Export limit exceeded: 346208 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (78831 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-13872 | 2 Microsoft, Royalapps | 2 Windows, Royal Ts | 2024-11-21 | 8.8 High |
| Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel authentication via a brute-force approach. | ||||
| CVE-2020-13871 | 6 Debian, Fedoraproject, Netapp and 3 more | 12 Debian Linux, Fedora, Cloud Backup and 9 more | 2024-11-21 | 7.5 High |
| SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. | ||||
| CVE-2020-13866 | 1 Qbik | 1 Wingate | 2024-11-21 | 7.8 High |
| WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse. | ||||
| CVE-2020-13863 | 1 Mitel | 1 Micollab | 2024-11-21 | 8.1 High |
| The SAS portal of Mitel MiCollab before 9.1.3 could allow an attacker to access user data by performing a header injection in HTTP responses, due to the improper handling of input parameters. A successful exploit could allow an attacker to access user information. | ||||
| CVE-2020-13860 | 1 Mofinetwork | 2 Mofi4500-4gxelte, Mofi4500-4gxelte Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account mofidev generates a predictable six-digit password. | ||||
| CVE-2020-13857 | 1 Mofinetwork | 2 Mofi4500-4gxelte, Mofi4500-4gxelte Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They can be rebooted by sending an unauthenticated poof.cgi HTTP GET request. | ||||
| CVE-2020-13856 | 1 Mofinetwork | 2 Mofi4500-4gxelte, Mofi4500-4gxelte Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. Authentication is not required to download the support file that contains sensitive information such as cleartext credentials and password hashes. | ||||
| CVE-2020-13855 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | 7.2 High |
| Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Repository Manager feature. | ||||
| CVE-2020-13852 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | 7.2 High |
| Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Manager feature. | ||||
| CVE-2020-13851 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | 8.8 High |
| Artica Pandora FMS 7.44 allows remote command execution via the events feature. | ||||
| CVE-2020-13850 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | 7.5 High |
| Artica Pandora FMS 7.44 has inadequate access controls on a web folder. | ||||
| CVE-2020-13849 | 1 Mqtt | 1 Mqtt | 2024-11-21 | 7.5 High |
| The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe. | ||||
| CVE-2020-13848 | 2 Debian, Libupnp Project | 2 Debian Linux, Libupnp | 2024-11-21 | 7.5 High |
| Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c. | ||||
| CVE-2020-13847 | 1 Sylabs | 1 Singularity | 2024-11-21 | 7.5 High |
| Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file. | ||||
| CVE-2020-13846 | 1 Sylabs | 1 Singularity | 2024-11-21 | 7.5 High |
| Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code. | ||||
| CVE-2020-13845 | 1 Sylabs | 1 Singularity | 2024-11-21 | 7.5 High |
| Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptor(s) in the SIF file, rather than to a cryptographically validated signature. | ||||
| CVE-2020-13842 | 2 Google, Lg | 35 Android, Cv1, Cv1s and 32 more | 2024-11-21 | 7.8 High |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). A dangerous AT command was made available even though it is unused. The LG ID is LVE-SMP-200010 (June 2020). | ||||
| CVE-2020-13836 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. HWRResProvider allows path traversal for data exposure. The Samsung ID is SVE-2020-16954 (June 2020). | ||||
| CVE-2020-13834 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (with TEEGRIS) software. Secure Folder does not properly restrict use of Android Debug Bridge (adb) for arbitrary installations. The Samsung ID is SVE-2020-17369 (June 2020). | ||||
| CVE-2020-13830 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| An issue was discovered on Samsung mobile devices with P(9.0) software. One UI HOME logging can leak information. The Samsung ID is SVE-2019-16382 (June 2020). | ||||