the Advanced Search keywords input that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite the EIP register and execute shellcode by pasting malicious content into the search keywords field.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2020-37010 - BearShare Lite 5.2.5 - 'Advanced Search'Buffer Overflow in (PoC)",
"Content": "CVE ID : CVE-2020-37010
Published : Jan. 29, 2026, 3:16 p.m. | 14 minutes ago
Description : BearShare Lite 5.2.5 contains a buffer overflow vulnerability in the Advanced Search keywords input that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite the EIP register and execute shellcode by pasting malicious content into the search keywords field.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Jan 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น