Export limit exceeded: 364328 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364328 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-8785 | 1 Salesagility | 1 Suitecrm | 2024-11-21 | 9.8 Critical |
| SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection (issue 3 of 4). | ||||
| CVE-2020-8784 | 1 Salesagility | 1 Suitecrm | 2024-11-21 | 9.8 Critical |
| SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection (issue 2 of 4). | ||||
| CVE-2020-8783 | 1 Salesagility | 1 Suitecrm | 2024-11-21 | 9.8 Critical |
| SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection (issue 1 of 4). | ||||
| CVE-2020-8782 | 1 Sierrawireless | 14 Airlink Es440, Airlink Es450, Airlink Gx400 and 11 more | 2024-11-21 | 7.5 High |
| Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution. | ||||
| CVE-2020-8781 | 1 Sierrawireless | 14 Airlink Es440, Airlink Es450, Airlink Gx400 and 11 more | 2024-11-21 | 7.8 High |
| Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privilege process. | ||||
| CVE-2020-8778 | 1 Alfresco | 1 Alfresco | 2024-11-21 | 5.4 Medium |
| Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project. | ||||
| CVE-2020-8777 | 1 Alfresco | 1 Alfresco | 2024-11-21 | 5.4 Medium |
| Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document. | ||||
| CVE-2020-8776 | 1 Alfresco | 1 Alfresco | 2024-11-21 | 5.4 Medium |
| Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file. | ||||
| CVE-2020-8775 | 1 Pega | 1 Platform | 2024-11-21 | 8.9 High |
| Pega Platform before version 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the comment tags. | ||||
| CVE-2020-8774 | 1 Pega | 1 Pega Platform | 2024-11-21 | 8.8 High |
| Pega Platform before version 8.2.6 is affected by a Reflected Cross-Site Scripting vulnerability in the "ActionStringID" function. | ||||
| CVE-2020-8773 | 1 Pega | 1 Platform | 2024-11-21 | 8.9 High |
| The Richtext Editor in Pega Platform before 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability. | ||||
| CVE-2020-8772 | 1 Revmakx | 1 Infinitewp Client | 2024-11-21 | 9.8 Critical |
| The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php. Any attacker who knows the username of an administrator can log in. | ||||
| CVE-2020-8771 | 1 Wptimecapsule | 1 Wp Time Capsule | 2024-11-21 | 9.8 Critical |
| The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts. | ||||
| CVE-2020-8768 | 1 Phoenixcontact | 4 Ilc 2050 Bi, Ilc 2050 Bi-l, Ilc 2050 Bi-l Firmware and 1 more | 2024-11-21 | 9.4 Critical |
| An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L before 1.2.3 devices. There is an insecure mechanism for read and write access to the configuration of the device. The mechanism can be discovered by examining a link on the website of the device. | ||||
| CVE-2020-8767 | 1 Intel | 1 Quartus Prime | 2024-11-21 | 5.5 Medium |
| Uncaught exception in the Intel(R) 50GbE IP Core for Intel(R) Quartus Prime before version 20.2 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2020-8766 | 1 Intel | 1 Software Guard Extensions Data Center Attestation Primitives | 2024-11-21 | 6.5 Medium |
| Improper conditions check in the Intel(R) SGX DCAP software before version 1.6 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2020-8765 | 1 Intel | 4 Realsense Camera F200, Realsense Camera R200, Realsense Camera Sr300 and 1 more | 2024-11-21 | 6.7 Medium |
| Incorrect default permissions in the installer for the Intel(R) RealSense(TM) DCM may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-8764 | 2 Intel, Netapp | 337 Bios, Core I5-7640x, Core I7-3820 and 334 more | 2024-11-21 | 6.7 Medium |
| Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-8763 | 2 Intel, Microsoft | 4 Realsense D415 Firmware, Realsense D435 Firmware, Realsense D435i Firmware and 1 more | 2024-11-21 | 7.8 High |
| Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-8761 | 1 Intel | 1 Converged Security And Manageability Engine | 2024-11-21 | 4.6 Medium |
| Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access. | ||||