Export limit exceeded: 76376 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76376 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-19492 | 1 Sam2p Project | 1 Sam2p | 2024-11-21 | 7.8 High |
| There is a floating point exception in ReadImage that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact. | ||||
| CVE-2020-19491 | 1 Sam2p Project | 1 Sam2p | 2024-11-21 | 7.8 High |
| There is an invalid memory access bug in cgif.c that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact. | ||||
| CVE-2020-19455 | 1 Jdownloads | 1 Jdownloads | 2024-11-21 | 7.5 High |
| SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter. | ||||
| CVE-2020-19451 | 1 Jdownloads | 1 Jdownloads | 2024-11-21 | 7.5 High |
| SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter. | ||||
| CVE-2020-19450 | 1 Jdownloads | 1 Jdownloads | 2024-11-21 | 7.5 High |
| SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter. | ||||
| CVE-2020-19447 | 1 Jdownloads | 1 Jdownloads | 2024-11-21 | 7.5 High |
| SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter. | ||||
| CVE-2020-19419 | 1 Emerson | 2 Smart Wireless Gateway 1420, Smart Wireless Gateway 1420 Firmware | 2024-11-21 | 7.5 High |
| Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 allows remote attackers to obtain sensitive device information from the administrator console without authentication. | ||||
| CVE-2020-19417 | 1 Emerson | 2 Wireless 1420 Gateway, Wireless 1420 Gateway Firmware | 2024-11-21 | 8.8 High |
| Emerson Smart Wireless Gateway 1420 4.6.59 allows non-privileged users (such as the default account 'maint') to perform administrative tasks by sending specially crafted HTTP requests to the application. | ||||
| CVE-2020-19364 | 1 Open-emr | 1 Openemr | 2024-11-21 | 8.8 High |
| OpenEMR 5.0.1 allows an authenticated attacker to upload and execute malicious PHP scripts through /controller.php. | ||||
| CVE-2020-19360 | 1 Fhem | 1 Fhem | 2024-11-21 | 7.5 High |
| Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper file parameter can allow an attacker to include a file, which can lead to sensitive information disclosure. | ||||
| CVE-2020-19323 | 2 D-link, Dlink | 3 Dir-619l, Dir-619l, Dir-619l Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No authentication required | ||||
| CVE-2020-19318 | 2 D-link, Dlink | 3 Dir-605l, Dir-605l, Dir-605l Firmware | 2024-11-21 | 8.8 High |
| Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program. | ||||
| CVE-2020-19316 | 2 Laravel, Microsoft | 2 Framework, Windows | 2024-11-21 | 8.8 High |
| OS Command injection vulnerability in function link in Filesystem.php in Laravel Framework before 5.8.17. | ||||
| CVE-2020-19304 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 7.5 High |
| An issue in /admin/index.php?n=system&c=filept&a=doGetFileList of Metinfo v7.0.0 allows attackers to perform a directory traversal and access sensitive information. | ||||
| CVE-2020-19303 | 1 Houdunren | 1 Hdcms | 2024-11-21 | 7.8 High |
| An arbitrary file upload vulnerability in /fileupload.php of hdcms 5.7 allows attackers to execute arbitrary code via a crafted file. | ||||
| CVE-2020-19280 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 8.8 High |
| Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows attackers to escalate privileges and perform sensitive program operations. | ||||
| CVE-2020-19263 | 1 Mipcms | 1 Mipcms | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily escalate user privileges to administrator via index.php?s=/user/ApiAdminUser/itemEdit. | ||||
| CVE-2020-19228 | 1 Bludit | 1 Bludit | 2024-11-21 | 7.2 High |
| An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files. | ||||
| CVE-2020-19217 | 1 Piwigo | 1 Piwigo | 2024-11-21 | 8.8 High |
| SQL Injection vulnerability in admin/batch_manager.php in piwigo v2.9.5, via the filter_category parameter to admin.php?page=batch_manager. | ||||
| CVE-2020-19216 | 1 Piwigo | 1 Piwigo | 2024-11-21 | 8.8 High |
| SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm. | ||||