Export limit exceeded: 85954 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (85954 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-6652 | 1 Eaton | 1 Intelligent Power Manager | 2024-11-21 | 7.8 High |
| Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests. This can result in non-admin users manipulating the system configurations via uploading the configurations with incorrect parameters. | ||||
| CVE-2020-6651 | 1 Eaton | 1 Intelligent Power Manager | 2024-11-21 | 8.8 High |
| Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application. | ||||
| CVE-2020-6650 | 1 Eaton | 1 Ups Companion | 2024-11-21 | 8.3 High |
| UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates available. This results in arbitrary code execution on the machine where software is installed. | ||||
| CVE-2020-6644 | 1 Fortinet | 1 Fortideceptor | 2024-11-21 | 8.1 High |
| An insufficient session expiration vulnerability in FortiDeceptor 3.0.0 and below allows an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID via other, hypothetical attacks. | ||||
| CVE-2020-6638 | 1 Grin | 1 Grin | 2024-11-21 | 7.5 High |
| Grin through 2.1.1 has Insufficient Validation. | ||||
| CVE-2020-6628 | 1 Libming | 1 Libming | 2024-11-21 | 8.8 High |
| Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c. | ||||
| CVE-2020-6625 | 1 Jhead Project | 1 Jhead | 2024-11-21 | 7.1 High |
| jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c. | ||||
| CVE-2020-6624 | 1 Jhead Project | 1 Jhead | 2024-11-21 | 7.1 High |
| jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c. | ||||
| CVE-2020-6623 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 8.8 High |
| stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index. | ||||
| CVE-2020-6622 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 8.8 High |
| stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8. | ||||
| CVE-2020-6621 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 8.8 High |
| stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT. | ||||
| CVE-2020-6620 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 8.8 High |
| stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8. | ||||
| CVE-2020-6619 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 8.8 High |
| stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek. | ||||
| CVE-2020-6618 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 8.8 High |
| stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__find_table. | ||||
| CVE-2020-6617 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 8.8 High |
| stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int. | ||||
| CVE-2020-6614 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 8.1 High |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c. | ||||
| CVE-2020-6613 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 8.1 High |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c. | ||||
| CVE-2020-6612 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 8.1 High |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c. | ||||
| CVE-2020-6609 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 8.8 High |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c. | ||||
| CVE-2020-6590 | 1 Forcepoint | 3 Data Loss Prevention, Email Security, Web Security Content Gateway | 2024-11-21 | 7.5 High |
| Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosure. | ||||