Export limit exceeded: 363290 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363290 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-23876 | 1 Science-miner | 1 Pdf2xml | 2024-11-21 | 7.5 High |
| pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText. | ||||
| CVE-2020-23874 | 1 Science-miner | 1 Pdf2xml | 2024-11-21 | 9.8 Critical |
| pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::addAttributsNode. | ||||
| CVE-2020-23873 | 1 Science-miner | 1 Pdf2xml | 2024-11-21 | 9.8 Critical |
| pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump. | ||||
| CVE-2020-23872 | 1 Science-miner | 1 Pdf2xml | 2024-11-21 | 7.5 High |
| A NULL pointer dereference in the function TextPage::restoreState of pdf2xml v2.0 allows attackers to cause a denial of service (DoS). | ||||
| CVE-2020-23868 | 1 Nedi | 1 Nedi | 2024-11-21 | 5.4 Medium |
| NeDi 1.9C allows inc/rt-popup.php d XSS. | ||||
| CVE-2020-23864 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | 7.8 High |
| An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder. | ||||
| CVE-2020-23861 | 1 Gnu | 1 Libredwg | 2024-11-21 | 5.5 Medium |
| A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file. | ||||
| CVE-2020-23856 | 2 Fedoraproject, Gnu | 2 Fedora, Cflow | 2024-11-21 | 5.5 Medium |
| Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee. | ||||
| CVE-2020-23852 | 1 Rockcarry | 1 Ffjpeg | 2024-11-21 | 5.5 Medium |
| A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image. | ||||
| CVE-2020-23851 | 1 Rockcarry | 1 Ffjpeg | 2024-11-21 | 5.5 Medium |
| A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by submitting a malicious jpeg image. | ||||
| CVE-2020-23849 | 1 Jsoneditoronline | 1 Jsoneditor | 2024-11-21 | 6.1 Medium |
| Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executing JavaScript. | ||||
| CVE-2020-23839 | 1 Get-simple | 1 Getsimple Cms | 2024-11-21 | 6.1 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form. | ||||
| CVE-2020-23837 | 1 Multi User Project | 1 Multi User | 2024-11-21 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS allows remote attackers to add admin (or other) users after an authenticated admin visits a third-party site or clicks on a URL. | ||||
| CVE-2020-23836 | 1 Oswapp | 1 Warehouse Inventory System | 2024-11-21 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) vulnerability in edit_user.php in OSWAPP Warehouse Inventory System (aka OSWA-INV) through 2020-08-10 allows remote attackers to change the admin's password after an authenticated admin visits a third-party site. | ||||
| CVE-2020-23835 | 1 Tailor Management System Project | 1 Tailor Management System | 2024-11-21 | 6.4 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Tailor Management System v1.0 allows remote attackers to harvest keys pressed by an unauthenticated victim who clicks on a malicious URL and begins typing. | ||||
| CVE-2020-23834 | 1 Realtimelogic | 1 Barracudadrive | 2024-11-21 | 8.8 High |
| Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. When the computer next starts, the new bd.exe will be run as LocalSystem. | ||||
| CVE-2020-23833 | 1 Projectworlds | 1 House Rental | 2024-11-21 | 9.8 Critical |
| Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POST request. | ||||
| CVE-2020-23832 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2024-11-21 | 6.1 Medium |
| A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login. | ||||
| CVE-2020-23831 | 1 Stock Management System Project | 1 Stock Management System | 2024-11-21 | 6.4 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials. | ||||
| CVE-2020-23830 | 1 Stock Management System Project | 1 Stock Management System | 2024-11-21 | 7.1 High |
| A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site. | ||||