Export limit exceeded: 364021 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364021 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364021 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-28463 | 2 Fedoraproject, Reportlab | 2 Fedora, Reportlab | 2024-11-21 | 6.5 Medium |
| All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes & trustedHosts (see in Reportlab's documentation) Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos -> odyssey -> dodyssey 3. In the text file odyssey.txt that needs to be converted to pdf inject <img src="http://127.0.0.1:5000" valign="top"/> 4. Create a nc listener nc -lp 5000 5. Run python3 dodyssey.py 6. You will get a hit on your nc showing we have successfully proceded to send a server side request 7. dodyssey.py will show error since there is no img file on the url, but we are able to do SSRF | ||||
| CVE-2020-28462 | 1 Ion-parser Project | 1 Ion-parser | 2024-11-21 | 7.3 High |
| This affects all versions of package ion-parser. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context. | ||||
| CVE-2020-28461 | 1 Js-ini Project | 1 Js-ini | 2024-11-21 | 7.3 High |
| This affects the package js-ini before 1.3.0. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context. | ||||
| CVE-2020-28460 | 1 Multi-ini Project | 1 Multi-ini | 2024-11-21 | 5.6 Medium |
| This affects the package multi-ini before 2.1.2. It is possible to pollute an object's prototype by specifying the constructor.proto object as part of an array. This is a bypass of CVE-2020-28448. | ||||
| CVE-2020-28459 | 1 Markdown-it-decorate Project | 1 Markdown-it-decorate | 2024-11-21 | 7.3 High |
| This affects all versions of package markdown-it-decorate. An attacker can add an event handler or use javascript:xxx for the link. | ||||
| CVE-2020-28458 | 2 Datatables, Redhat | 3 Datatables.net, Rhev Hypervisor, Rhev Manager | 2024-11-21 | 7.3 High |
| All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. | ||||
| CVE-2020-28457 | 1 S-cart | 1 S-cart | 2024-11-21 | 7.2 High |
| This affects the package s-cart/core before 4.4. The search functionality of the admin dashboard in core/src/Admin/Controllers/AdminOrderController.phpindex is vulnerable to XSS. | ||||
| CVE-2020-28456 | 1 S-cart | 1 S-cart | 2024-11-21 | 7.3 High |
| The package s-cart/core before 4.4 are vulnerable to Cross-site Scripting (XSS) via the admin panel. | ||||
| CVE-2020-28455 | 1 Markdown-it-toc Project | 1 Markdown-it-toc | 2024-11-21 | 7.3 High |
| This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped. | ||||
| CVE-2020-28453 | 1 Npos-tesseract Project | 1 Npos-tesseract | 2024-11-21 | 9.4 Critical |
| This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js. | ||||
| CVE-2020-28452 | 1 Softwaremill | 1 Akka-http-session | 2024-11-21 | 6.3 Medium |
| This affects the package com.softwaremill.akka-http-session:core_2.12 from 0 and before 0.6.1; all versions of package com.softwaremill.akka-http-session:core_2.11; the package com.softwaremill.akka-http-session:core_2.13 from 0 and before 0.6.1. CSRF protection can be bypassed by forging a request that contains the same value for both the X-XSRF-TOKEN header and the XSRF-TOKEN cookie value, as the check in randomTokenCsrfProtection only checks that the two values are equal and non-empty. | ||||
| CVE-2020-28451 | 1 Image-tiler Project | 1 Image-tiler | 2024-11-21 | 9.8 Critical |
| This affects the package image-tiler before 2.0.2. | ||||
| CVE-2020-28450 | 1 Decal Project | 1 Decal | 2024-11-21 | 8.6 High |
| This affects all versions of package decal. The vulnerability is in the extend function. | ||||
| CVE-2020-28449 | 1 Decal Project | 1 Decal | 2024-11-21 | 8.6 High |
| This affects all versions of package decal. The vulnerability is in the set function. | ||||
| CVE-2020-28448 | 1 Multi-ini Project | 1 Multi-ini | 2024-11-21 | 5.6 Medium |
| This affects the package multi-ini before 2.1.1. It is possible to pollute an object's prototype by specifying the proto object as part of an array. | ||||
| CVE-2020-28447 | 1 Xopen Project | 1 Xopen | 2024-11-21 | 9.8 Critical |
| This affects all versions of package xopen. The injection point is located in line 14 in index.js in the exported function xopen(filepath) | ||||
| CVE-2020-28446 | 1 Ntesseract Project | 1 Ntesseract | 2024-11-21 | 9.8 Critical |
| The package ntesseract before 0.2.9 are vulnerable to Command Injection via lib/tesseract.js. | ||||
| CVE-2020-28445 | 1 Npm-help Project | 1 Npm-help | 2024-11-21 | 9.8 Critical |
| This affects all versions of package npm-help. The injection point is located in line 13 in index.js file in export.latestVersion() function. | ||||
| CVE-2020-28443 | 1 Sonar-wrapper Project | 1 Sonar-wrapper | 2024-11-21 | 9.8 Critical |
| This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js. | ||||
| CVE-2020-28442 | 1 Js-data | 1 Js-data | 2024-11-21 | 7.5 High |
| All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn function. | ||||