Export limit exceeded: 364170 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364170 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364170 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-16233 | 1 Wibu | 1 Codemeter | 2024-11-21 | 7.5 High |
| An attacker could send a specially crafted packet that could have CodeMeter (All versions prior to 7.10) send back packets containing data from the heap. | ||||
| CVE-2020-16230 | 1 Hms-networks | 4 Ewon Cosy, Ewon Cosy Firmware, Ewon Flexy and 1 more | 2024-11-21 | 2.3 Low |
| All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that could abuse this vulnerability, allowing the attacker to retrieve limited confidential information through sniffing. | ||||
| CVE-2020-16229 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 7.8 High |
| Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a type confusion condition, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. | ||||
| CVE-2020-16227 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| Delta Electronics TPEditor Versions 1.97 and prior. An improper input validation may be exploited by processing a specially crafted project file not validated when the data is entered by a user. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | ||||
| CVE-2020-16226 | 1 Mitsubishielectric | 186 Conveyor Tracking Application Apr-ntr12fh, Conveyor Tracking Application Apr-ntr20fh\(n\=1\,2\), Conveyor Tracking Application Apr-ntr3fh and 183 more | 2024-11-21 | 9.8 Critical |
| Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. | ||||
| CVE-2020-16225 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | ||||
| CVE-2020-16223 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | ||||
| CVE-2020-16221 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | ||||
| CVE-2020-16219 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| Delta Electronics TPEditor Versions 1.97 and prior. An out-of-bounds read may be exploited by processing specially crafted project files. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | ||||
| CVE-2020-16217 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 7.8 High |
| Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or cause the application to crash. | ||||
| CVE-2020-16215 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 7.8 High |
| Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a stack-based buffer overflow, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. | ||||
| CVE-2020-16213 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 7.8 High |
| Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. | ||||
| CVE-2020-16212 | 1 Philips | 1 Patient Information Center Ix | 2024-11-21 | 6.8 Medium |
| In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vulnerable to local breakouts that could allow an attacker with physical access to escape the restricted environment with limited privileges. | ||||
| CVE-2020-16211 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 5.5 Medium |
| Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. An out-of-bounds read vulnerability may be exploited by processing specially crafted project files, which may allow an attacker to read information. | ||||
| CVE-2020-16210 | 1 Redlion | 4 N-tron 702-w, N-tron 702-w Firmware, N-tron 702m12-w and 1 more | 2024-11-21 | 9.0 Critical |
| The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tron 702-W / 702M12-W (all versions). | ||||
| CVE-2020-16208 | 1 Redlion | 4 N-tron 702-w, N-tron 702-w Firmware, N-tron 702m12-w and 1 more | 2024-11-21 | 8.8 High |
| The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions). | ||||
| CVE-2020-16207 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 7.8 High |
| Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by opening specially crafted project files that may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. | ||||
| CVE-2020-16206 | 1 Redlion | 4 N-tron 702-w, N-tron 702-w Firmware, N-tron 702m12-w and 1 more | 2024-11-21 | 9.0 Critical |
| The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all versions). | ||||
| CVE-2020-16205 | 1 Geutebrueck | 22 G-cam Ebc-2110, G-cam Ebc-2110 Firmware, G-cam Ebc-2111 and 19 more | 2024-11-21 | 7.2 High |
| Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5). | ||||
| CVE-2020-16204 | 1 Redlion | 4 N-tron 702-w, N-tron 702-w Firmware, N-tron 702m12-w and 1 more | 2024-11-21 | 9.8 Critical |
| The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions). | ||||