Export limit exceeded: 10053 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10053 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7593 | 1 Siemens | 2 Logo\! 8 Bm, Logo\! 8 Bm Firmware | 2024-11-21 | 9.8 Critical |
| A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (V1.81.01 - V1.81.03), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.01), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.02). A buffer overflow vulnerability exists in the Web Server functionality of the device. A remote unauthenticated attacker could send a specially crafted HTTP request to cause a memory corruption, potentially resulting in remote code execution. | ||||
| CVE-2020-7569 | 1 Schneider-electric | 1 Webreports | 2024-11-21 | 8.8 High |
| A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution. | ||||
| CVE-2020-7558 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7557 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7556 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7555 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7554 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7553 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7552 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7551 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7550 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7526 | 1 Apc | 1 Powerchute | 2024-11-21 | 8.8 High |
| Improper Input Validation vulnerability exists in PowerChute Business Edition (software V9.0.x and earlier) which could cause remote code execution when a script is executed during a shutdown event. | ||||
| CVE-2020-7472 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 9.8 Critical |
| An authorization bypass and PHP local-file-include vulnerability in the installation component of SugarCRM before 8.0, 8.0 before 8.0.7, 9.0 before 9.0.4, and 10.0 before 10.0.0 allows for unauthenticated remote code execution against a configured SugarCRM instance via crafted HTTP requests. (This is exploitable even after installation is completed.). | ||||
| CVE-2020-7461 | 2 Freebsd, Siemens | 5 Freebsd, Simatic Rf350m, Simatic Rf350m Firmware and 2 more | 2024-11-21 | 7.3 High |
| In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, dhclient(8) fails to handle certain malformed input related to handling of DHCP option 119 resulting a heap overflow. The heap overflow could in principle be exploited to achieve remote code execution. The affected process runs with reduced privileges in a Capsicum sandbox, limiting the immediate impact of an exploit. | ||||
| CVE-2020-7374 | 1 Documalis | 2 Free Pdf Editor, Free Pdf Scanner | 2024-11-21 | 5.3 Medium |
| Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the user running the Documalis Free PDF Editor or Documalis Free PDF Scanner software. | ||||
| CVE-2020-7246 | 1 Qdpm | 1 Qdpm | 2024-11-21 | 8.8 High |
| A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884. | ||||
| CVE-2020-7237 | 1 Cacti | 1 Cacti | 2024-11-21 | 8.8 High |
| Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product. | ||||
| CVE-2020-7209 | 1 Hp | 1 Linuxki | 2024-11-21 | 9.8 Critical |
| LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2. | ||||
| CVE-2020-7203 | 1 Hp | 1 Ilo Amplifier Pack | 2024-11-21 | 9.8 Critical |
| A potential security vulnerability has been identified in HPE iLO Amplifier Pack server version 1.70. The vulnerability could be exploited to allow remote code execution. | ||||
| CVE-2020-7200 | 1 Hp | 1 Systems Insight Manager | 2024-11-21 | 9.8 Critical |
| A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6. The vulnerability could be exploited to allow remote code execution. | ||||