Search Results (363397 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-36379 1 Aaptjs Project 1 Aaptjs 2024-11-21 9.8 Critical
An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
CVE-2020-36378 1 Aaptjs Project 1 Aaptjs 2024-11-21 9.8 Critical
An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
CVE-2020-36377 1 Aaptjs Project 1 Aaptjs 2024-11-21 9.8 Critical
An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
CVE-2020-36376 1 Aaptjs Project 1 Aaptjs 2024-11-21 9.8 Critical
An issue was discovered in the list function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
CVE-2020-36375 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
Stack overflow vulnerability in parse_equality Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2020-36374 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
Stack overflow vulnerability in parse_comparison Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2020-36373 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
Stack overflow vulnerability in parse_shifts Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2020-36372 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
Stack overflow vulnerability in parse_plus_minus Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2020-36371 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
Stack overflow vulnerability in parse_mul_div_rem Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2020-36370 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
Stack overflow vulnerability in parse_unary Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2020-36369 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
Stack overflow vulnerability in parse_statement_list Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2020-36368 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
Stack overflow vulnerability in parse_statement Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2020-36367 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
Stack overflow vulnerability in parse_block Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2020-36366 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
Stack overflow vulnerability in parse_value Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2020-36365 1 Smartstore 1 Smartstorenet 2024-11-21 6.1 Medium
Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonController.ClearCache, ClearDatabaseCache, RestartApplication, and ScheduleTaskController.Edit open redirect.
CVE-2020-36364 1 Smartstore 1 Smartstorenet 2024-11-21 9.1 Critical
An issue was discovered in Smartstore (aka SmartStoreNET) before 4.1.0. Administration/Controllers/ImportController.cs allows path traversal (for copy and delete actions) in the ImportController.Create method via a TempFileName field.
CVE-2020-36363 1 Amazon 1 Amazon Cloudfront 2024-11-21 9.8 Critical
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers.
CVE-2020-36334 1 Themegrill 1 Themegrill Demo Importer 2024-11-21 8.8 High
themegrill-demo-importer before 1.6.3 allows CSRF, as demonstrated by wiping the database.
CVE-2020-36333 1 Themegrill 1 Themegrill Demo Importer 2024-11-21 9.1 Critical
themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a reset_wizard_actions hook.
CVE-2020-36332 4 Debian, Netapp, Redhat and 1 more 4 Debian Linux, Ontap Select Deploy Administration Utility, Enterprise Linux and 1 more 2024-11-21 7.5 High
A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.