Export limit exceeded: 344008 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 24994 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19932 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19932 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-24266 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-11-21 | 7.5 High |
| An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service. | ||||
| CVE-2020-24265 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-11-21 | 7.5 High |
| An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service. | ||||
| CVE-2020-24220 | 1 Shopxo | 1 Shopxo | 2024-11-21 | 8.8 High |
| ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server. | ||||
| CVE-2020-24175 | 1 Yz1 | 1 Yz1 | 2024-11-21 | 7.8 High |
| Buffer overflow in Yz1 0.30 and 0.32, as used in IZArc 4.4, ZipGenius 6.3.2.3116, and Explzh (extension) 8.14, allows attackers to execute arbitrary code via a crafted archive file, related to filename handling. | ||||
| CVE-2020-24133 | 1 Radare | 1 Radare2-extras | 2024-11-21 | 9.8 Critical |
| A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks. | ||||
| CVE-2020-24057 | 1 Verint | 2 S5120fd, S5120fd Firmware | 2024-11-21 | 8.8 High |
| The management website of the Verint S5120FD Verint_FW_0_42 unit features a CGI endpoint ('ipfilter.cgi') that allows the user to manage network filtering on the unit. This endpoint is vulnerable to a command injection. An authenticated attacker can leverage this issue to execute arbitrary commands as 'root'. | ||||
| CVE-2020-24055 | 1 Verint | 4 4320, 4320 Firmware, 5620ptz and 1 more | 2024-11-21 | 9.8 Critical |
| Verint 5620PTZ Verint_FW_0_42 and Verint 4320 V4320_FW_0_23, and V4320_FW_0_31 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666. The service is vulnerable to a stack buffer overflow. It is worth noting that this service does not require any authentication. | ||||
| CVE-2020-24054 | 1 Moog | 4 Exvf5c-2, Exvf5c-2 Firmware, Exvp7c2-3 and 1 more | 2024-11-21 | 9.8 Critical |
| The administration console of the Moog EXO Series EXVF5C-2 and EXVP7C2-3 units features a 'statusbroadcast' command that can spawn a given process repeatedly at a certain time interval as 'root'. One of the limitations of this feature is that it only takes a path to a binary without arguments; however, this can be circumvented using special shell variables, such as '${IFS}'. As a result, an attacker can execute arbitrary commands as 'root' on the units. | ||||
| CVE-2020-24032 | 1 Xorux | 2 Lpar2rrd, Stor2rrd | 2024-11-21 | 9.8 Critical |
| tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone. | ||||
| CVE-2020-24027 | 1 Live555 | 1 Liblivemedia | 2024-11-21 | 9.8 Critical |
| In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time. | ||||
| CVE-2020-23934 | 1 Ritecms | 1 Ritecms | 2024-11-21 | 8.8 High |
| An issue was discovered in RiteCMS 2.2.1. An authenticated user can directly execute system commands by uploading a php web shell in the "Filemanager" section. | ||||
| CVE-2020-23910 | 1 Asn1c Project | 1 Asn1c | 2024-11-21 | 5.5 Medium |
| Stack-based buffer overflow vulnerability in asn1c through v0.9.28 via function genhash_get in genhash.c. | ||||
| CVE-2020-23907 | 1 Avast | 1 Retdec | 2024-11-21 | 9.8 Critical |
| An issue was discovered in retdec v3.3. In function canSplitFunctionOn() of ir_modifications.cpp, there is a possible out of bounds read due to a heap buffer overflow. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. | ||||
| CVE-2020-23904 | 1 Xiph | 1 Speex | 2024-11-21 | 5.5 Medium |
| A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program. | ||||
| CVE-2020-23901 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-11-21 | 5.5 Medium |
| A User Mode Write AV in Editor+0x5d15 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. | ||||
| CVE-2020-23899 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-11-21 | 5.5 Medium |
| A User Mode Write AV in Editor+0x5f91 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. | ||||
| CVE-2020-23898 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-11-21 | 5.5 Medium |
| A User Mode Write AV in Editor+0x5ea2 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. | ||||
| CVE-2020-23897 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-11-21 | 5.5 Medium |
| A User Mode Write AV in Editor!TMethodImplementationIntercept+0x54dcec of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. | ||||
| CVE-2020-23896 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-11-21 | 5.5 Medium |
| A User Mode Write AV in Editor+0x576b of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file. | ||||
| CVE-2020-23895 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-11-21 | 5.5 Medium |
| A User Mode Write AV in Editor+0x76af of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file. | ||||