Export limit exceeded: 77016 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (77016 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-27213 | 1 Ethernut | 1 Nut\/os | 2024-11-21 | 7.5 High |
| An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. While the ISN generator seems to adhere to RFC 793 (where a global 32-bit counter is incremented roughly every 4 microseconds), proper ISN generation should aim to follow at least the specifications outlined in RFC 6528. | ||||
| CVE-2020-27212 | 1 St | 95 Stm32cubel4 Firmware, Stm32l412c8, Stm32l412cb and 92 more | 2024-11-21 | 7.0 High |
| STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase. | ||||
| CVE-2020-27209 | 1 Micro-ecc Project | 1 Micro-ecc | 2024-11-21 | 7.5 High |
| The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simple power analysis attacks which allows an adversary to extract the private ECC key. | ||||
| CVE-2020-27207 | 1 Zetetic | 1 Sqlcipher | 2024-11-21 | 7.5 High |
| Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlcipher_codec_pragma and sqlite3Strlen30 in sqlite3.c. A remote denial of service attack can be performed. For example, a SQL injection can be used to execute the crafted SQL command sequence. After that, some unexpected RAM data is read. | ||||
| CVE-2020-27199 | 1 Magic Home Pro Project | 1 Magic Home Pro | 2024-11-21 | 7.5 High |
| The Magic Home Pro application 1.5.1 for Android allows Authentication Bypass. The security control that the application currently has in place is a simple Username and Password authentication function. Using enumeration, an attacker is able to forge a User specific token without the need for correct password to gain access to the mobile application as that victim user. | ||||
| CVE-2020-27196 | 1 Lightbend | 1 Play Framework | 2024-11-21 | 7.5 High |
| An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON payloads) causes a StackOverflowError and Denial of Service. | ||||
| CVE-2020-27192 | 1 Binarynights | 1 Forklift | 2024-11-21 | 7.8 High |
| BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool. | ||||
| CVE-2020-27191 | 1 Lionwiki | 1 Lionwiki | 2024-11-21 | 7.5 High |
| LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2020-27187 | 1 Kde | 1 Partition Manager | 2024-11-21 | 7.8 High |
| An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related commands, while KDE Partition Manager is running. the mount command can then be used to gain full root privileges. | ||||
| CVE-2020-27185 | 1 Moxa | 6 Nport Ia5150a, Nport Ia5150a Firmware, Nport Ia5250a and 3 more | 2024-11-21 | 7.5 High |
| Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable attackers to read authentication data, device configuration, and other sensitive data transmitted over Moxa Service. | ||||
| CVE-2020-27180 | 1 Konzept-ix | 1 Publixone | 2024-11-21 | 7.5 High |
| konzept-ix publiXone before 2020.015 allows attackers to download files by iterating over the IXCopy fileID parameter. | ||||
| CVE-2020-27178 | 1 Apereo | 1 Central Authentication Service | 2024-11-21 | 7.5 High |
| Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication. | ||||
| CVE-2020-27176 | 1 Marktext | 1 Marktext | 2024-11-21 | 8.3 High |
| Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote Code Execution. NOTE: this might be considered a duplicate of CVE-2020-26870; however, it can also be considered an issue in the design of the "source code mode" feature, which parses HTML even though HTML support is not one of the primary advertised roles of the product. | ||||
| CVE-2020-27174 | 1 Amazon | 1 Firecracker | 2024-11-21 | 7.5 High |
| In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host. | ||||
| CVE-2020-27173 | 1 Vm-superio Project | 1 Vm-superio | 2024-11-21 | 7.5 High |
| In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source (i.e., standard input). This behavior cannot be reproduced from the guest side. When no rate limiting is in place, the host can be subject to memory pressure, impacting all other VMs running on the same host. | ||||
| CVE-2020-27157 | 1 Veritas | 1 Aptare | 2024-11-21 | 8.1 High |
| Veritas APTARE versions prior to 10.5 included code that bypassed the normal login process when specific authentication credentials were provided to the server. An unauthenticated user could login to the application and gain access to the data and functionality accessible to the targeted user account. | ||||
| CVE-2020-27155 | 1 Octopus | 1 Octopus Deploy | 2024-11-21 | 7.5 High |
| An issue was discovered in Octopus Deploy through 2020.4.4. If enabled, the websocket endpoint may allow an untrusted tentacle host to present itself as a trusted one. | ||||
| CVE-2020-27154 | 1 Mitel | 1 Businesscti Enterprise | 2024-11-21 | 8.8 High |
| The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.11 and 7.x before 7.0.3 could allow an attacker to gain access to user information by sending arbitrary code, due to improper input validation. A successful exploit could allow an attacker to view the user information and application data. | ||||
| CVE-2020-27153 | 4 Bluez, Debian, Opensuse and 1 more | 4 Bluez, Debian Linux, Leap and 1 more | 2024-11-21 | 8.6 High |
| In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event. | ||||
| CVE-2020-27151 | 1 Katacontainers | 1 Kata Containers | 2024-11-21 | 8.8 High |
| An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1. The runtime will execute binaries given using annotations without any kind of validation. Someone who is granted access rights to a cluster will be able to have kata-runtime execute arbitrary binaries as root on the worker nodes. | ||||