Export limit exceeded: 34886 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (34886 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-28576 | 1 Trendmicro | 2 Apex One, Officescan | 2024-11-21 | 5.3 Medium |
| An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information. | ||||
| CVE-2020-28573 | 1 Trendmicro | 2 Apex One, Officescan | 2024-11-21 | 5.3 Medium |
| An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server. | ||||
| CVE-2020-28572 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2024-11-21 | 7.8 High |
| A vulnerability in Trend Micro Apex One could allow an unprivileged user to abuse the product installer to reinstall the agent with additional malicious code in the context of a higher privilege. | ||||
| CVE-2020-28499 | 1 Merge Project | 1 Merge | 2024-11-21 | 7.3 High |
| All versions of package merge are vulnerable to Prototype Pollution via _recursiveMerge . | ||||
| CVE-2020-28479 | 1 Jointjs | 1 Jointjs | 2024-11-21 | 5.9 Medium |
| The package jointjs before 3.3.0 are vulnerable to Denial of Service (DoS) via the unsetByPath function. | ||||
| CVE-2020-28478 | 1 Greensock | 1 Greensock Animation Platform | 2024-11-21 | 7.5 High |
| This affects the package gsap before 3.6.0. | ||||
| CVE-2020-28477 | 2 Immer Project, Redhat | 2 Immer, Rhev Manager | 2024-11-21 | 7.5 High |
| This affects all versions of package immer. | ||||
| CVE-2020-28472 | 1 Amazon | 2 Aws Sdk For Javascipt, Aws Shared Configuration File Loader | 2024-11-21 | 7.3 High |
| This affects the package @aws-sdk/shared-ini-file-loader before 1.0.0-rc.9; the package aws-sdk before 2.814.0. If an attacker submits a malicious INI file to an application that parses it with loadSharedConfigFiles , they will pollute the prototype on the application. This can be exploited further depending on the context. | ||||
| CVE-2020-28421 | 2 Broadcom, Microsoft | 2 Unified Infrastructure Management, Windows | 2024-11-21 | 7.8 High |
| CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges. | ||||
| CVE-2020-28419 | 1 Hp | 1503 Laserjet Managed Mfp E62665 3gy14a, Laserjet Managed Mfp E62665 3gy15a, Laserjet Managed Mfp E62665 3gy16a and 1500 more | 2024-11-21 | 8.8 High |
| During installation with certain driver software or application packages an arbitrary code execution could occur. | ||||
| CVE-2020-28416 | 1 Hp | 310 Officejet 250 Cz992a, Officejet 250 Cz992a Firmware, Officejet 250c L9d57a and 307 more | 2024-11-21 | 7.8 High |
| HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution. | ||||
| CVE-2020-28340 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via Secure Folder. The Samsung ID is SVE-2020-18546 (November 2020). | ||||
| CVE-2020-28281 | 1 Set-object-value Project | 1 Set-object-value | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 through 0.0.5 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28280 | 1 Predefine Project | 1 Predefine | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'predefine' versions 0.0.0 through 0.1.2 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28279 | 1 Flattenizer Project | 1 Flattenizer | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'flattenizer' versions 0.0.5 through 1.0.5 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28278 | 1 Shvl Project | 1 Shvl | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'shvl' versions 1.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28277 | 1 Dset Project | 1 Dset | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'dset' versions 1.0.0 through 2.0.1 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28276 | 1 Deep-set Project | 1 Deep-set | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'deep-set' versions 1.0.0 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28274 | 1 Deepref Project | 1 Deepref | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'deepref' versions 1.1.1 through 1.2.1 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2020-28273 | 1 Set-in Project | 1 Set-in | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution. | ||||