Export limit exceeded: 86066 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (86066 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-8844 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2024-11-21 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG files within CovertToPDF. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9102.
CVE-2020-8843 1 Istio 1 Istio 2024-11-21 7.4 High
An issue was discovered in Istio 1.3 through 1.3.6. Under certain circumstances, it is possible to bypass a specifically configured Mixer policy. Istio-proxy accepts the x-istio-attributes header at ingress that can be used to affect policy decisions when Mixer policy selectively applies to a source equal to ingress. To exploit this vulnerability, someone has to encode a source.uid in this header. This feature is disabled by default in Istio 1.3 and 1.4.
CVE-2020-8841 1 Testlink 1 Testlink 2024-11-21 8.8 High
An issue was discovered in TestLink 1.9.19. The relation_type parameter of the lib/requirements/reqSearch.php endpoint is vulnerable to authenticated SQL Injection.
CVE-2020-8835 4 Canonical, Fedoraproject, Linux and 1 more 47 Ubuntu Linux, Fedora, Linux Kernel and 44 more 2024-11-21 7.8 High
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)
CVE-2020-8830 1 Commscope 2 Ruckus Zoneflex R500, Ruckus Zoneflex R500 Firmware 2024-11-21 8.8 High
CSRF in login.asp on Ruckus devices allows an attacker to access the panel, and use SSRF to perform scraping or other analysis via the SUBCA-1 field on the Wireless Admin screen.
CVE-2020-8829 1 Intelbras 2 Cip 92200, Cip 92200 Firmware 2024-11-21 8.8 High
CSRF on Intelbras CIP 92200 devices allows an attacker to access the panel and perform scraping or other analysis.
CVE-2020-8828 1 Argoproj 1 Argo Cd 2024-11-21 8.8 High
As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be kept secret and could wind up just about anywhere.
CVE-2020-8827 1 Argoproj 1 Argo Cd 2024-11-21 7.5 High
As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. Attackers can submit an unlimited number of authentication attempts without consequence.
CVE-2020-8826 1 Argoproj 1 Argo Cd 2024-11-21 7.5 High
As of v1.5.0, the Argo web interface authentication system issued immutable tokens. Authentication tokens, once issued, were usable forever without expiration—there was no refresh or forced re-authentication.
CVE-2020-8819 1 Cardgate 1 Cardgate Payments 2024-11-21 8.1 High
An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass the payment process (e.g., spoof an order status by manually sending an IPN callback request with a valid signature but without real payment) and/or receive all of the subsequent payments.
CVE-2020-8818 2 Adobe, Cardgate 2 Magento, Cardgate Payments 2024-11-21 8.1 High
An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass the payment process (e.g., spoof an order status by manually sending an IPN callback request with a valid signature but without real payment) and/or receive all of the subsequent payments.
CVE-2020-8817 1 Dataiku 1 Data Science Studio 2024-11-21 8.1 High
Dataiku DSS before 6.0.5 allows attackers write access to the project to modify the "Created by" metadata.
CVE-2020-8815 1 Iktm 1 Bearftp 2024-11-21 7.5 High
Improper connection handling in the base connection handler in IKTeam BearFTP before v0.3.1 allows a remote attacker to achieve denial of service via a Slowloris approach by sending a large volume of small packets.
CVE-2020-8813 5 Cacti, Debian, Fedoraproject and 2 more 6 Cacti, Debian Linux, Fedora and 3 more 2024-11-21 8.8 High
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
CVE-2020-8810 1 Gurux 1 Device Language Message Specification Director 2024-11-21 8.1 High
An issue was discovered in Gurux GXDLMS Director through 8.5.1905.1301. When downloading OBIS codes, it does not verify that the downloaded files are actual OBIS codes and doesn't check for path traversal. This allows the attacker exploiting CVE-2020-8809 to send executable files and place them in an autorun directory, or to place DLLs inside the existing GXDLMS Director installation (run on next execution of GXDLMS Director). This can be used to achieve code execution even if the user doesn't have any add-ins installed.
CVE-2020-8809 1 Gurux 1 Device Language Message Specification Director 2024-11-21 8.1 High
Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attacker can modify the contents of downloaded files. In the case of add-ins (if the user is using those), this will lead to code execution. In case of OBIS codes (which the user is always using as they are needed to communicate with the energy meters), this can lead to code execution when combined with CVE-2020-8810.
CVE-2020-8808 1 Corsair 1 Icue 2024-11-21 7.8 High
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.
CVE-2020-8806 1 Electriccoin 1 Zcashd 2024-11-21 7.5 High
Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced.
CVE-2020-8801 1 Salesagility 1 Suitecrm 2024-11-21 7.2 High
SuiteCRM through 7.11.11 allows PHAR Deserialization.
CVE-2020-8800 1 Salesagility 1 Suitecrm 2024-11-21 8.8 High
SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.