Search Results (83802 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-24355 1 Zyxel 2 Vmg5313-b30b, Vmg5313-b30b Firmware 2024-11-21 9.8 Critical
Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by insecure permissions which allows regular and other users to create new users with elevated privileges. This is done by changing "FirstIndex" field in JSON that is POST-ed during account creation. Similar may also be possible with account deletion.
CVE-2020-24354 1 Zyxel 2 Vmg5313-b30b, Vmg5313-b30b Firmware 2024-11-21 8.8 High
Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by shell injection.
CVE-2020-24353 1 Pega 1 Pega Platform 2024-11-21 6.1 Medium
Pega Platform before 8.4.0 has a XSS issue via stream rule parameters used in the request header.
CVE-2020-24352 1 Qemu 1 Qemu 2024-11-21 5.5 Medium
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
CVE-2020-24345 1 Jerryscript 1 Jerryscript 2024-11-21 7.8 High
JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a). NOTE: the vendor states that the problem is the lack of the --stack-limit option
CVE-2020-24338 1 Altran 1 Picotcp 2024-11-21 9.8 Critical
An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet, causing out-of-bounds writes that lead to Denial-of-Service and Remote Code Execution.
CVE-2020-24316 1 Admin Menu Project 1 Admin Menu 2024-11-21 6.1 Medium
WP Plugin Rednumber Admin Menu v1.1 and lower does not sanitize the value of the "role" GET parameter before echoing it back out to the user. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL.
CVE-2020-24314 1 Rss Feed Widget Project 1 Rss Feed Widget 2024-11-21 6.1 Medium
Fahad Mahmood RSS Feed Widget Plugin v2.7.9 and lower does not sanitize the value of the "t" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL.
CVE-2020-24313 1 Etoilewebdesign 1 Ultimate Appointment Booking \& Scheduling 2024-11-21 6.1 Medium
Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin v1.1.9 and lower does not sanitize the value of the "Appointment_ID" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL.
CVE-2020-24303 2 Grafana, Redhat 2 Grafana, Enterprise Linux 2024-11-21 6.1 Medium
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
CVE-2020-24301 1 Hapifhir 1 Testpage Overlay 2024-11-21 6.1 Medium
Users of the HAPI FHIR Testpage Overlay 5.0.0 and below can use a specially crafted URL to exploit an XSS vulnerability in this module, allowing arbitrary JavaScript to be executed in the user's browser. The impact of this vulnerability is believed to be low, as this module is intended for testing and not believed to be widely used for any production purposes.
CVE-2020-24297 1 Tp-link 2 Tl-wpa4220, Tl-wpa4220 Firmware 2024-11-21 8.8 High
httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Fixed version: TL-WPA4220(EU)_V4_201023
CVE-2020-24275 1 Swoole 1 Swoole 2024-11-21 6.5 Medium
A HTTP response header injection vulnerability in Swoole v4.5.2 allows attackers to execute arbitrary code via supplying a crafted URL.
CVE-2020-24266 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 7.5 High
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
CVE-2020-24265 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 7.5 High
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
CVE-2020-24263 1 Portainer 1 Portainer 2024-11-21 8.8 High
Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYS_MODULE, which can be used to take over the Docker host.
CVE-2020-24223 1 Mara Cms Project 1 Mara Cms 2024-11-21 6.1 Medium
Mara CMS 7.5 allows cross-site scripting (XSS) in contact.php via the theme or pagetheme parameters.
CVE-2020-24220 1 Shopxo 1 Shopxo 2024-11-21 8.8 High
ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server.
CVE-2020-24218 1 Szuray 95 Iptv\/h.264 Video Encoder Firmware, Iptv\/h.265 Video Encoder Firmware, Uaioe264-1u and 92 more 2024-11-21 9.8 Critical
An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can log in as root via the password that is hard-coded in the executable file.
CVE-2020-24215 3 Jtechdigital, Provideoinstruments, Szuray 105 H.264 Iptv Encoder 1080p\@60hz, H.264 Iptv Encoder 1080p\@60hz Firmware, Vecaster-4k-hevc and 102 more 2024-11-21 9.8 Critical
An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration (with the cleartext admin password), and uploading a custom firmware update, to ultimately achieve arbitrary code execution.