Export limit exceeded: 367102 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (367102 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-11879 | 1 Gnome | 1 Evolution | 2024-11-21 | 6.5 Medium |
| An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as demonstrated by an attach=. value. | ||||
| CVE-2020-11878 | 1 Jitsi | 1 Meet | 2024-11-21 | 9.8 Critical |
| The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (such as passw0rd) for system accounts. | ||||
| CVE-2020-11877 | 1 Zoom | 1 Meetings | 2024-11-21 | 7.5 High |
| airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code | ||||
| CVE-2020-11876 | 1 Zoom | 1 Meetings | 2024-11-21 | 7.5 High |
| airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code | ||||
| CVE-2020-11875 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10.0 (MTK chipsets) software. The MTK kernel does not properly implement exception handling, allowing an attacker to gain privileges. The LG ID is LVE-SMP-200001 (February 2020). | ||||
| CVE-2020-11874 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. Attackers can bypass Factory Reset Protection (FRP). The LG ID is LVE-SMP-200004 (March 2020). | ||||
| CVE-2020-11873 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 (April 2020). | ||||
| CVE-2020-11872 | 1 Bluetrace | 1 Opentrace | 2024-11-21 | 7.5 High |
| The Cloud Functions subsystem in OpenTrace 1.0 might allow fabrication attacks by making billions of TempID requests before an AES-256-GCM key rotation occurs. | ||||
| CVE-2020-11869 | 1 Qemu | 1 Qemu | 2024-11-21 | 3.3 Low |
| An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service. | ||||
| CVE-2020-11867 | 2 Audacityteam, Fedoraproject | 2 Audacity, Fedora | 2024-11-21 | 3.3 Low |
| Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there. | ||||
| CVE-2020-11866 | 3 Fedoraproject, Libemf Project, Opensuse | 3 Fedora, Libemf, Leap | 2024-11-21 | 7.8 High |
| libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free. | ||||
| CVE-2020-11865 | 3 Fedoraproject, Libemf Project, Opensuse | 3 Fedora, Libemf, Leap | 2024-11-21 | 7.8 High |
| libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. | ||||
| CVE-2020-11864 | 3 Fedoraproject, Libemf Project, Opensuse | 3 Fedora, Libemf, Leap | 2024-11-21 | 5.5 Medium |
| libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2). | ||||
| CVE-2020-11863 | 3 Fedoraproject, Libemf Project, Opensuse | 3 Fedora, Libemf, Leap | 2024-11-21 | 5.5 Medium |
| libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2). | ||||
| CVE-2020-11861 | 1 Microfocus | 1 Operations Agent | 2024-11-21 | 7.8 High |
| Unauthorized escalation of local privileges vulnerability on Micro Focus Operation Agent, affecting all versions prior to versions 12.11. The vulnerability could be exploited to escalate the local privileges and gain root access on the system. | ||||
| CVE-2020-11860 | 1 Microfocus | 1 Arcsight Logger | 2024-11-21 | 6.1 Medium |
| Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS) | ||||
| CVE-2020-11858 | 1 Microfocus | 2 Operations Bridge, Operations Bridge Manager | 2024-11-21 | 7.8 High |
| Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges. | ||||
| CVE-2020-11857 | 1 Microfocus | 1 Operation Bridge Reporter | 2024-11-21 | 9.8 Critical |
| An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user | ||||
| CVE-2020-11856 | 1 Microfocus | 1 Operation Bridge Reporter | 2024-11-21 | 9.8 Critical |
| Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of OBR. | ||||
| CVE-2020-11855 | 1 Microfocus | 1 Operation Bridge Reporter | 2024-11-21 | 7.8 High |
| An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow local attackers on the OBR host to execute code with escalated privileges. | ||||