Export limit exceeded: 363994 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363994 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-21987 | 1 Homeautomation Project | 1 Homeautomation | 2024-11-21 | 6.1 Medium |
| HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS). XSS vulnerabilities occur when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session. | ||||
| CVE-2020-21976 | 1 Newsone Cms Project | 1 Newsone Cms | 2024-11-21 | 8.8 High |
| An arbitrary file upload in the <input type="file" name="user_image"> component of NewsOne CMS v1.1.0 allows attackers to webshell and execute arbitrary commands. | ||||
| CVE-2020-21967 | 1 Prestashop | 1 Prestashop | 2024-11-21 | 4.8 Medium |
| File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page. | ||||
| CVE-2020-21937 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 9.8 Critical |
| An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands. | ||||
| CVE-2020-21936 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 5.3 Medium |
| An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication. | ||||
| CVE-2020-21935 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 9.8 Critical |
| A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code. | ||||
| CVE-2020-21934 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed. | ||||
| CVE-2020-21933 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package. | ||||
| CVE-2020-21932 | 1 Motorola | 2 Cx2, Cx2 Firmware | 2024-11-21 | 5.3 Medium |
| A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid. | ||||
| CVE-2020-21930 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A stored cross site scripting (XSS) vulnerability in the web_attr_2 field of Eyoucms v1.4.1 allows authenticated attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-21929 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A stored cross site scripting (XSS) vulnerability in the web_copyright field of Eyoucms v1.4.1 allows authenticated attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-21913 | 2 Debian, Unicode | 2 Debian Linux, International Components For Unicode | 2024-11-21 | 5.5 Medium |
| International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp. | ||||
| CVE-2020-21890 | 1 Artifex | 1 Ghostscript | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document. | ||||
| CVE-2020-21881 | 1 Duxcms Project | 1 Duxcms | 2024-11-21 | 6.5 Medium |
| Cross Site Request Forgery (CSRF) vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add. | ||||
| CVE-2020-21865 | 1 Thinkphp50-cms Project | 1 Thinkphp50-cms | 2024-11-21 | 9.8 Critical |
| ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s=captcha. | ||||
| CVE-2020-21854 | 1 Tidesec | 1 Wdscanner | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerabiity exists in WDScanner 1.1 in the system management page. | ||||
| CVE-2020-21845 | 1 Codoforum | 1 Codoforum | 2024-11-21 | 6.1 Medium |
| Codoforum 4.8.3 allows HTML Injection in the 'admin dashboard Manage users Section.' | ||||
| CVE-2020-21844 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580. | ||||
| CVE-2020-21843 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318. | ||||
| CVE-2020-21842 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051. | ||||