Export limit exceeded: 77034 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (77034 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-27996 | 1 Smartstore | 1 Smartstorenet | 2024-11-21 | 8.8 High |
| An issue was discovered in SmartStoreNET before 4.0.1. It does not properly consider the need for a CustomModelPartAttribute decoration in certain ModelBase.CustomProperties situations. | ||||
| CVE-2020-27992 | 1 Wondershare | 1 Dr.fone | 2024-11-21 | 7.8 High |
| Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILES(X86)%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users. | ||||
| CVE-2020-27986 | 1 Sonarsource | 1 Sonarqube | 2024-11-21 | 7.5 High |
| SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it. | ||||
| CVE-2020-27985 | 1 Securityonionsolutions | 1 Security Onion | 2024-11-21 | 7.8 High |
| Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home/<user>/SecurityOnion/setup/so-setup. | ||||
| CVE-2020-27978 | 1 Shibboleth | 1 Identity Provider | 2024-11-21 | 7.5 High |
| Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session. | ||||
| CVE-2020-27977 | 1 Capasystems | 1 Capainstaller | 2024-11-21 | 7.8 High |
| CapaSystems CapaInstaller before 6.0.101 does not properly assign, modify, or check privileges for an actor who attempts to edit registry values, allowing an attacker to escalate privileges. | ||||
| CVE-2020-27975 | 1 Oscommerce | 1 Oscommerce | 2024-11-21 | 8.8 High |
| osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF. | ||||
| CVE-2020-27969 | 1 Yandex | 1 Yandex Browser | 2024-11-21 | 7.3 High |
| Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing | ||||
| CVE-2020-27952 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.8 High |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted font file may lead to arbitrary code execution. | ||||
| CVE-2020-27951 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2024-11-21 | 7.8 High |
| This issue was addressed with improved checks. This issue is fixed in watchOS 6.3, iOS 12.5, iOS 14.3 and iPadOS 14.3, watchOS 7.2. Unauthorized code execution may lead to an authentication policy violation. | ||||
| CVE-2020-27948 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 7.8 High |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted audio file may lead to arbitrary code execution. | ||||
| CVE-2020-27947 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.8 High |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2020-27945 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.8 High |
| An integer overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.0.1. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2020-27944 | 1 Apple | 5 Ipad Os, Iphone Os, Macos and 2 more | 2024-11-21 | 7.8 High |
| A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution. | ||||
| CVE-2020-27943 | 1 Apple | 5 Ipad Os, Iphone Os, Macos and 2 more | 2024-11-21 | 7.8 High |
| A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in tvOS 14.3, iOS 14.3 and iPadOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.2. Processing a maliciously crafted font file may lead to arbitrary code execution. | ||||
| CVE-2020-27942 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.8 High |
| A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Processing a maliciously crafted font file may lead to arbitrary code execution. | ||||
| CVE-2020-27941 | 1 Apple | 1 Macos | 2024-11-21 | 7.8 High |
| A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2020-27939 | 1 Apple | 1 Macos | 2024-11-21 | 7.8 High |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
| CVE-2020-27938 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.8 High |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to elevate privileges. | ||||
| CVE-2020-27936 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.1 High |
| An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A local user may be able to cause unexpected system termination or read kernel memory. | ||||