Export limit exceeded: 363282 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363282 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-22721 | 1 Pnotes.net Project | 1 Pnotes.net | 2024-11-21 | 7.8 High |
| A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous " External Programs by uploading the malicious .exe file to the external program. | ||||
| CVE-2020-22719 | 1 Shimo | 1 Document | 2024-11-21 | 5.4 Medium |
| Shimo Document v2.0.1 contains a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the table content text field. | ||||
| CVE-2020-22679 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. | ||||
| CVE-2020-22678 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. | ||||
| CVE-2020-22677 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. | ||||
| CVE-2020-22675 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. | ||||
| CVE-2020-22674 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input. | ||||
| CVE-2020-22673 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. | ||||
| CVE-2020-22650 | 1 Att | 1 Alienvault Ossim | 2024-11-21 | 7.5 High |
| A memory leak vulnerability in sim-organizer.c of AlienVault Ossim v5 causes a denial of service (DOS) via a system crash triggered by the occurrence of a large number of alarm events. | ||||
| CVE-2020-22643 | 1 Feehi | 1 Feehi Cms | 2024-11-21 | 7.2 High |
| Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files. | ||||
| CVE-2020-22623 | 1 Insightsoftware | 1 Jreport | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in Jinfornet Jreport 15.6 allows unauthenticated attackers to gain sensitive information. | ||||
| CVE-2020-22617 | 1 Ardour | 1 Ardour | 2024-11-21 | 9.8 Critical |
| Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext. | ||||
| CVE-2020-22612 | 1 Mybb | 1 Mybb | 2024-11-21 | 9.8 Critical |
| Installer RCE on settings file write in MyBB before 1.8.22. | ||||
| CVE-2020-22609 | 1 Enhancesoft | 1 Osticket | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php. | ||||
| CVE-2020-22608 | 1 Enhancesoft | 1 Osticket | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php. | ||||
| CVE-2020-22607 | 1 Limesurvey | 1 Limesurvey | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerabilty in LimeSurvey 4.1.11+200316 via the (1) name and (2) description parameters in application/controllers/admin/PermissiontemplatesController.php. | ||||
| CVE-2020-22570 | 1 Memcached | 1 Memcached | 2024-11-21 | 7.5 High |
| Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command. | ||||
| CVE-2020-22552 | 1 Snap7 Project | 1 Snap7 | 2024-11-21 | 7.5 High |
| The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed. | ||||
| CVE-2020-22550 | 1 Veno File Manager Project | 1 Veno File Manager | 2024-11-21 | 7.5 High |
| Veno File Manager 3.5.6 is affected by a directory traversal vulnerability. Using the traversal allows an attacker to download sensitive files from the server. | ||||
| CVE-2020-22535 | 1 Pbootcms | 1 Pbootcms | 2024-11-21 | 6.5 Medium |
| Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php. | ||||