Search Results (83753 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-19586 1 Yellowfinbi 1 Business Intelligence 2024-11-21 9.0 Critical
Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.
CVE-2020-19554 1 Manageengine 1 Opmanager 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) vulnerability exists in ManageEngine OPManager <=12.5.174 when the API key contains an XML-based XSS payload.
CVE-2020-19553 1 Wuzhicms 1 Wuzhicms 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and including 4.1.0 in the config function in coreframe/app/attachment/libs/class/ckditor.class.php.
CVE-2020-19527 1 Idreamsoft 1 Icms 2024-11-21 9.8 Critical
iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.
CVE-2020-19515 1 Qdpm 1 Qdpm 2024-11-21 6.1 Medium
qdPM V9.1 is vulnerable to Cross Site Scripting (XSS) via qdPM\install\modules\database_config.php.
CVE-2020-19511 1 Typesettercms 1 Typesetter 2024-11-21 6.1 Medium
Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes,
CVE-2020-19491 1 Sam2p Project 1 Sam2p 2024-11-21 7.8 High
There is an invalid memory access bug in cgif.c that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
CVE-2020-19475 1 Flowpaper 1 Pdf2json 2024-11-21 5.5 Medium
An issue has been found in function CCITTFaxStream::lookChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 2 .
CVE-2020-19473 1 Flowpaper 1 Pdf2json 2024-11-21 5.5 Medium
An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an uncaught floating point exception.
CVE-2020-19469 1 Flowpaper 1 Pdf2json 2024-11-21 5.5 Medium
An issue has been found in function DCTStream::reset in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 8 .
CVE-2020-19464 1 Flowpaper 1 Pdf2json 2024-11-21 5.5 Medium
An issue has been found in function XRef::fetch in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a stack overflow .
CVE-2020-19463 1 Flowpaper 1 Pdf2json 2024-11-21 5.5 Medium
An issue has been found in function vfprintf in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a stack overflow.
CVE-2020-19362 1 Vtiger 1 Vtiger Crm 2024-11-21 6.1 Medium
Reflected XSS in Vtiger CRM v7.2.0 in vtigercrm/index.php? through the view parameter can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page.
CVE-2020-19361 1 Medintux 1 Medintux 2024-11-21 6.1 Medium
Reflected XSS in Medintux v2.16.000 CCAM.php by manipulating the mot1 parameter can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page.
CVE-2020-19323 2 D-link, Dlink 3 Dir-619l, Dir-619l, Dir-619l Firmware 2024-11-21 7.5 High
An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No authentication required
CVE-2020-19318 2 D-link, Dlink 3 Dir-605l, Dir-605l, Dir-605l Firmware 2024-11-21 8.8 High
Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.
CVE-2020-19316 2 Laravel, Microsoft 2 Framework, Windows 2024-11-21 8.8 High
OS Command injection vulnerability in function link in Filesystem.php in Laravel Framework before 5.8.17.
CVE-2020-19295 1 Jeesns 1 Jeesns 2024-11-21 6.1 Medium
A reflected cross-site scripting (XSS) vulnerability in the /weibo/topic component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-19294 1 Jeesns 1 Jeesns 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comments section.
CVE-2020-19293 1 Jeesns 1 Jeesns 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article.