Export limit exceeded: 364612 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364612 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-9570 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-9558 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 3.3 Low |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2020-9557 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 5.5 Medium |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2020-9553 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 3.3 Low |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2020-9552 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 7.8 High |
| Adobe Bridge versions 10.0 have a heap-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9551 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 7.8 High |
| Adobe Bridge versions 10.0 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9550 | 1 Rubetek | 2 Smarthome, Smarthome Firmware | 2024-11-21 | 9.8 Critical |
| Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons, allowing an attacker to sniff and spoof beacon requests remotely. | ||||
| CVE-2020-9549 | 2 Debian, Pdfresurrect Project | 2 Debian Linux, Pdfresurrect | 2024-11-21 | 7.8 High |
| In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. | ||||
| CVE-2020-9548 | 5 Debian, Fasterxml, Netapp and 2 more | 36 Debian Linux, Jackson-databind, Active Iq Unified Manager and 33 more | 2024-11-21 | 9.8 Critical |
| FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). | ||||
| CVE-2020-9547 | 5 Debian, Fasterxml, Netapp and 2 more | 28 Debian Linux, Jackson-databind, Active Iq Unified Manager and 25 more | 2024-11-21 | 9.8 Critical |
| FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). | ||||
| CVE-2020-9546 | 5 Debian, Fasterxml, Netapp and 2 more | 42 Debian Linux, Jackson-databind, Active Iq Unified Manager and 39 more | 2024-11-21 | 9.8 Critical |
| FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). | ||||
| CVE-2020-9545 | 1 Palemoon | 1 Pale Moon | 2024-11-21 | 7.5 High |
| Pale Moon 28.x before 28.8.4 has a segmentation fault related to module scripting, as demonstrated by a Lacoste web site. | ||||
| CVE-2020-9544 | 1 D-link | 2 Dsl-2640b, Dsl-2640b Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn't perform authentication checks for a firmware-update POST request. Any attacker that can access the administrative interface can install firmware of their choice. | ||||
| CVE-2020-9543 | 2 Openstack, Redhat | 2 Manila, Openstack | 2024-11-21 | 8.3 High |
| OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks. | ||||
| CVE-2020-9540 | 1 Sophos | 1 Hitmanpro.alert | 2024-11-21 | 7.8 High |
| Sophos HitmanPro.Alert before build 861 allows local elevation of privilege. | ||||
| CVE-2020-9535 | 1 Dlink | 2 Dir-615jx10, Dir-615jx10 Firmware | 2024-11-21 | 8.8 High |
| fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup_Wizard webpage parameter when f_radius_ip1 is malformed. | ||||
| CVE-2020-9534 | 1 Dlink | 2 Dir-615jx10, Dir-615jx10 Firmware | 2024-11-21 | 8.8 High |
| fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup webpage parameter when f_radius_ip1 is malformed. | ||||
| CVE-2020-9531 | 1 Mi | 2 Miui, Miui Firmware | 2024-11-21 | 7.3 High |
| An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(com.xiaomi.mipicks), the parameters passed in are read and executed. After reading the resource files, relevant components open the link of the incoming URL. Although the URL is safe and can pass security detection, the data carried in the parameters are loaded and executed. An attacker can use NFC tools to get close enough to a user's unlocked phone to cause apps to be installed and information to be leaked. This is fixed on version: 2001122. | ||||
| CVE-2020-9530 | 1 Mi | 1 Miui Firmware | 2024-11-21 | 6.5 Medium |
| An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. The export component of GetApps(com.xiaomi.mipicks) mishandles the functionality of opening other components. Attackers need to induce users to open specific web pages in a specific network environment. By jumping to the WebView component of Messaging(com.android.MMS) and loading malicious web pages, information leakage can occur. This is fixed on version: 2001122; 11.0.1.54. | ||||
| CVE-2020-9529 | 1 Hichip | 1 Shenzhen Hichip Vision Technology Firmware | 2024-11-21 | 9.8 Critical |
| Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from a privilege escalation vulnerability that allows attackers on the local network to reset the device's administrator password. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK. | ||||