Export limit exceeded: 339569 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 76375 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76375 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-13110 | 1 Kerberos Project | 1 Kerberos | 2024-11-21 | 7.8 High |
| The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search. | ||||
| CVE-2020-13101 | 1 Oasis-open | 1 Oasis Digital Signature Services | 2024-11-21 | 7.5 High |
| In OASIS Digital Signature Services (DSS) 1.0, an attacker can control the validation outcome (i.e., trigger either a valid or invalid outcome for a valid or invalid signature) via a crafted XML signature, when the InlineXML option is used. This defeats the expectation of non-repudiation. | ||||
| CVE-2020-13100 | 1 Arista | 1 Cloudvision Exchange | 2024-11-21 | 7.5 High |
| Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (crash and restart) in the ControllerOob agent via a malformed control-plane packet. | ||||
| CVE-2020-13095 | 1 Obdev | 1 Little Snitch | 2024-11-21 | 8.8 High |
| Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root. | ||||
| CVE-2020-12988 | 1 Amd | 122 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 119 more | 2024-11-21 | 7.5 High |
| A potential denial of service (DoS) vulnerability exists in the integrated chipset that may allow a malicious attacker to hang the system when it is rebooted. | ||||
| CVE-2020-12986 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service. | ||||
| CVE-2020-12985 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | ||||
| CVE-2020-12983 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service. | ||||
| CVE-2020-12982 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | ||||
| CVE-2020-12981 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service. | ||||
| CVE-2020-12980 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | ||||
| CVE-2020-12967 | 1 Amd | 65 Epyc 7232p, Epyc 7251, Epyc 7252 and 62 more | 2024-11-21 | 7.2 High |
| The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | ||||
| CVE-2020-12965 | 1 Amd | 126 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 123 more | 2024-11-21 | 7.5 High |
| When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage. | ||||
| CVE-2020-12964 | 1 Amd | 1 Radeon Software | 2024-11-21 | 7.8 High |
| A potential privilege escalation/denial of service issue exists in the AMD Radeon Kernel Mode driver Escape 0x2000c00 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck or write to leak information. | ||||
| CVE-2020-12963 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system. | ||||
| CVE-2020-12962 | 2 Amd, Microsoft | 2 Radeon Software, Windows | 2024-11-21 | 7.8 High |
| Escape call interface in the AMD Graphics Driver for Windows may cause privilege escalation. | ||||
| CVE-2020-12961 | 1 Amd | 90 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 87 more | 2024-11-21 | 7.8 High |
| A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the System Management Network which may lead to bypassing SPI ROM protections. | ||||
| CVE-2020-12951 | 1 Amd | 116 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 113 more | 2024-11-21 | 7.0 High |
| Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations. | ||||
| CVE-2020-12946 | 1 Amd | 88 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 85 more | 2024-11-21 | 7.1 High |
| Insufficient input validation in ASP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service. | ||||
| CVE-2020-12944 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2024-11-21 | 7.8 High |
| Insufficient validation of BIOS image length by ASP Firmware could lead to arbitrary code execution. | ||||