Export limit exceeded: 366888 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366888 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-11668 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2024-11-21 | 7.1 High |
| In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770. | ||||
| CVE-2020-11666 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-11-21 | 8.8 High |
| CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges. | ||||
| CVE-2020-11665 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-11-21 | 6.1 Medium |
| CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. | ||||
| CVE-2020-11664 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-11-21 | 6.1 Medium |
| CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. | ||||
| CVE-2020-11663 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-11-21 | 6.1 Medium |
| CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks. | ||||
| CVE-2020-11662 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-11-21 | 7.5 High |
| CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. | ||||
| CVE-2020-11661 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-11-21 | 8.1 High |
| CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data. | ||||
| CVE-2020-11660 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-11-21 | 6.5 Medium |
| CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information. | ||||
| CVE-2020-11659 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-11-21 | 4.3 Medium |
| CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. | ||||
| CVE-2020-11658 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-11-21 | 9.8 Critical |
| CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization. | ||||
| CVE-2020-11656 | 5 Netapp, Oracle, Siemens and 2 more | 12 Ontap Select Deploy Administration Utility, Communications Messaging Server, Communications Network Charging And Control and 9 more | 2024-11-21 | 9.8 Critical |
| In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. | ||||
| CVE-2020-11655 | 7 Canonical, Debian, Netapp and 4 more | 18 Ubuntu Linux, Debian Linux, Ontap Select Deploy Administration Utility and 15 more | 2024-11-21 | 7.5 High |
| SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. | ||||
| CVE-2020-11653 | 5 Debian, Opensuse, Redhat and 2 more | 6 Debian Linux, Backports Sle, Leap and 3 more | 2024-11-21 | 7.5 High |
| An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss. | ||||
| CVE-2020-11650 | 1 Ixsystems | 4 Freenas, Freenas Firmware, Truenas and 1 more | 2024-11-21 | 7.5 High |
| An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent. | ||||
| CVE-2020-11649 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.5 Medium |
| An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. Members of a group could still have access after the group is deleted. | ||||
| CVE-2020-11647 | 3 Debian, Opensuse, Wireshark | 3 Debian Linux, Leap, Wireshark | 2024-11-21 | 7.5 High |
| In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion. | ||||
| CVE-2020-11646 | 1 Br-automation | 6 Gatemanager 4260, Gatemanager 4260 Firmware, Gatemanager 8250 and 3 more | 2024-11-21 | 4.3 Medium |
| A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to view log information reserved for other users. | ||||
| CVE-2020-11645 | 1 Br-automation | 6 Gatemanager 4260, Gatemanager 4260 Firmware, Gatemanager 8250 and 3 more | 2024-11-21 | 6.5 Medium |
| A denial of service vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to limit availability of GateManager instances. | ||||
| CVE-2020-11644 | 1 Br-automation | 6 Gatemanager 4260, Gatemanager 4260 Firmware, Gatemanager 8250 and 3 more | 2024-11-21 | 6.5 Medium |
| The information disclosure vulnerability present in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to generate fake audit log messages. | ||||
| CVE-2020-11643 | 1 Br-automation | 6 Gatemanager 4260, Gatemanager 4260 Firmware, Gatemanager 8250 and 3 more | 2024-11-21 | 6.5 Medium |
| An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to view information of devices belonging to foreign domains. | ||||