Total
2138 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36455 | 1 Brokenlamp | 1 Slock | 2024-11-21 | 5.1 MEDIUM | 8.1 HIGH |
| An issue was discovered in the slock crate through 2020-11-17 for Rust. Slock<T> unconditionally implements Send and Sync. | |||||
| CVE-2020-36451 | 1 Rcu Cell Project | 1 Rcu Cell | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the rcu_cell crate through 2020-11-14 for Rust. There are unconditional implementations of Send and Sync for RcuCell<T>. | |||||
| CVE-2020-36450 | 1 Bunch Project | 1 Bunch | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the bunch crate through 2020-11-12 for Rust. There are unconditional implementations of Send and Sync for Bunch<T>. | |||||
| CVE-2020-36449 | 1 Kekbit Project | 1 Kekbit | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the kekbit crate before 0.3.4 for Rust. For ShmWriter<H>, Send is implemented without requiring H: Send. | |||||
| CVE-2020-36448 | 1 Cache Project | 1 Cache | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the cache crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for Cache<K>. | |||||
| CVE-2020-35798 | 1 Netgear | 60 R6400v2, R6400v2 Firmware, R6700v3 and 57 more | 2024-11-21 | 7.2 HIGH | 9.3 CRITICAL |
| Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50. | |||||
| CVE-2020-35794 | 1 Netgear | 14 Rbk752, Rbk752 Firmware, Rbk852 and 11 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. | |||||
| CVE-2020-35793 | 1 Netgear | 10 D7800, D7800 Firmware, R7500 and 7 more | 2024-11-21 | 4.6 MEDIUM | 6.1 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.58, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.2, and R9000 before 1.0.5.2. | |||||
| CVE-2020-35792 | 1 Netgear | 8 R7500, R7500 Firmware, R7800 and 5 more | 2024-11-21 | 5.2 MEDIUM | 8.3 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7500v2 before 1.0.3.48, R8900 before 1.0.5.2, R9000 before 1.0.5.2, and R7800 before 1.0.2.68. | |||||
| CVE-2020-35791 | 1 Netgear | 6 R7800, R7800 Firmware, R8900 and 3 more | 2024-11-21 | 4.6 MEDIUM | 6.4 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.68, R8900 before 1.0.5.2, and R9000 before 1.0.5.2. | |||||
| CVE-2020-35790 | 1 Netgear | 8 D7800, D7800 Firmware, R7800 and 5 more | 2024-11-21 | 5.2 MEDIUM | 6.4 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, R8900 before 1.0.4.26, and R9000 before 1.0.4.26. | |||||
| CVE-2020-35777 | 1 Netgear | 2 Dgn2200v1, Dgn2200v1 Firmware | 2024-11-21 | 7.7 HIGH | 8.4 HIGH |
| NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by command injection. | |||||
| CVE-2020-2508 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.1.1456 build 20201015 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later) | |||||
| CVE-2020-2492 | 1 Qnap | 1 Qts | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. | |||||
| CVE-2020-2490 | 1 Qnap | 1 Qts | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. | |||||
| CVE-2020-29548 | 1 Smartertools | 1 Smartermail | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle attackers can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session. | |||||
| CVE-2020-29299 | 1 Zyxel | 7 Atp, Nsg, Nsg Firmware and 4 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4. | |||||
| CVE-2020-28908 | 1 Nagios | 1 Fusion | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to nagios. | |||||
| CVE-2020-28902 | 1 Nagios | 1 Fusion | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege Escalation from apache to root in cmd_subsys.php. | |||||
| CVE-2020-28901 | 1 Nagios | 1 Fusion | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code Execution as root via vectors related to corrupt component installation in cmd_subsys.php. | |||||