CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (349719 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2020-19670	1 Niushop	1 Niushop	2024-11-21	4.9 Medium
In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords.
CVE-2020-19669	1 Eyoucms	1 Eyoucms	2024-11-21	8.8 High
Cross Site Request Forgery (CSRF) vulnerability exists in Eyoucms 1.3.6 that can add an admin account via /login.php?m=admin&c=Admin&a=admin_add&lang=cn.
CVE-2020-19667	2 Debian, Imagemagick	2 Debian Linux, Imagemagick	2024-11-21	7.8 High
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
CVE-2020-19664	1 Draytek	2 Vigor2960, Vigor2960 Firmware	2024-11-21	8.8 High
DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi.
CVE-2020-19643	1 Insma	2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware	2024-11-21	6.1 Medium
Cross Site Scripting (XSS) vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B via all fields in the FTP settings page to the "goform/formSetFtpCfg" settings page.
CVE-2020-19642	1 Insma	2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware	2024-11-21	6.2 Medium
An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. A local attacker can execute arbitrary code via editing the 'recdata.db' file to call a specially crafted GoAhead ASP-file on the SD card.
CVE-2020-19641	1 Insma	2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware	2024-11-21	8.8 High
An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. Authenticated attackers with the "Operator" Privilege can gain admin privileges via a crafted request to '/goform/formUserMng'.
CVE-2020-19640	1 Insma	2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware	2024-11-21	7.5 High
An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. An unauthenticated attacker can reboot the device causing a Denial of Service, via a hidden reboot command to '/media/?action=cmd'.
CVE-2020-19639	1 Insma	2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware	2024-11-21	8.8 High
Cross Site Request Forgery (CSRF) vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B, via all fields to WebUI.
CVE-2020-19626	1 Craftcms	1 Craft Cms	2024-11-21	5.4 Medium
Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new.
CVE-2020-19625	1 Gridx Project	1 Gridx	2024-11-21	9.8 Critical
Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter.
CVE-2020-19619	1 Mblog Project	1 Mblog	2024-11-21	5.4 Medium
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signature field to /settings/profile.
CVE-2020-19618	1 Mblog Project	1 Mblog	2024-11-21	5.4 Medium
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post content field to /post/editing.
CVE-2020-19617	1 Mblog Project	1 Mblog	2024-11-21	5.4 Medium
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname field to /settings/profile.
CVE-2020-19616	1 Mblog Project	1 Mblog	2024-11-21	5.4 Medium
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post header field to /post/editing.
CVE-2020-19613	1 Flycms Project	1 Flycms	2024-11-21	7.5 High
Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in sunkaifei FlyCMS version 20190503.
CVE-2020-19611	1 Racktables Project	1 Racktables	2024-11-21	6.1 Medium
Cross Site Scripting (XSS) in redirect module of Racktables version 0.21.2, allows an attacker to inject arbitrary web script or HTML via the op parameter.
CVE-2020-19609	2 Artifex, Debian	2 Mupdf, Debian Linux	2024-11-21	5.5 Medium
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
CVE-2020-19596	1 Coreftp	1 Core Ftp	2024-11-21	9.8 Critical
Buffer overflow vulnerability in Core FTP Server v1.2 Build 583, via a crafted username.
CVE-2020-19595	1 Coreftp	1 Core Ftp	2024-11-21	7.5 High
Buffer overflow vulnerability in Core FTP Server v2 Build 697, via a crafted username.

« first previous Page 14455 of 17486. next last »