Export limit exceeded: 363531 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363531 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-21590 | 1 Wuzhicms | 1 Wuzhicms | 2024-11-21 | 4.3 Medium |
| Directory traversal in coreframe/app/template/admin/index.php in WUZHI CMS 4.1.0 allows attackers to list files in arbitrary directories via the dir parameter. | ||||
| CVE-2020-21588 | 1 Coreftp | 1 Core Ftp | 2024-11-21 | 5.5 Medium |
| Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via a long string in the Setup->Users->Username editbox. | ||||
| CVE-2020-21585 | 1 Emlog | 1 Emlog | 2024-11-21 | 9.8 Critical |
| Vulnerability in emlog v6.0.0 allows user to upload webshells via zip plugin module. | ||||
| CVE-2020-21574 | 1 C-http Project | 1 C-http | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows attackers to cause a denial of service via a long url request which is passed to the delimitedread function. | ||||
| CVE-2020-21573 | 1 Image-processing Project | 1 Image-processing | 2024-11-21 | 5.5 Medium |
| An issue was discoverered in in abhijitnathwani image-processing v0.1.0, allows local attackers to cause a denial of service via a crafted image file. | ||||
| CVE-2020-21572 | 1 Gilcc Project | 1 Gilcc | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in function src_parser_trans_stage_1_2_3 trgil gilcc before commit 803969389ca9c06237075a7f8eeb1a19e6651759, allows attackers to cause a denial of service. | ||||
| CVE-2020-21564 | 1 Pluck-cms | 1 Pluck | 2024-11-21 | 8.8 High |
| An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11. There is a file upload vulnerability that can cause a remote command execution via admin.php?action=files. | ||||
| CVE-2020-21554 | 1 Tinyrise | 1 Tinyshop | 2024-11-21 | 8.1 High |
| A File Deletion vulnerability exists in TinyShop 3.1.1 in the back_list parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms. | ||||
| CVE-2020-21535 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 5.5 Medium |
| fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c. | ||||
| CVE-2020-21534 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 5.5 Medium |
| fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c. | ||||
| CVE-2020-21533 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 5.5 Medium |
| fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c. | ||||
| CVE-2020-21532 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 5.5 Medium |
| fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c. | ||||
| CVE-2020-21531 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 5.5 Medium |
| fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c. | ||||
| CVE-2020-21530 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 5.5 Medium |
| fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. | ||||
| CVE-2020-21529 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 5.5 Medium |
| fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c. | ||||
| CVE-2020-21528 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 5.5 Medium |
| A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file. | ||||
| CVE-2020-21527 | 1 Halo | 1 Halo | 2024-11-21 | 7.7 High |
| There is an Arbitrary file deletion vulnerability in halo v1.1.3. A backup function in the background allows a user, when deleting their backup files, to delete any files on the system through directory traversal. | ||||
| CVE-2020-21526 | 1 Halo | 1 Halo | 2024-11-21 | 9.8 Critical |
| An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it. | ||||
| CVE-2020-21525 | 1 Halo | 1 Halo | 2024-11-21 | 7.5 High |
| Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it. | ||||
| CVE-2020-21524 | 1 Halo | 1 Halo | 2024-11-21 | 9.1 Critical |
| There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xml file, but it is not used for security defense, This vulnerability can detect the intranet, read files, enable ddos attacks, etc. exp:https://github.com/halo-dev/halo/issues/423 | ||||