Export limit exceeded: 345235 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 34884 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (34884 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-15580 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) by enrolling a new lock password. The Samsung ID is SVE-2020-17328 (July 2020). | ||||
| CVE-2020-15579 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via the KNOX API. The Samsung ID is SVE-2020-17318 (July 2020). | ||||
| CVE-2020-15577 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Cameralyzer allows attackers to write files to the SD card. The Samsung ID is SVE-2020-16830 (July 2020). | ||||
| CVE-2020-15576 | 1 Solarwinds | 1 Serv-u | 2024-11-21 | 7.5 High |
| SolarWinds Serv-U File Server before 15.2.1 allows information disclosure via an HTTP response. | ||||
| CVE-2020-15574 | 1 Solarwinds | 1 Serv-u | 2024-11-21 | 7.5 High |
| SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893. | ||||
| CVE-2020-15542 | 1 Solarwinds | 1 Serv-u Ftp Server | 2024-11-21 | 9.8 Critical |
| SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command. | ||||
| CVE-2020-15541 | 1 Solarwinds | 1 Serv-u Ftp Server | 2024-11-21 | 9.8 Critical |
| SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution. | ||||
| CVE-2020-15525 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.3 Medium |
| GitLab EE 11.3 through 13.1.2 has Incorrect Access Control because of the Maven package upload endpoint. | ||||
| CVE-2020-15515 | 1 Turn\! Project | 1 Turn\! | 2024-11-21 | 8.8 High |
| The turn extension through 0.3.2 for TYPO3 allows Remote Code Execution. | ||||
| CVE-2020-15511 | 1 Hashicorp | 1 Terraform Enterprise | 2024-11-21 | 5.3 Medium |
| HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in v202007-1. | ||||
| CVE-2020-15507 | 1 Mobileiron | 5 Cloud, Core, Enterprise Connector and 2 more | 2024-11-21 | 7.5 High |
| An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors. | ||||
| CVE-2020-15506 | 1 Mobileiron | 5 Cloud, Core, Enterprise Connector and 2 more | 2024-11-21 | 9.8 Critical |
| An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors. | ||||
| CVE-2020-15501 | 1 Smarter | 1 Smarter Coffee Maker 1st Generation | 2024-11-21 | 6.5 Medium |
| Smarter Coffee Maker before 2nd generation allows firmware replacement without authentication or authorization. User interaction is required to press a button. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-15495 | 1 Acronis | 1 True Image | 2024-11-21 | 7.8 High |
| Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration. | ||||
| CVE-2020-15486 | 1 Drtrust | 2 Electrocardiogram Pen, Electrocardiogram Pen Firmware | 2024-11-21 | 6.5 Medium |
| An issue was discovered on Dr Trust ECG Pen 2.00.08 devices. Because the Bluetooth LE support is implemented without a requirement for pairing or security, any attacker can access the GATT server of the device and can sniff the data being broadcasted while a measurement is being done. Also, saved data can also be extracted over a Bluetooth connection. In addition, an attacker can launch a man-in-the-middle attack against data integrity. | ||||
| CVE-2020-15481 | 1 Passmark | 3 Burnintest, Osforensics, Performancetest | 2024-11-21 | 7.8 High |
| An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSForensics v7.1 Build 1012, and PerformanceTest v10.0 Build 1008. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling process. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys drivers. This issue is fixed in BurnInTest v9.2, PerformanceTest v10.0 Build 1009, OSForensics v8.0. | ||||
| CVE-2020-15480 | 1 Passmark | 3 Burnintest, Osforensics, Performancetest | 2024-11-21 | 8.8 High |
| An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The kernel driver exposes IOCTL functionality that allows low-privilege users to read and write to arbitrary Model Specific Registers (MSRs). This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys. | ||||
| CVE-2020-15411 | 1 Misp | 1 Misp | 2024-11-21 | 9.8 Critical |
| An issue was discovered in MISP 2.4.128. app/Controller/AttributesController.php has insufficient ACL checks in the attachment downloader. | ||||
| CVE-2020-15408 | 1 Pulsesecure | 2 Pulse Connect Secure, Pulse Secure Desktop Client | 2024-11-21 | 3.7 Low |
| An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite. | ||||
| CVE-2020-15388 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | 6.5 Medium |
| A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. | ||||