Export limit exceeded: 363576 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363576 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-21813 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114. | ||||
| CVE-2020-21809 | 1 Nukeviet | 1 Nukeviet | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the (1) listid parameter in detail.php and the (2) group_price or groupid parameters in search_result.php. | ||||
| CVE-2020-21808 | 1 Nukeviet | 1 Nukeviet | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php. | ||||
| CVE-2020-21806 | 1 Ectouch | 1 Ectouch | 2024-11-21 | 9.8 Critical |
| SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php.. | ||||
| CVE-2020-21788 | 1 Crmeb | 1 Crmeb | 2024-11-21 | 4.3 Medium |
| In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php. | ||||
| CVE-2020-21787 | 1 Crmeb | 1 Crmeb | 2024-11-21 | 9.8 Critical |
| CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php. | ||||
| CVE-2020-21786 | 1 Ibos | 1 Ibos | 2024-11-21 | 9.8 Critical |
| In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php. | ||||
| CVE-2020-21785 | 1 Ibos | 1 Ibos | 2024-11-21 | 8.8 High |
| In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability. | ||||
| CVE-2020-21784 | 1 Phpwcms | 1 Phpwcms | 2024-11-21 | 9.8 Critical |
| phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. | ||||
| CVE-2020-21783 | 1 Ibos | 1 Ibos | 2024-11-21 | 6.1 Medium |
| In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody[content] parameter. | ||||
| CVE-2020-21733 | 1 Sagemcom | 2 F\@st 3686, F\@st 3686 Firmware | 2024-11-21 | 6.1 Medium |
| Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpnL2tpPptp.asp. | ||||
| CVE-2020-21732 | 1 Rukovoditel | 1 Rukovoditel | 2024-11-21 | 6.1 Medium |
| Rukovoditel Project Management app 2.6 is affected by: Cross Site Scripting (XSS). An attacker can add JavaScript code to the filename. | ||||
| CVE-2020-21731 | 1 Gazie Project | 1 Gazie | 2024-11-21 | 6.1 Medium |
| Gazie 7.29 is affected by: Cross Site Scripting (XSS) via http://192.168.100.7/gazie/modules/config/admin_utente.php?user_name=amministratore&Update. An attacker can inject JavaScript code, and the webapplication stores the injected code. | ||||
| CVE-2020-21729 | 1 Jeecms | 1 Jeecms X | 2024-11-21 | 5.4 Medium |
| JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2020-21726 | 1 Opensns | 1 Opensns | 2024-11-21 | 9.8 Critical |
| OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the cid parameter. | ||||
| CVE-2020-21725 | 1 Opensns | 1 Opensns | 2024-11-21 | 9.8 Critical |
| OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter. | ||||
| CVE-2020-21724 | 1 Ogg Video Tools Project | 1 Ogg Video Tools | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in ExtractorInformation function in streamExtractor.cpp in oggvideotools 0.9.1 allows remaote attackers to run arbitrary code via opening of crafted ogg file. | ||||
| CVE-2020-21723 | 1 Ogg Video Tools Project | 1 Ogg Video Tools | 2024-11-21 | 5.5 Medium |
| A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening of crafted ogg file. | ||||
| CVE-2020-21722 | 1 Ogg Video Tools Project | 1 Ogg Video Tools | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in oggvideotools 0.9.1 allows remote attackers to run arbitrary code via opening of crafted ogg file. | ||||
| CVE-2020-21710 | 2 Artifex, Redhat | 2 Ghostscript, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file. | ||||