Export limit exceeded: 10070 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10070 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-23360 | 1 Oscommerce | 1 Oscommerce | 2024-11-21 | 9.8 Critical |
| oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/password_reset.php | ||||
| CVE-2020-23359 | 1 Webidsupport | 1 Webid | 2024-11-21 | 9.8 Critical |
| WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords. Two non-identical passwords can still bypass the check. | ||||
| CVE-2020-23322 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| There is an Assertion in 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' in parser_parse_object_initializer in JerryScript 2.2.0. | ||||
| CVE-2020-23320 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' in parser_parse_function_arguments in JerryScript 2.2.0. | ||||
| CVE-2020-23319 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| There is an Assertion in '(flags >> CBC_STACK_ADJUST_SHIFT) >= CBC_STACK_ADJUST_BASE || (CBC_STACK_ADJUST_BASE - (flags >> CBC_STACK_ADJUST_SHIFT)) <= context_p->stack_depth' in parser_emit_cbc_backward_branch in JerryScript 2.2.0. | ||||
| CVE-2020-23314 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| There is an Assertion 'block_found' failed at js-parser-statm.c:2003 parser_parse_try_statement_end in JerryScript 2.2.0. | ||||
| CVE-2020-23313 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| There is an Assertion 'scope_stack_p > context_p->scope_stack_p' failed at js-scanner-util.c:2510 in scanner_literal_is_created in JerryScript 2.2.0 | ||||
| CVE-2020-23312 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| There is an Assertion 'context.status_flags & PARSER_SCANNING_SUCCESSFUL' failed at js-parser.c:2185 in parser_parse_source in JerryScript 2.2.0. | ||||
| CVE-2020-23311 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| There is an Assertion 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' failed at js-parser-expr.c:3230 in parser_parse_object_initializer in JerryScript 2.2.0. | ||||
| CVE-2020-23310 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| There is an Assertion 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at js-parser-statm.c:733 in parser_parse_function_statement in JerryScript 2.2.0. | ||||
| CVE-2020-23309 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| There is an Assertion 'context_p->stack_depth == context_p->context_stack_depth' failed at js-parser-statm.c:2756 in parser_parse_statements in JerryScript 2.2.0. | ||||
| CVE-2020-23308 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| There is an Assertion 'context_p->stack_top_uint8 == LEXER_EXPRESSION_START' at js-parser-expr.c:3565 in parser_parse_expression in JerryScript 2.2.0. | ||||
| CVE-2020-23182 | 1 Php-fusion | 1 Php-fusion | 2024-11-21 | 5.4 Medium |
| The component /php-fusion/infusions/shoutbox_panel/shoutbox_archive.php in PHP-Fusion 9.03.60 allows attackers to redirect victim users to malicious websites via a crafted payload entered into the Shoutbox message panel. | ||||
| CVE-2020-23171 | 1 Nim-lang | 1 Nim-lang | 2024-11-21 | 5.5 Medium |
| A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file. | ||||
| CVE-2020-23140 | 1 Microweber | 1 Microweber | 2024-11-21 | 8.1 High |
| Microweber 1.1.18 is affected by insufficient session expiration. When changing passwords, both sessions for when a user changes email and old sessions in any other browser or device, the session does not expire and remains active. | ||||
| CVE-2020-23136 | 1 Microweber | 1 Microweber | 2024-11-21 | 5.5 Medium |
| Microweber v1.1.18 is affected by no session expiry after log-out. | ||||
| CVE-2020-23015 | 1 Opnsense | 1 Opnsense | 2024-11-21 | 6.1 Medium |
| An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website. | ||||
| CVE-2020-22840 | 1 B2evolution | 1 B2evolution | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php. | ||||
| CVE-2020-22784 | 1 Etherpad | 1 Ueberdb | 2024-11-21 | 7.5 High |
| In Etherpad UeberDB < 0.4.4, due to MySQL omitting trailing spaces on char / varchar columns during comparisons, retrieving database records using UeberDB's MySQL connector could allow bypassing access controls enforced on key names. | ||||
| CVE-2020-22535 | 1 Pbootcms | 1 Pbootcms | 2024-11-21 | 6.5 Medium |
| Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php. | ||||