Search Results (83702 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-17490 2 Debian, Saltstack 2 Debian Linux, Salt 2024-11-21 5.5 Medium
The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.
CVE-2020-17480 1 Tiny 1 Tinymce 2024-11-21 6.1 Medium
TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.
CVE-2020-17476 1 Mibew 1 Messenger 2024-11-21 6.1 Medium
Mibew Messenger before 3.2.7 allows XSS via a crafted user name.
CVE-2020-17465 1 Forgerock 1 Identity Manager 2024-11-21 6.1 Medium
Dashboards and progressiveProfileForms in ForgeRock Identity Manager before 7.0.0 are vulnerable to stored XSS. The vulnerability affects versions 6.5.0.4, 6.0.0.6.
CVE-2020-17458 1 Fabbricadigitale 1 Multiux 2024-11-21 5.4 Medium
A post-authenticated stored XSS was found in MultiUx v.3.1.12.0 via the /multiux/SaveMailbox LastName field.
CVE-2020-17457 1 Fujitsu 1 Serverview Remote Management 2024-11-21 5.4 Medium
Fujitsu ServerView Suite iRMC before 9.62F allows XSS. An authenticated attacker can store an XSS payload in the PSCU_FILE_INIT field of a Save Configuration XML document. The payload is triggered in the HTTP error response pages.
CVE-2020-17456 1 Seowonintech 10 Slc-130, Slc-130 Firmware, Slr-120d42g and 7 more 2024-11-21 9.8 Critical
SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page.
CVE-2020-17454 1 Wso2 1 Api Manager 2024-11-21 6.1 Medium
WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher" component's admin interface. More precisely, it is possible to inject an XSS payload into the owner POST parameter, which does not filter user inputs. By putting an XSS payload in place of a valid Owner Name, a modal box appears that writes an error message concatenated to the injected payload (without any form of data encoding). This can also be exploited via CSRF.
CVE-2020-17453 1 Wso2 8 Api Manager, Api Manager Analytics, Api Microgateway and 5 more 2024-11-21 6.1 Medium
WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.
CVE-2020-17451 1 Flatcore 1 Flatcore 2024-11-21 4.8 Medium
flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_linkname, page_title, page_content, or page_extracontent parameter, or the acp/acp.php?tn=system&sub=sys_pref prefs_pagename, prefs_pagetitle, or prefs_pagesubtitle parameter.
CVE-2020-17450 1 Php-fusion 1 Php-fusion 2024-11-21 6.1 Medium
PHP-Fusion 9.03 allows XSS on the preview page.
CVE-2020-17449 1 Php-fusion 1 Php-fusion 2024-11-21 5.4 Medium
PHP-Fusion 9.03 allows XSS via the error_log file.
CVE-2020-17443 1 Altran 1 Picotcp 2024-11-21 7.5 High
An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming ICMPv6 request packet is shorter than this, the operation that calculates the size of the ICMPv6 echo replies has an integer wrap around, leading to memory corruption and, eventually, Denial-of-Service in pico_icmp6_send_echoreply_not_frag in pico_icmp6.c.
CVE-2020-17438 2 Contiki-os, Uip Project 2 Contiki, Uip 2024-11-21 9.8 Critical
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP header. By crafting a packet with specific values of the IP header length and the fragmentation offset, attackers can write into the .bss section of the program (past the statically allocated buffer that is used for storing the fragmented data) and cause a denial of service in uip_reass() in uip.c, or possibly execute arbitrary code on some target architectures.
CVE-2020-17437 4 Contiki-os, Open-iscsi Project, Siemens and 1 more 21 Contiki, Open-iscsi, Sentron 3va Com100 and 18 more 2024-11-21 8.2 High
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.
CVE-2020-17431 1 Foxitsoftware 1 Foxit Studio Photo 2024-11-21 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11333.
CVE-2020-17430 1 Foxitsoftware 1 Foxit Studio Photo 2024-11-21 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11332.
CVE-2020-17425 1 Foxitsoftware 1 Foxit Studio Photo 2024-11-21 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EPS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11259.
CVE-2020-17424 1 Foxitsoftware 1 Foxit Studio Photo 2024-11-21 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EZI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11247.
CVE-2020-17423 1 Foxitsoftware 1 Foxit Studio Photo 2024-11-21 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ARW files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11196.