Export limit exceeded: 363449 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363449 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-20215 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 6.5 Medium |
| Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access. | ||||
| CVE-2020-20214 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 6.5 Medium |
| Mikrotik RouterOs 6.44.6 (long-term tree) suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. | ||||
| CVE-2020-20213 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 6.5 Medium |
| Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the /nova/bin/net process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. | ||||
| CVE-2020-20212 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 6.5 Medium |
| Mikrotik RouterOs 6.44.5 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | ||||
| CVE-2020-20211 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 6.5 Medium |
| Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an assertion failure vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. | ||||
| CVE-2020-20189 | 1 Newpk Project | 1 Newpk | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in NewPK 1.1 via the title parameter to admin\newpost.php. | ||||
| CVE-2020-20184 | 1 Liftoffsoftware | 1 Gateone | 2024-11-21 | 9.8 Critical |
| GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection. | ||||
| CVE-2020-20183 | 1 Zyxel | 2 P1302-t10 V3, P1302-t10 V3 Firmware | 2024-11-21 | 7.5 High |
| Insecure direct object reference vulnerability in Zyxel’s P1302-T10 v3 with firmware version 2.00(ABBX.3) and earlier allows attackers to gain privileges and access certain admin pages. | ||||
| CVE-2020-20178 | 1 Whohas Project | 1 Whohas | 2024-11-21 | 7.5 High |
| Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account addresses. | ||||
| CVE-2020-20142 | 1 Flexmonster | 1 Pivot Table \& Charts | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in the "To Remote CSV" component under "Open" Menu in Flexmonster Pivot Table & Charts 2.7.17. | ||||
| CVE-2020-20141 | 1 Flexmonster | 1 Pivot Table \& Charts | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17. | ||||
| CVE-2020-20140 | 1 Flexmonster | 1 Pivot Table \& Charts | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17. | ||||
| CVE-2020-20139 | 1 Flexmonster | 1 Pivot Table \& Charts | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17. | ||||
| CVE-2020-20138 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in the Showtime2 Slideshow module in CMS Made Simple (CMSMS) 2.2.4. | ||||
| CVE-2020-20136 | 1 Quantconnect | 1 Lean | 2024-11-21 | 9.8 Critical |
| QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library. | ||||
| CVE-2020-20131 | 1 Laracms Project | 1 Laracms | 2024-11-21 | 5.4 Medium |
| LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows atackers to execute arbitrary web scripts or HTML via a crafted payload in the page management module. | ||||
| CVE-2020-20129 | 1 Laracms Project | 1 Laracms | 2024-11-21 | 5.4 Medium |
| LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content editor. | ||||
| CVE-2020-20128 | 1 Laracms Project | 1 Laracms | 2024-11-21 | 7.5 High |
| LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers. | ||||
| CVE-2020-20125 | 1 Earclink | 1 Espcms-p8 | 2024-11-21 | 6.1 Medium |
| EARCLINK ESPCMS-P8 contains a cross-site scripting (XSS) vulnerability in espcms_web\espcms_load.php. | ||||
| CVE-2020-20120 | 1 Thinkphp | 1 Thinkphp | 2024-11-21 | 9.8 Critical |
| ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" and "query" methods. | ||||