Export limit exceeded: 363673 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363673 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-23284 1 Mv 1 Idce 2024-11-21 7.5 High
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application.
CVE-2020-23283 1 Mv 1 Mconnect 2024-11-21 7.5 High
Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force.
CVE-2020-23282 1 Mv 1 Mconnect 2024-11-21 7.5 High
SQL injection in Logon Page in MV's mConnect application, v02.001.00, allows an attacker to use a non existing user with a generic password to connect to the application and get access to unauthorized information.
CVE-2020-23273 1 Broadcom 1 Tcpreplay 2024-11-21 5.5 Medium
Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap.
CVE-2020-23269 1 Gpac 1 Gpac 2024-11-21 5.5 Medium
An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.
CVE-2020-23267 1 Gpac 1 Gpac 2024-11-21 7.1 High
An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file
CVE-2020-23266 1 Gpac 1 Gpac 2024-11-21 5.5 Medium
An issue was discovered in gpac 0.8.0. The OD_ReadUTF8String function in odf_code.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.
CVE-2020-23264 1 Fork-cms 1 Fork Cms 2024-11-21 8.8 High
Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators.
CVE-2020-23263 1 Fork-cms 1 Fork Cms 2024-11-21 6.1 Medium
Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /private/en/pages/add.
CVE-2020-23262 1 Mingsoft 1 Mcms 2024-11-21 9.8 Critical
An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do.
CVE-2020-23250 1 Gigamon 1 Gigavue-os 2024-11-21 2.3 Low
GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database.
CVE-2020-23249 1 Gigamon 1 Gigavue-os 2024-11-21 4.7 Medium
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.
CVE-2020-23243 1 Naviwebs 1 Navigatecms 2024-11-21 4.8 Medium
Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrong_path_redirect" feature.
CVE-2020-23242 1 Naviwebs 1 Navigatecms 2024-11-21 4.8 Medium
Cross Site Scripting (XSS) vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the Tools feature.
CVE-2020-23241 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 4.8 Medium
Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature.
CVE-2020-23240 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 4.8 Medium
Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.
CVE-2020-23239 1 Textpattern 1 Textpattern 2024-11-21 4.8 Medium
Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Preferences feature.
CVE-2020-23238 1 Evo 1 Evolution Cms 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature.
CVE-2020-23234 1 Lavalite 1 Lavalite 2024-11-21 4.8 Medium
Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".
CVE-2020-23226 2 Cacti, Debian 2 Cacti, Debian Linux 2024-11-21 6.1 Medium
Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php.