Export limit exceeded: 359603 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35583 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-23727 | 1 Antiy | 1 Antiy Zhijia Terminal Defense System | 2024-11-21 | 5.5 Medium |
| There is a local denial of service vulnerability in the Antiy Zhijia Terminal Defense System 5.0.2.10121559 and an attacker can cause a computer crash (BSOD). | ||||
| CVE-2020-23726 | 1 Wisecleaner | 1 Wise Care 365 | 2024-11-21 | 5.5 Medium |
| There is a local denial of service vulnerability in Wise Care 365 5.5.4, attackers can cause computer crash (BSOD). | ||||
| CVE-2020-23691 | 1 Yfcmf | 1 Yfcmf | 2024-11-21 | 9.8 Critical |
| YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php. | ||||
| CVE-2020-23680 | 1 Text2pdf Project | 1 Text2pdf | 2024-11-21 | 7.8 High |
| An issue was discovered in function StartPage in text2pdf.c in pdfcorner text2pdf 1.1, allows attackers to cause denial of service or possibly other undisclosed impacts. | ||||
| CVE-2020-23580 | 1 Pbootcms | 1 Pbootcms | 2024-11-21 | 9.8 Critical |
| Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board. | ||||
| CVE-2020-23565 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to a "Data from Faulting Address controls Branch Selection starting at JPEG2000!ShowPlugInSaveOptions_W+0x0000000000032850". | ||||
| CVE-2020-23562 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 5.5 Medium |
| IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe. | ||||
| CVE-2020-23561 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 5.5 Medium |
| IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722. | ||||
| CVE-2020-23549 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6". | ||||
| CVE-2020-23546 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981. | ||||
| CVE-2020-23545 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531. | ||||
| CVE-2020-23490 | 1 Wwbn | 1 Avideo | 2024-11-21 | 7.5 High |
| There was a local file disclosure vulnerability in AVideo < 8.9 via the proxy streaming. An unauthenticated attacker can exploit this issue to read an arbitrary file on the server. Which could leak database credentials or other sensitive information such as /etc/passwd file. | ||||
| CVE-2020-23469 | 1 Gmate Project | 1 Gmate | 2024-11-21 | 7.5 High |
| gmate v0.12+bionic contains a regular expression denial of service (ReDoS) vulnerability in the gedit3 plugin. | ||||
| CVE-2020-23361 | 1 Phplist | 1 Phplist | 2024-11-21 | 9.8 Critical |
| phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters. | ||||
| CVE-2020-23356 | 1 Nibbleblog | 1 Nibbleblog | 2024-11-21 | 7.5 High |
| dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters. | ||||
| CVE-2020-23355 | 1 Codiad | 1 Codiad | 2024-11-21 | 7.5 High |
| ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate() is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234 something can successfully authenticate. | ||||
| CVE-2020-23315 | 1 Microsoft | 1 Chakracore | 2024-11-21 | 7.5 High |
| There is an ASSERTION (pFuncBody->GetYieldRegister() == oldYieldRegister) failed in Js::DebugContext::RundownSourcesAndReparse in ChakraCore version 1.12.0.0-beta. | ||||
| CVE-2020-23160 | 1 Pyres | 2 Termod4, Termod4 Firmware | 2024-11-21 | 8.8 High |
| Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices. | ||||
| CVE-2020-22916 | 1 Tukaani | 1 Xz | 2024-11-21 | 5.5 Medium |
| An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase. | ||||
| CVE-2020-22848 | 1 Chshcms | 1 Cscms | 2024-11-21 | 9.8 Critical |
| A remote code execution (RCE) vulnerability in the \Playsong.php component of cscms v4.1 allows attackers to execute arbitrary commands. | ||||