CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2020-6341 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated EPS file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6342 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2018-19947 The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this information exposure vulnerability could disclose sensitive information. QNAP has already fixed the issu... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6343 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated EPS file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6344 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6345 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TGA file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6346 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6347 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HDR file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2018-19948 The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow attackers to force NAS users to execute unin... | 2.0 | LOW | — | 0 |
| CVE-2020-6348 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6349 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6350 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6351 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6352 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-25282 An issue was discovered on LG mobile devices with Android OS 10 software. The lguicc software (for the LG Universal Integrated Circuit Card) allows attackers to bypass intended access restrictions on ... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-6353 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6354 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6355 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TGA file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6356 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6357 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-25291 GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/pai... | 7.8 | HIGH | — | 0 |
| CVE-2020-6358 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6359 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PLT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6360 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-6361 SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RLE files received from untrusted sources which results in crashing of the application and becoming temporarily unavaila... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-14384 A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple ... | 7.5 | HIGH | — | 0 |
| CVE-2020-9727 A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resu... | 7.8 | HIGH | — | 0 |
| CVE-2020-24074 The decode program in silk-v3-decoder Version:20160922 Build By kn007 does not strictly check data, resulting in a buffer overflow. | 9.8 | CRITICAL | — | 0 |
| CVE-2020-24194 A Cross-site scripting (XSS) vulnerability in 'user-profile.php' in SourceCodester Daily Tracker System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'fullname' parameter... | 6.1 | MEDIUM | — | 0 |
| CVE-2020-24197 A SQL injection vulnerability in the login component in Stock Management System v1.0 allows remote attacker to execute arbitrary SQL commands via the username parameter. | 9.8 | CRITICAL | — | 0 |
| CVE-2020-6311 Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products subledger, version � 100, does not correctly perform necessary authorization checks for an authenti... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-15785 A vulnerability has been identified in Siveillance Video Client (All versions). In environments where Windows NTLM authentication is enabled the affected client application transmits usernames to the ... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-6324 SAP Netweaver AS ABAP(BSP Test Application sbspext_table), version-700,701,720,730,731,740,750,751,752,753,754,755, allows an unauthenticated attacker to send polluted URL to the victim, when the vict... | 6.1 | MEDIUM | — | 0 |
| CVE-2020-1749 A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kern... | 7.5 | HIGH | — | 0 |
| CVE-2020-24195 An Arbitrary File Upload in the Upload Image component in Sourcecodester Online Bike Rental v1.0 allows authenticated administrator to conduct remote code execution. | 9.1 | CRITICAL | — | 0 |
| CVE-2020-24198 A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.' | 6.1 | MEDIUM | — | 0 |
| CVE-2020-24199 Arbitrary File Upload in the Vehicle Image Upload component in Project Worlds Car Rental Management System v1.0 allows attackers to conduct remote code execution. | 9.8 | CRITICAL | — | 0 |
| CVE-2020-0290 In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for ... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-11986 To be able to analyze gradle projects, the build scripts need to be executed. Apache NetBeans follows this pattern. This causes the code of the build script to be invoked at load time of the project. ... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-24566 In Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4.1, if an authenticated user creates a deployment or runbook process using Azure steps and sets the step's execution location to ru... | 7.5 | HIGH | — | 0 |
| CVE-2020-25211 In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctne... | 6.0 | MEDIUM | — | 0 |
| CVE-2020-25212 A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs... | 7.0 | HIGH | — | 0 |
| CVE-2020-15791 A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATI... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-14292 In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection ov... | 5.7 | MEDIUM | — | 0 |
| CVE-2020-2036 A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the fire... | 8.8 | HIGH | — | 0 |
| CVE-2020-2037 An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 ... | 7.2 | HIGH | — | 0 |
| CVE-2020-2038 An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 ... | 7.2 | HIGH | — | 0 |
| CVE-2020-2044 An information exposure through log file vulnerability where an administrator's password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS soft... | 3.3 | LOW | — | 0 |
| CVE-2020-2039 An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not pro... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-2040 A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to t... | 9.8 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.