Export limit exceeded: 363318 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363318 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363318 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-21976 | 1 Newsone Cms Project | 1 Newsone Cms | 2024-11-21 | 8.8 High |
| An arbitrary file upload in the <input type="file" name="user_image"> component of NewsOne CMS v1.1.0 allows attackers to webshell and execute arbitrary commands. | ||||
| CVE-2020-21967 | 1 Prestashop | 1 Prestashop | 2024-11-21 | 4.8 Medium |
| File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page. | ||||
| CVE-2020-21937 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 9.8 Critical |
| An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands. | ||||
| CVE-2020-21936 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 5.3 Medium |
| An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication. | ||||
| CVE-2020-21935 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 9.8 Critical |
| A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code. | ||||
| CVE-2020-21934 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed. | ||||
| CVE-2020-21933 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package. | ||||
| CVE-2020-21932 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 5.3 Medium |
| A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid. | ||||
| CVE-2020-21930 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A stored cross site scripting (XSS) vulnerability in the web_attr_2 field of Eyoucms v1.4.1 allows authenticated attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-21929 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A stored cross site scripting (XSS) vulnerability in the web_copyright field of Eyoucms v1.4.1 allows authenticated attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-21913 | 2 Debian, Unicode | 2 Debian Linux, International Components For Unicode | 2024-11-21 | 5.5 Medium |
| International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp. | ||||
| CVE-2020-21890 | 1 Artifex | 1 Ghostscript | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document. | ||||
| CVE-2020-21884 | 1 Indionetworks | 10 Unibox U1000, Unibox U1000 Firmware, Unibox U2500 and 7 more | 2024-11-21 | 8.8 High |
| Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?rid=202 in which a specially crafted HTTP request may reconfigure the device. | ||||
| CVE-2020-21883 | 1 Indionetworks | 10 Unibox U1000, Unibox U1000 Firmware, Unibox U2500 and 7 more | 2024-11-21 | 8.8 High |
| Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover. | ||||
| CVE-2020-21881 | 1 Duxcms Project | 1 Duxcms | 2024-11-21 | 6.5 Medium |
| Cross Site Request Forgery (CSRF) vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add. | ||||
| CVE-2020-21865 | 1 Thinkphp50-cms Project | 1 Thinkphp50-cms | 2024-11-21 | 9.8 Critical |
| ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s=captcha. | ||||
| CVE-2020-21854 | 1 Tidesec | 1 Wdscanner | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerabiity exists in WDScanner 1.1 in the system management page. | ||||
| CVE-2020-21845 | 1 Codoforum | 1 Codoforum | 2024-11-21 | 6.1 Medium |
| Codoforum 4.8.3 allows HTML Injection in the 'admin dashboard Manage users Section.' | ||||
| CVE-2020-21844 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580. | ||||
| CVE-2020-21843 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318. | ||||