Search

Search Results (363364 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-23967 1 Drweb 1 Security Space 2024-11-21 7.8 High
Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate.
CVE-2020-23962 1 Catfish-cms 1 Catfish Cms 2024-11-21 6.1 Medium
A cross site scripting (XSS) vulnerability in Catfish CMS 4.9.90 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "announcement_gonggao" parameter.
CVE-2020-23960 1 Fork-cms 1 Fork Cms 2024-11-21 8.8 High
Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork before 5.8.3 allows remote attackers to perform unauthorized actions as administrator to (1) approve the mass of the user's comments, (2) restoring a deleted user, (3) installing or running modules, (4) resetting the analytics, (5) pinging the mailmotor api, (6) uploading things to the media library, (7) exporting locale.
CVE-2020-23957 1 Pega 1 Pega Platform 2024-11-21 6.1 Medium
Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS) via the ConnectionID parameter, as demonstrated by a pyActivity=Data-TRACERSettings.pzStartTracerSession request to a PRAuth URI.
CVE-2020-23945 1 Victor Cms Project 1 Victor Cms 2024-11-21 7.5 High
A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.
CVE-2020-23936 1 Phpgurukul 1 Vehicle Parking Management System 2024-11-21 9.8 Critical
PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)".
CVE-2020-23934 1 Ritecms 1 Ritecms 2024-11-21 8.8 High
An issue was discovered in RiteCMS 2.2.1. An authenticated user can directly execute system commands by uploading a php web shell in the "Filemanager" section.
CVE-2020-23932 1 Gpac 1 Gpac 2024-11-21 5.5 Medium
An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump_isom_sdp located in filedump.c. It allows an attacker to cause Denial of Service.
CVE-2020-23931 1 Gpac 1 Gpac 2024-11-21 7.1 High
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
CVE-2020-23930 1 Gpac 1 Gpac 2024-11-21 5.5 Medium
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function nhmldump_send_header located in write_nhml.c. It allows an attacker to cause Denial of Service.
CVE-2020-23928 1 Gpac 1 Gpac 2024-11-21 7.1 High
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
CVE-2020-23922 2 Apache, Giflib Project 2 Bookkeeper, Giflib 2024-11-21 7.1 High
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.
CVE-2020-23921 1 Fast Ber Project 1 Fast Ber 2024-11-21 7.1 High
An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_compiler.hpp has a heap-based buffer over-read.
CVE-2020-23915 1 Cpp-peglib Project 1 Cpp-peglib 2024-11-21 5.5 Medium
An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_escape_sequence() in peglib.h has a heap-based buffer over-read.
CVE-2020-23914 1 Cpp-peglib Project 1 Cpp-peglib 2024-11-21 5.5 Medium
An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer dereference exists in the peg::AstOptimizer::optimize() located in peglib.h. It allows an attacker to cause Denial of Service.
CVE-2020-23912 1 Axiosys 1 Bento4 2024-11-21 5.5 Medium
An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service.
CVE-2020-23911 1 Asn1c Project 1 Asn1c 2024-11-21 5.5 Medium
An issue was discovered in asn1c through v0.9.28. A NULL pointer dereference exists in the function _default_error_logger() located in asn1fix.c. It allows an attacker to cause Denial of Service.
CVE-2020-23910 1 Asn1c Project 1 Asn1c 2024-11-21 5.5 Medium
Stack-based buffer overflow vulnerability in asn1c through v0.9.28 via function genhash_get in genhash.c.
CVE-2020-23909 1 Advancemame 1 Advancemame 2024-11-21 7.1 High
Heap-based buffer over-read in function png_convert_4 in file pngex.cc in AdvanceMAME through 2.1.
CVE-2020-23907 1 Avast 1 Retdec 2024-11-21 9.8 Critical
An issue was discovered in retdec v3.3. In function canSplitFunctionOn() of ir_modifications.cpp, there is a possible out of bounds read due to a heap buffer overflow. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution.