Export limit exceeded: 364866 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364866 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36624 | 1 Texthelpers Project | 1 Texthelpers | 2024-11-21 | 6.3 Medium |
| A vulnerability was found in ahorner text-helpers up to 1.0.x. It has been declared as critical. This vulnerability affects unknown code of the file lib/text_helpers/translation.rb. The manipulation of the argument link leads to use of web link to untrusted target with window.opener access. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The name of the patch is 184b60ded0e43c985788582aca2d1e746f9405a3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216520. | ||||
| CVE-2020-36615 | 1 Apple | 1 Macos | 2024-11-21 | 7.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution. | ||||
| CVE-2020-36601 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 High |
| Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot. | ||||
| CVE-2020-36600 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 High |
| Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart. | ||||
| CVE-2020-36599 | 1 Omniauth | 1 Omniauth | 2024-11-21 | 9.8 Critical |
| lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and before 2.0) does not escape the message_key value. | ||||
| CVE-2020-36558 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Rhel Eus and 2 more | 2024-11-21 | 5.1 Medium |
| A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. | ||||
| CVE-2020-36557 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 5.1 Medium |
| A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. | ||||
| CVE-2020-36553 | 1 Multi Restaurant Table Reservation System Project | 1 Multi Restaurant Table Reservation System | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Area(food_type) field to /dashboard/menu-list.php. | ||||
| CVE-2020-36552 | 1 Multi Restaurant Table Reservation System Project | 1 Multi Restaurant Table Reservation System | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Made field to /dashboard/menu-list.php. | ||||
| CVE-2020-36551 | 1 Multi Restaurant Table Reservation System Project | 1 Multi Restaurant Table Reservation System | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Item Name field to /dashboard/menu-list.php. | ||||
| CVE-2020-36550 | 1 Multi Restaurant Table Reservation System Project | 1 Multi Restaurant Table Reservation System | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php. | ||||
| CVE-2020-36519 | 1 Mimecast | 1 Email Security | 2024-11-21 | 4.9 Medium |
| Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. (The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs.) | ||||
| CVE-2020-36517 | 1 Home-assistant | 1 Home-assistant | 2024-11-21 | 7.5 High |
| An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS resolver configuration. | ||||
| CVE-2020-36516 | 3 Linux, Netapp, Redhat | 32 Linux Kernel, Bootstrap Os, Cloud Volumes Ontap Mediator and 29 more | 2024-11-21 | 5.9 Medium |
| An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. | ||||
| CVE-2020-36514 | 1 Acc Reader Project | 1 Acc Reader | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. fill_buf may read from uninitialized memory locations. | ||||
| CVE-2020-36513 | 1 Acc Reader Project | 1 Acc Reader | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. read_up_to may read from uninitialized memory locations. | ||||
| CVE-2020-36512 | 1 Buffoon Project | 1 Buffoon | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the buffoon crate through 2020-12-31 for Rust. InputStream::read_exact may read from uninitialized memory locations. | ||||
| CVE-2020-36511 | 1 Bite Project | 1 Bite | 2024-11-21 | 7.5 High |
| An issue was discovered in the bite crate through 2020-12-31 for Rust. read::BiteReadExpandedExt::read_framed_max may read from uninitialized memory locations. | ||||
| CVE-2020-36510 | 1 Codetipi | 1 15zine | 2024-11-21 | 6.1 Medium |
| The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting | ||||
| CVE-2020-36505 | 1 Delete All Comments Easily Project | 1 Delete All Comments Easily | 2024-11-21 | 6.5 Medium |
| The Delete All Comments Easily WordPress plugin through 1.3 is lacking Cross-Site Request Forgery (CSRF) checks, which could result in an unauthenticated attacker making a logged in admin delete all comments from the blog. | ||||