Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35583 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-28419 | 1 Hp | 1503 Laserjet Managed Mfp E62665 3gy14a, Laserjet Managed Mfp E62665 3gy15a, Laserjet Managed Mfp E62665 3gy16a and 1500 more | 2024-11-21 | 8.8 High |
| During installation with certain driver software or application packages an arbitrary code execution could occur. | ||||
| CVE-2020-28416 | 1 Hp | 310 Officejet 250 Cz992a, Officejet 250 Cz992a Firmware, Officejet 250c L9d57a and 307 more | 2024-11-21 | 7.8 High |
| HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution. | ||||
| CVE-2020-28340 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via Secure Folder. The Samsung ID is SVE-2020-18546 (November 2020). | ||||
| CVE-2020-28281 | 1 Set-object-value Project | 1 Set-object-value | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 through 0.0.5 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28280 | 1 Predefine Project | 1 Predefine | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'predefine' versions 0.0.0 through 0.1.2 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28279 | 1 Flattenizer Project | 1 Flattenizer | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'flattenizer' versions 0.0.5 through 1.0.5 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28278 | 1 Shvl Project | 1 Shvl | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'shvl' versions 1.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28277 | 1 Dset Project | 1 Dset | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'dset' versions 1.0.0 through 2.0.1 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28276 | 1 Deep-set Project | 1 Deep-set | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'deep-set' versions 1.0.0 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28274 | 1 Deepref Project | 1 Deepref | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'deepref' versions 1.1.1 through 1.2.1 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28273 | 1 Set-in Project | 1 Set-in | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28272 | 1 Keyget Project | 1 Keyget | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'keyget' versions 1.0.0 through 2.2.0 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28267 | 1 Set Project | 1 Set | 2024-11-21 | 7.5 High |
| Prototype pollution vulnerability in '@strikeentco/set' version 1.0.0 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28251 | 1 Netscout | 7 Airmagnet Enterprise, Sensor4-r1s1w1-e, Sensor4-r2s1-e and 4 more | 2024-11-21 | 8.1 High |
| NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise. | ||||
| CVE-2020-28247 | 1 Lettre | 1 Lettre | 2024-11-21 | 5.3 Medium |
| The lettre library through 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs. | ||||
| CVE-2020-28190 | 1 Terra-master | 1 Tos | 2024-11-21 | 5.9 Medium |
| TerraMaster TOS <= 4.2.06 was found to check for updates (of both system and applications) via an insecure channel (HTTP). Man-in-the-middle attackers are able to intercept these requests and serve a weaponized/infected version of applications or updates. | ||||
| CVE-2020-28185 | 1 Terra-master | 1 Tos | 2024-11-21 | 5.3 Medium |
| User Enumeration vulnerability in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to identify valid users within the system via the username parameter to wizard/initialise.php. | ||||
| CVE-2020-28175 | 1 Almico | 1 Speedfan | 2024-11-21 | 7.8 High |
| There is a local privilege escalation vulnerability in Alfredo Milani Comparetti SpeedFan 4.52. Attackers can use constructed programs to increase user privileges | ||||
| CVE-2020-28096 | 1 Foscammall | 2 Foscam X1, Foscam X1 Firmware | 2024-11-21 | 6.8 Medium |
| FOSCAM FHD X1 1.14.2.4 devices allow attackers (with physical UART access) to login via the ipc.fos~ password. | ||||
| CVE-2020-28094 | 1 Tendacn | 2 Ac1200, Ac1200 Firmware | 2024-11-21 | 7.5 High |
| On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning. | ||||