Export limit exceeded: 363281 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (85517 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-26538 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | 7.8 High |
| An issue was discovered in Foxit Reader and PhantomPDF before 10.1. It allows attackers to execute arbitrary code via a Trojan horse taskkill.exe in the current working directory. | ||||
| CVE-2020-26522 | 1 Garfield Petshop Project | 1 Garfield Petshop | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in mod/user/act_user.php in Garfield Petshop through 2020-10-01 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts. | ||||
| CVE-2020-26521 | 2 Fedoraproject, Linuxfoundation | 2 Fedora, Nats-server | 2024-11-21 | 7.5 High |
| The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code). | ||||
| CVE-2020-26516 | 1 Intland | 1 Codebeamer | 2024-11-21 | 8.8 High |
| A CSRF issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. Requests sent to the server that trigger actions do not contain a CSRF token and can therefore be entirely predicted allowing attackers to cause the victim's browser to execute undesired actions in the web application through crafted requests. | ||||
| CVE-2020-26515 | 1 Intland | 1 Codebeamer | 2024-11-21 | 7.5 High |
| An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. The remember-me cookie (CB_LOGIN) issued by the application contains the encrypted user's credentials. However, due to a bug in the application code, those credentials are encrypted using a NULL encryption key. | ||||
| CVE-2020-26511 | 1 Wpo365 | 1 Wordpress \+ Azure Ad \/ Microsoft Office 365 | 2024-11-21 | 7.5 High |
| The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass. | ||||
| CVE-2020-26509 | 1 Airleader | 3 Airleader Easy, Airleader Master, Airleader Master Control | 2024-11-21 | 7.5 High |
| Airleader Master and Easy <= 6.21 devices have default credentials that can be used for a denial of service. | ||||
| CVE-2020-26507 | 1 Marmind | 1 Marmind | 2024-11-21 | 7.8 High |
| A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into the “Description” field under the “Insert To-Do” option. Other users might download this data, for example a CSV file, and execute the malicious commands on their computer by opening the file using a software such as Microsoft Excel. The attacker could gain remote access to the user’s PC. | ||||
| CVE-2020-26405 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.1 High |
| Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. Affected versions are >=12.8, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2. | ||||
| CVE-2020-26301 | 3 Microsoft, Redhat, Ssh2 Project | 3 Windows, Openshift Container Storage, Ssh2 | 2024-11-21 | 7.5 High |
| ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This is fixed in version 1.4.0. | ||||
| CVE-2020-26297 | 1 Rust-lang | 1 Mdbook | 2024-11-21 | 8.2 High |
| mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdBook before version 0.4.5, there is a vulnerability affecting the search feature of mdBook, which could allow an attacker to execute arbitrary JavaScript code on the page. The search feature of mdBook (introduced in version 0.1.4) was affected by a cross site scripting vulnerability that allowed an attacker to execute arbitrary JavaScript code on an user's browser by tricking the user into typing a malicious search query, or tricking the user into clicking a link to the search page with the malicious search query prefilled. mdBook 0.4.5 fixes the vulnerability by properly escaping the search query. Owners of websites built with mdBook have to upgrade to mdBook 0.4.5 or greater and rebuild their website contents with it. | ||||
| CVE-2020-26296 | 1 Vega Project | 1 Vega | 2024-11-21 | 8.7 High |
| Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Vega in an npm package. In Vega before version 5.17.3 there is an XSS vulnerability in Vega expressions. Through a specially crafted Vega expression, an attacker could execute arbitrary javascript on a victim's machine. This is fixed in version 5.17.3 | ||||
| CVE-2020-26295 | 1 Openmage | 1 Openmage | 2024-11-21 | 8.7 High |
| OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via layout xml. The latest OpenMage Versions up from 19.4.9 and 20.0.5 have this Issue solved | ||||
| CVE-2020-26294 | 1 Target | 1 Compiler | 2024-11-21 | 7.4 High |
| Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. In Vela compiler before version 0.6.1 there is a vulnerability which allows exposure of server configuration. It impacts all users of Vela. An attacker can use Sprig's `env` function to retrieve configuration information, see referenced GHSA for an example. This has been fixed in version 0.6.1. In addition to upgrading, it is recommended to rotate all secrets. | ||||
| CVE-2020-26289 | 2 Date-and-time Project, Redhat | 2 Date-and-time, Openshift Container Storage | 2024-11-21 | 7.5 High |
| date-and-time is an npm package for manipulating date and time. In date-and-time before version 0.14.2, there a regular expression involved in parsing which can be exploited to to cause a denial of service. This is fixed in version 0.14.2. | ||||
| CVE-2020-26288 | 1 Parseplatform | 1 Parse-server | 2024-11-21 | 7.7 High |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. It is an npm package "parse-server". In Parse Server before version 4.5.0, user passwords involved in LDAP authentication are stored in cleartext. This is fixed in version 4.5.0 by stripping password after authentication to prevent cleartext password storage. | ||||
| CVE-2020-26287 | 1 Hedgedoc | 1 Hedgedoc | 2024-11-21 | 8.7 High |
| HedgeDoc is a collaborative platform for writing and sharing markdown. In HedgeDoc before version 1.7.1 an attacker can inject arbitrary `script` tags in HedgeDoc notes using mermaid diagrams. Our content security policy prevents loading scripts from most locations, but `www.google-analytics.com` is allowed. Using Google Tag Manger it is possible to inject arbitrary JavaScript and execute it on page load. Depending on the configuration of the instance, the attacker may not need authentication to create or edit notes. The problem is patched in HedgeDoc 1.7.1. As a workaround one can disallow `www.google-analytics.com` in the `Content-Security-Policy` header. Note that other ways to leverage the `script` tag injection might exist. | ||||
| CVE-2020-26286 | 1 Hedgedoc | 1 Hedgedoc | 2024-11-21 | 7.5 High |
| HedgeDoc is a collaborative platform for writing and sharing markdown. In HedgeDoc before version 1.7.1 an unauthenticated attacker can upload arbitrary files to the upload storage backend including HTML, JS and PHP files. The problem is patched in HedgeDoc 1.7.1. You should however verify that your uploaded file storage only contains files that are allowed, as uploaded files might still be served. As workaround it's possible to block the `/uploadimage` endpoint on your instance using your reverse proxy. And/or restrict MIME-types and file names served from your upload file storage. | ||||
| CVE-2020-26285 | 1 Openmage | 1 Openmage | 2024-11-21 | 8.7 High |
| OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to import/export data and to create widget instances was able to inject an executable file on the server. The latest OpenMage Versions up from 19.4.9 and 20.0.5 have this Issue solved | ||||
| CVE-2020-26284 | 1 Gohugo | 1 Hugo | 2024-11-21 | 7.7 High |
| Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's `os/exec` for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system `%PATH%` on Windows. In Hugo before version 0.79.1, if a malicious file with the same name (`exe` or `bat`) is found in the current working directory at the time of running `hugo`, the malicious command will be invoked instead of the system one. Windows users who run `hugo` inside untrusted Hugo sites are affected. Users should upgrade to Hugo v0.79.1. Other than avoiding untrusted Hugo sites, there is no workaround. | ||||