Search

Search Results (363318 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-25577 1 Freebsd 1 Freebsd 2024-11-21 9.8 Critical
In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 rtsold(8) does not verify that the RDNSS option does not extend past the end of the received packet before processing its contents. While the kernel currently ignores such malformed packets, it passes them to userspace programs. Any programs expecting the kernel to do validation may be vulnerable to an overflow.
CVE-2020-25576 1 Rand Project 1 Rand 2024-11-21 9.8 Critical
An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.
CVE-2020-25575 1 Failure Project 1 Failure 2024-11-21 9.8 Critical
An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: This may overlap CVE-2019-25010
CVE-2020-25574 1 Hyper 1 Http 2024-11-21 7.5 High
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop).
CVE-2020-25573 1 Linked-hash-map Project 1 Linked-hash-map 2024-11-21 9.8 Critical
An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint.
CVE-2020-25566 1 Sapphireims 1 Sapphireims 2024-11-21 9.8 Critical
In SapphireIMS 5.0, it is possible to take over an account by sending a request to the Save_Password form as shown in POC. Notice that we do not require a JSESSIONID in this request and can reset any user’s password by changing the username to that user and password to base64(desired password).
CVE-2020-25565 1 Sapphireims 1 Sapphireims 2024-11-21 9.8 Critical
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server.
CVE-2020-25564 1 Sapphireims 1 Sapphireims 2024-11-21 8.8 High
In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials of a non-privileged user by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature.
CVE-2020-25563 1 Sapphireims 1 Sapphireims 2024-11-21 9.8 Critical
In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature and not having a JSESSIONID.
CVE-2020-25562 1 Sapphireims 1 Sapphireims 2024-11-21 6.5 Medium
In SapphireIMS 5.0, there is no CSRF token present in the entire application. This can lead to CSRF vulnerabilities in critical application forms like account resent.
CVE-2020-25561 1 Sapphireims 1 Sapphireims 2024-11-21 7.8 High
SapphireIMS 5 utilized default sapphire:ims credentials to connect the client to server. This credential is saved in ServerConf.config file in the client.
CVE-2020-25560 1 Sapphireims 1 Sapphireims 2024-11-21 9.8 Critical
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. We also observed the same is true if the JSESSIONID is completely removed.
CVE-2020-25557 1 Cmsuno Project 1 Cmsuno 2024-11-21 8.8 High
In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "username" while changing his/her username & password. After that, when attacker logs in to the application, attacker's code will be run. As a result of this vulnerability, authenticated user can run command on the server.
CVE-2020-25540 1 Thinkadmin 1 Thinkadmin 2024-11-21 7.5 High
ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter.
CVE-2020-25538 1 Cmsuno Project 1 Cmsuno 2024-11-21 8.8 High
An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server.
CVE-2020-25537 1 Ucms Project 1 Ucms 2024-11-21 9.8 Critical
File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission.
CVE-2020-25533 1 Malwarebytes 1 Malwarebytes 2024-11-21 7.0 High
An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can construct a situation where the same PID is used for running two different programs at different times, by leveraging a race condition during crafted use of posix_spawn.
CVE-2020-25516 1 Wso2 1 Enterprise Integrator 2024-11-21 5.4 Medium
WSO2 Enterprise Integrator 6.6.0 or earlier contains a stored cross-site scripting (XSS) vulnerability in BPMN explorer tasks.
CVE-2020-25515 1 Simple Library Management System Project 1 Simple Library Management System 2024-11-21 7.8 High
Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books.
CVE-2020-25514 1 Simple Library Management System Project 1 Simple Library Management System 2024-11-21 8.4 High
Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php.