Total
32233 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21605 | 1 Struktur | 1 Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be exploited via a crafted a file. | |||||
| CVE-2020-21554 | 1 Tinyrise | 1 Tinyshop | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| A File Deletion vulnerability exists in TinyShop 3.1.1 in the back_list parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms. | |||||
| CVE-2020-21530 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. | |||||
| CVE-2020-21528 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A | 5.5 MEDIUM |
| A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file. | |||||
| CVE-2020-21493 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue in the component route\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames. | |||||
| CVE-2020-21480 | 1 Rgcms Project | 1 Rgcms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file. | |||||
| CVE-2020-21468 | 1 Redislabs | 1 Redis | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: the vendor cannot reproduce this issue in a released version, such as 5.0.7 | |||||
| CVE-2020-21431 | 1 Hongcms Project | 1 Hongcms | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.php/template/edit. | |||||
| CVE-2020-21406 | 2 Rk Max Smart Tv Box Project, V88 Smart Tv Box Project | 4 Rk Max Smart Tv Box, Rk Max Smart Tv Box Firmware, V88 Smart Tv Box and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in RK Smart TV Box MAX and V88 SmartTV box that allows attackers to cause a denial of service via the switchNextDisplayInterface service. | |||||
| CVE-2020-21125 | 1 Ureport Project | 1 Ureport | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code. | |||||
| CVE-2020-21048 | 1 Libsixel Project | 1 Libsixel | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file. | |||||
| CVE-2020-21014 | 1 Emlog | 1 Emlog | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php. | |||||
| CVE-2020-20813 | 1 Openvpn | 1 Openvpn | 2024-11-21 | N/A | 7.5 HIGH |
| Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet. | |||||
| CVE-2020-20664 | 1 Libiec Iccp Mod Project | 1 Libiec Iccp Mod | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| libiec_iccp_mod v1.5 contains a segmentation violation in the component server_example1.c. | |||||
| CVE-2020-20634 | 1 Elementor | 1 Website Builder | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Elementor 2.9.5 and below WordPress plugin allows authenticated users to activate its safe mode feature. This can be exploited to disable all security plugins on the blog. | |||||
| CVE-2020-20495 | 1 Bludit | 1 Bludit | 2024-11-21 | 5.8 MEDIUM | 9.1 CRITICAL |
| bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter. | |||||
| CVE-2020-20299 | 1 Weiphp | 1 Weiphp | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| WeiPHP 5.0 does not properly restrict access to pages, related to using POST. | |||||
| CVE-2020-20269 | 1 Caret | 1 Caret | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22. | |||||
| CVE-2020-20178 | 1 Whohas Project | 1 Whohas | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account addresses. | |||||
| CVE-2020-1960 | 1 Apache | 1 Flink | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| A vulnerability in Apache Flink (1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0) where, when running a process with an enabled JMXReporter, with a port configured via metrics.reporter.reporter_name>.port, an attacker with local access to the machine and JMX port can execute a man-in-the-middle attack using a specially crafted request to rebind the JMXRMI registry to one under the attacker's control. This compromises any connection established to the process via JMX, allowing extraction of credentials and any other transferred data. | |||||