CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2020-14095 In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-14094 In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-13484 Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta na... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-14080 Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, ... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-6981 In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system without proper authentication. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-12640 Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-6991 In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-11656 In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-7007 In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-7475 A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-11790 NETGEAR R7800 devices before 1.0.2.68 are affected by remote code execution by unauthenticated attackers. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-8986 lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta failed to properly check for equality when validating the session cookie, allowing an attacker to gain administrative access with a large number of re... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-5594 Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules all versions contain a vulnerability that allows cleartext transmission of sensitive information between CPU modules and GX Works... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-10285 The authentication implementation on the xArm controller has very low entropy, making it vulnerable to a brute-force attack. There is no mechanism in place to mitigate or lockout automated attempts to... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-14073 Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when processing large data or non-standard feedback messages in Sn... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3615 Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to improper enum values used to check the frame subtype in Snapdr... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-7717 All versions of package dot-notes are vulnerable to Prototype Pollution via the create function. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-14062 Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon I... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-5553 mailform version 1.04 allows remote attackers to execute arbitrary PHP code via unspecified vectors. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-5556 Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-14938 An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size ver... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-11789 Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700 before 1.0.2.8, R6700v3 before 1.0.4.84, R6900 before 1.0.2.8, and... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-20545 An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software. A buffer overflow in the HDCP Trustlet affects secure TEEGRIS memory. The Samsung ID is SVE-2019-15... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-5560 WL-Enq 1.11 and 1.12 allows remote attackers to execute arbitrary OS commands with the administrative privilege via unspecified vectors. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-5561 Keijiban Tsumiki v1.15 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-10789 openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell metacharacters that are mishandled on an su command line in app/Lib/SudoMessageInte... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-20679 NETGEAR MR1100 devices before 12.06.08.00 are affected by lack of access control at the function level. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-14942 Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-20544 An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software. There is an out-of-bounds write in the ICCC Trustlet. The Samsung ID is SVE-2019-15274 (November 20... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-1957 Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3792 Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free v... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-11729 An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-forc... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3793 Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free v... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3795 Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds w... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3797 Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a memory corruptio... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3799 Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a stack-based buff... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-14932 compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3633 Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Sn... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3641 Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-12017 GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. The deviceβs vulnerability in the web application could allow multiple unauthenticated attacks that c... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-4193 IBM Security Guardium 11.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 174857. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-13159 Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclient_mac, Hostname, or Alias field. NOTE: this may overlap CVE-2020-10818. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-7136 A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vuln... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-18920 An issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the Same Origin Policy. | 9.8 | CRITICAL | β | 0 |
| CVE-2017-18915 An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. After a restart of a server, an attacker might suddenly gain API Endpoint access. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-10850 An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code e... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-18908 An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset request was sometime sent to an attacker-provided e-mail address. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-7115 The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful bypass an attacker could then execute an exploit that would allow to remo... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-10849 An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos7885, Exynos8895, and Exynos9810 chipsets) software. The Gatekeeper trustlet allows a brute-force attack on th... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-11064 An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.