Export limit exceeded: 364578 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364578 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-9576 | 1 Magento | 1 Magento | 2024-11-21 | 9.8 Critical |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9575 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-9574 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-9573 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9572 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9571 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9570 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-9558 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 3.3 Low |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2020-9557 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 5.5 Medium |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2020-9553 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 3.3 Low |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2020-9552 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 7.8 High |
| Adobe Bridge versions 10.0 have a heap-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9551 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 7.8 High |
| Adobe Bridge versions 10.0 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9550 | 1 Rubetek | 2 Smarthome, Smarthome Firmware | 2024-11-21 | 9.8 Critical |
| Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons, allowing an attacker to sniff and spoof beacon requests remotely. | ||||
| CVE-2020-9549 | 2 Debian, Pdfresurrect Project | 2 Debian Linux, Pdfresurrect | 2024-11-21 | 7.8 High |
| In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. | ||||
| CVE-2020-9548 | 5 Debian, Fasterxml, Netapp and 2 more | 36 Debian Linux, Jackson-databind, Active Iq Unified Manager and 33 more | 2024-11-21 | 9.8 Critical |
| FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). | ||||
| CVE-2020-9547 | 5 Debian, Fasterxml, Netapp and 2 more | 28 Debian Linux, Jackson-databind, Active Iq Unified Manager and 25 more | 2024-11-21 | 9.8 Critical |
| FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). | ||||
| CVE-2020-9546 | 5 Debian, Fasterxml, Netapp and 2 more | 42 Debian Linux, Jackson-databind, Active Iq Unified Manager and 39 more | 2024-11-21 | 9.8 Critical |
| FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). | ||||
| CVE-2020-9545 | 1 Palemoon | 1 Pale Moon | 2024-11-21 | 7.5 High |
| Pale Moon 28.x before 28.8.4 has a segmentation fault related to module scripting, as demonstrated by a Lacoste web site. | ||||
| CVE-2020-9544 | 1 D-link | 2 Dsl-2640b, Dsl-2640b Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn't perform authentication checks for a firmware-update POST request. Any attacker that can access the administrative interface can install firmware of their choice. | ||||
| CVE-2020-9543 | 2 Openstack, Redhat | 2 Manila, Openstack | 2024-11-21 | 8.3 High |
| OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks. | ||||