Export limit exceeded: 363163 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363163 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-23283 | 1 Mv | 1 Mconnect | 2024-11-21 | 7.5 High |
| Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force. | ||||
| CVE-2020-23282 | 1 Mv | 1 Mconnect | 2024-11-21 | 7.5 High |
| SQL injection in Logon Page in MV's mConnect application, v02.001.00, allows an attacker to use a non existing user with a generic password to connect to the application and get access to unauthorized information. | ||||
| CVE-2020-23273 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | 5.5 Medium |
| Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap. | ||||
| CVE-2020-23269 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file. | ||||
| CVE-2020-23267 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.1 High |
| An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file | ||||
| CVE-2020-23266 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| An issue was discovered in gpac 0.8.0. The OD_ReadUTF8String function in odf_code.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file. | ||||
| CVE-2020-23264 | 1 Fork-cms | 1 Fork Cms | 2024-11-21 | 8.8 High |
| Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators. | ||||
| CVE-2020-23263 | 1 Fork-cms | 1 Fork Cms | 2024-11-21 | 6.1 Medium |
| Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /private/en/pages/add. | ||||
| CVE-2020-23262 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 9.8 Critical |
| An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do. | ||||
| CVE-2020-23250 | 1 Gigamon | 1 Gigavue-os | 2024-11-21 | 2.3 Low |
| GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database. | ||||
| CVE-2020-23249 | 1 Gigamon | 1 Gigavue-os | 2024-11-21 | 4.7 Medium |
| GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext. | ||||
| CVE-2020-23243 | 1 Naviwebs | 1 Navigatecms | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrong_path_redirect" feature. | ||||
| CVE-2020-23242 | 1 Naviwebs | 1 Navigatecms | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the Tools feature. | ||||
| CVE-2020-23241 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature. | ||||
| CVE-2020-23240 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature. | ||||
| CVE-2020-23239 | 1 Textpattern | 1 Textpattern | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Preferences feature. | ||||
| CVE-2020-23238 | 1 Evo | 1 Evolution Cms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature. | ||||
| CVE-2020-23234 | 1 Lavalite | 1 Lavalite | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,". | ||||
| CVE-2020-23226 | 2 Cacti, Debian | 2 Cacti, Debian Linux | 2024-11-21 | 6.1 Medium |
| Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php. | ||||
| CVE-2020-23219 | 1 Monstra | 1 Monstra Cms | 2024-11-21 | 8.8 High |
| Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the "Snippet content" field under the "Edit Snippet" module. | ||||