CVSS: 9.9EPSS: %CPEs: 1EXPL: 0CVE-2025-57795 – Unauthenticated Remote File Download in Explorance Blue
https://notcve.org/view.php?id=CVE-2025-57795
28 Jan 2026 — Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service component. In default configurations, this flaw can be leveraged to achieve remote code execution. • https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0004.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.7EPSS: %CPEs: 1EXPL: 1CVE-2020-36973 – PDW File Browser 1.3 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-36973
28 Jan 2026 — PDW File Browser 1.3 contains a remote code execution vulnerability that allows authenticated users to upload and rename webshell files to arbitrary web server locations. • https://www.vulncheck.com/advisories/pdw-file-browser-remote-code-execution • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.4EPSS: %CPEs: 1EXPL: 1CVE-2020-36971 – Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2020-36971
28 Jan 2026 — Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system. • https://nidesoft-3gp-video-converter.software.informer.com/2.6 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: %CPEs: 1EXPL: 1CVE-2020-36967 – Zortam Mp3 Media Studio 27.60 - Remote Code Execution (SEH)
https://notcve.org/view.php?id=CVE-2020-36967
28 Jan 2026 — Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler (SEH) overwrite and execute arbitrary commands on the target system. • https://www.vulncheck.com/advisories/zortam-mp-media-studio-remote-code-execution-seh • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.4EPSS: %CPEs: 1EXPL: 1CVE-2020-36965 – docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)
https://notcve.org/view.php?id=CVE-2020-36965
28 Jan 2026 — docPrint Pro 8.0 contains a local buffer overflow vulnerability in the 'Add URL' input field that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload that triggers a structured exception handler (SEH) overwrite to execute shellcode and gain remote system access. • http://www.verypdf.com • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: %CPEs: 1EXPL: 1CVE-2020-36961 – 10-Strike Network Inventory Explorer 8.65 - Buffer Overflow (SEH)
https://notcve.org/view.php?id=CVE-2020-36961
28 Jan 2026 — 10-Strike Network Inventory Explorer 8.65 contains a buffer overflow vulnerability in exception handling that allows remote attackers to execute arbitrary code. Attackers can craft a malicious file with 209 bytes of padding and a specially constructed Structured Exception Handler to trigger code execution. • https://www.10-strike.com • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.1EPSS: %CPEs: 1EXPL: 0CVE-2025-57794 – Unrestricted File Upload Vulnerability in Explorance Blue
https://notcve.org/view.php?id=CVE-2025-57794
28 Jan 2026 — This condition enables remote code execution under default configurations. • https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0003.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.5EPSS: %CPEs: 1EXPL: 1CVE-2020-36991 – ShareMouse 5.0.43 - 'ShareMouse Service' Unquoted Service Path
https://notcve.org/view.php?id=CVE-2020-36991
28 Jan 2026 — ShareMouse 5.0.43 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. • https://www.exploit-db.com/exploits/48794 • CWE-428: Unquoted Search Path or Element •
CVSS: 8.5EPSS: %CPEs: 1EXPL: 1CVE-2020-36989 – ForensiTAppxService 2.2.0.4 - 'ForensiTAppxService.exe' Unquoted Service Path
https://notcve.org/view.php?id=CVE-2020-36989
28 Jan 2026 — ForensiT AppX Management Service 2.2.0.4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account permissions during service startup. • https://www.exploit-db.com/exploits/48821 • CWE-428: Unquoted Search Path or Element •
CVSS: 8.5EPSS: %CPEs: 1EXPL: 1CVE-2020-36985 – IP Watcher v3.0.0.30 - 'PACService.exe' Unquoted Service Path
https://notcve.org/view.php?id=CVE-2020-36985
28 Jan 2026 — IP Watcher 3.0.0.30 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute arbitrary code. • https://www.exploit-db.com/exploits/48968 • CWE-428: Unquoted Search Path or Element •