Export limit exceeded: 348219 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79692 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-5146 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 7.2 High |
| A vulnerability in SonicWall SMA100 appliance allow an authenticated management-user to perform OS command injection using HTTP POST parameters. This vulnerability affected SMA100 Appliance version 10.2.0.2-20sv and earlier. | ||||
| CVE-2020-5145 | 1 Sonicwall | 1 Global Vpn Client | 2024-11-21 | 8.6 High |
| SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system. | ||||
| CVE-2020-5144 | 1 Sonicwall | 1 Global Vpn Client | 2024-11-21 | 7.8 High |
| SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability. | ||||
| CVE-2020-5140 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 7.5 High |
| A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0. | ||||
| CVE-2020-5139 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 7.5 High |
| A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0. | ||||
| CVE-2020-5138 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 7.5 High |
| A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0. | ||||
| CVE-2020-5137 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 7.5 High |
| A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. | ||||
| CVE-2020-5133 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 7.5 High |
| A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. | ||||
| CVE-2020-5131 | 1 Sonicwall | 1 Netextender | 2024-11-21 | 7.8 High |
| SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier. | ||||
| CVE-2020-5129 | 1 Sonicwall | 2 Sma1000, Sma1000 Firmware | 2024-11-21 | 7.5 High |
| A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier. | ||||
| CVE-2020-5025 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2, Linux Kernel, Windows and 1 more | 2024-11-21 | 7.8 High |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 193661. | ||||
| CVE-2020-5024 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2, Linux Kernel, Windows and 1 more | 2024-11-21 | 7.5 High |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the SSL handshake response. IBM X-Force ID: 193660. | ||||
| CVE-2020-5023 | 1 Ibm | 1 Spectrum Protect Plus | 2024-11-21 | 7.5 High |
| IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption. IBM X-Force ID: 193659. | ||||
| CVE-2020-5018 | 2 Ibm, Linux | 2 Spectrum Protect Plus, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs increasing the risk of such information being caputured by an attacker. IBM X-Force ID: 193654. | ||||
| CVE-2020-5015 | 2 Ibm, Linux | 3 Elastic Storage Server, Elastic Storage System, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM Elastic Storage System 6.0.0 through 6.0.1.2 and IBM Elastic Storage Server 5.3.0 through 5.3.6.2 could allow a remote attacker to cause a denial of service by sending malformed UDP requests. IBM X-Force ID: 193486. | ||||
| CVE-2020-5013 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-11-21 | 8.1 High |
| IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 193245. | ||||
| CVE-2020-4994 | 1 Ibm | 1 Datapower Gateway | 2024-11-21 | 7.5 High |
| IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906. | ||||
| CVE-2020-4990 | 1 Ibm | 1 Security Guardium | 2024-11-21 | 8.8 High |
| IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 192710. | ||||
| CVE-2020-4985 | 1 Ibm | 1 Planning Analytics Local | 2024-11-21 | 7.5 High |
| IBM Planning Analytics Local 2.0 could allow an attacker to obtain sensitive information due to accepting body parameters in a query. IBM X-Force ID: 192642. | ||||
| CVE-2020-4983 | 1 Ibm | 2 Spectrum Lsf, Spectrum Lsf Suite | 2024-11-21 | 7.8 High |
| IBM Spectrum LSF 10.1 and IBM Spectrum LSF Suite 10.2 could allow a user on the local network who has privileges to submit LSF jobs to execute arbitrary commands. IBM X-Force ID: 192586. | ||||