Export limit exceeded: 363331 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363331 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-19669 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 8.8 High |
| Cross Site Request Forgery (CSRF) vulnerability exists in Eyoucms 1.3.6 that can add an admin account via /login.php?m=admin&c=Admin&a=admin_add&lang=cn. | ||||
| CVE-2020-19667 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-11-21 | 7.8 High |
| Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7. | ||||
| CVE-2020-19664 | 1 Draytek | 2 Vigor2960, Vigor2960 Firmware | 2024-11-21 | 8.8 High |
| DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi. | ||||
| CVE-2020-19643 | 1 Insma | 2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B via all fields in the FTP settings page to the "goform/formSetFtpCfg" settings page. | ||||
| CVE-2020-19642 | 1 Insma | 2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware | 2024-11-21 | 6.2 Medium |
| An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. A local attacker can execute arbitrary code via editing the 'recdata.db' file to call a specially crafted GoAhead ASP-file on the SD card. | ||||
| CVE-2020-19641 | 1 Insma | 2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware | 2024-11-21 | 8.8 High |
| An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. Authenticated attackers with the "Operator" Privilege can gain admin privileges via a crafted request to '/goform/formUserMng'. | ||||
| CVE-2020-19640 | 1 Insma | 2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. An unauthenticated attacker can reboot the device causing a Denial of Service, via a hidden reboot command to '/media/?action=cmd'. | ||||
| CVE-2020-19639 | 1 Insma | 2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware | 2024-11-21 | 8.8 High |
| Cross Site Request Forgery (CSRF) vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B, via all fields to WebUI. | ||||
| CVE-2020-19626 | 1 Craftcms | 1 Craft Cms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new. | ||||
| CVE-2020-19625 | 1 Gridx Project | 1 Gridx | 2024-11-21 | 9.8 Critical |
| Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter. | ||||
| CVE-2020-19619 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signature field to /settings/profile. | ||||
| CVE-2020-19618 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post content field to /post/editing. | ||||
| CVE-2020-19617 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname field to /settings/profile. | ||||
| CVE-2020-19616 | 1 Mblog Project | 1 Mblog | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post header field to /post/editing. | ||||
| CVE-2020-19613 | 1 Flycms Project | 1 Flycms | 2024-11-21 | 7.5 High |
| Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in sunkaifei FlyCMS version 20190503. | ||||
| CVE-2020-19611 | 1 Racktables Project | 1 Racktables | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in redirect module of Racktables version 0.21.2, allows an attacker to inject arbitrary web script or HTML via the op parameter. | ||||
| CVE-2020-19609 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2024-11-21 | 5.5 Medium |
| Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service. | ||||
| CVE-2020-19596 | 1 Coreftp | 1 Core Ftp | 2024-11-21 | 9.8 Critical |
| Buffer overflow vulnerability in Core FTP Server v1.2 Build 583, via a crafted username. | ||||
| CVE-2020-19595 | 1 Coreftp | 1 Core Ftp | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in Core FTP Server v2 Build 697, via a crafted username. | ||||
| CVE-2020-19587 | 1 Idera | 1 Yellowfin Business Intelligence | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI. | ||||