Total
34582 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-22427 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerability. An authenticated nagiosadmin user can inject additional commands into a request. NOTE: the vendor disputes whether the CVE and its references are actionable because all technical details are omitted, and the only option is to pay for a subscription service where technical details may be disclosed at an unspecified later time | |||||
| CVE-2020-22253 | 1 Xiongmaitech | 16 Ahb7008t-mh-v2, Ahb7008t-mh-v2 Firmware, Ahb7804r-els and 13 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device. | |||||
| CVE-2020-22061 | 1 Superantispyware | 1 Superantispyware | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| SUPERAntispyware v8.0.0.1050 was discovered to contain an issue in the component saskutil64.sys. This issue allows attackers to arbitrarily write data to the device via IOCTL 0x9C402140. | |||||
| CVE-2020-22057 | 1 Evga | 1 Precision Xoc | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC version v6.2.7 were discovered to be configured with the default security descriptor which allows attackers to access sensitive components and data. | |||||
| CVE-2020-21865 | 1 Thinkphp50-cms Project | 1 Thinkphp50-cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s=captcha. | |||||
| CVE-2020-21723 | 1 Ogg Video Tools Project | 1 Ogg Video Tools | 2024-11-21 | N/A | 5.5 MEDIUM |
| A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening of crafted ogg file. | |||||
| CVE-2020-21654 | 1 Emlog | 1 Emlog | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file. | |||||
| CVE-2020-21648 | 1 Wdja | 1 Wdja Cms | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php. | |||||
| CVE-2020-21627 | 1 Ruijie | 2 Rg-uac, Rg-uac Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Ruijie RG-UAC commit 9071227 was discovered to contain a vulnerability in the component /current_action.php?action=reboot, which allows attackers to cause a denial of service (DoS) via unspecified vectors. | |||||
| CVE-2020-21605 | 1 Struktur | 1 Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be exploited via a crafted a file. | |||||
| CVE-2020-21554 | 1 Tinyrise | 1 Tinyshop | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| A File Deletion vulnerability exists in TinyShop 3.1.1 in the back_list parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms. | |||||
| CVE-2020-21530 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. | |||||
| CVE-2020-21528 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A | 5.5 MEDIUM |
| A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file. | |||||
| CVE-2020-21493 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue in the component route\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames. | |||||
| CVE-2020-21480 | 1 Rgcms Project | 1 Rgcms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file. | |||||
| CVE-2020-21468 | 1 Redislabs | 1 Redis | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: the vendor cannot reproduce this issue in a released version, such as 5.0.7 | |||||
| CVE-2020-21431 | 1 Hongcms Project | 1 Hongcms | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.php/template/edit. | |||||
| CVE-2020-21406 | 2 Rk Max Smart Tv Box Project, V88 Smart Tv Box Project | 4 Rk Max Smart Tv Box, Rk Max Smart Tv Box Firmware, V88 Smart Tv Box and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in RK Smart TV Box MAX and V88 SmartTV box that allows attackers to cause a denial of service via the switchNextDisplayInterface service. | |||||
| CVE-2020-21125 | 1 Ureport Project | 1 Ureport | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code. | |||||
| CVE-2020-21048 | 1 Libsixel Project | 1 Libsixel | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file. | |||||