Export limit exceeded: 363281 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363281 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-19619 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signature field to /settings/profile. | ||||
| CVE-2020-19618 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post content field to /post/editing. | ||||
| CVE-2020-19617 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname field to /settings/profile. | ||||
| CVE-2020-19616 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post header field to /post/editing. | ||||
| CVE-2020-19613 | 1 Flycms Project | 1 Flycms | 2024-11-21 | 7.5 High |
| Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in sunkaifei FlyCMS version 20190503. | ||||
| CVE-2020-19611 | 1 Racktables Project | 1 Racktables | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in redirect module of Racktables version 0.21.2, allows an attacker to inject arbitrary web script or HTML via the op parameter. | ||||
| CVE-2020-19609 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2024-11-21 | 5.5 Medium |
| Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service. | ||||
| CVE-2020-19596 | 1 Coreftp | 1 Core Ftp | 2024-11-21 | 9.8 Critical |
| Buffer overflow vulnerability in Core FTP Server v1.2 Build 583, via a crafted username. | ||||
| CVE-2020-19595 | 1 Coreftp | 1 Core Ftp | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in Core FTP Server v2 Build 697, via a crafted username. | ||||
| CVE-2020-19587 | 1 Idera | 1 Yellowfin Business Intelligence | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI. | ||||
| CVE-2020-19586 | 1 Yellowfinbi | 1 Business Intelligence | 2024-11-21 | 9.0 Critical |
| Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI. | ||||
| CVE-2020-19559 | 1 Dieboldnixdorf | 1 Agilis Xfs For Opteva | 2024-11-21 | 9.8 Critical |
| An issue in Diebold Aglis XFS for Opteva v.4.1.61.1 allows a remote attacker to execute arbitrary code via a crafted payload to the ResolveMethod() parameter. | ||||
| CVE-2020-19554 | 1 Manageengine | 1 Opmanager | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability exists in ManageEngine OPManager <=12.5.174 when the API key contains an XML-based XSS payload. | ||||
| CVE-2020-19553 | 1 Wuzhicms | 1 Wuzhicms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and including 4.1.0 in the config function in coreframe/app/attachment/libs/class/ckditor.class.php. | ||||
| CVE-2020-19551 | 1 Wuzhicms | 1 Wuzhicms | 2024-11-21 | 8.8 High |
| Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong. | ||||
| CVE-2020-19547 | 1 Popojicms | 1 Popojicms | 2024-11-21 | 6.5 Medium |
| Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id parameter in admin.php. | ||||
| CVE-2020-19527 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 9.8 Critical |
| iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php. | ||||
| CVE-2020-19515 | 1 Qdpm | 1 Qdpm | 2024-11-21 | 6.1 Medium |
| qdPM V9.1 is vulnerable to Cross Site Scripting (XSS) via qdPM\install\modules\database_config.php. | ||||
| CVE-2020-19511 | 1 Typesettercms | 1 Typesetter | 2024-11-21 | 6.1 Medium |
| Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes, | ||||
| CVE-2020-19510 | 2 Microsoft, Textpattern | 2 Windows, Textpattern | 2024-11-21 | 9.8 Critical |
| Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php. | ||||