Export limit exceeded: 10122 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10122 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7552 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7551 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7550 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 7.8 High |
| A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | ||||
| CVE-2020-7526 | 1 Apc | 1 Powerchute | 2024-11-21 | 8.8 High |
| Improper Input Validation vulnerability exists in PowerChute Business Edition (software V9.0.x and earlier) which could cause remote code execution when a script is executed during a shutdown event. | ||||
| CVE-2020-7472 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 9.8 Critical |
| An authorization bypass and PHP local-file-include vulnerability in the installation component of SugarCRM before 8.0, 8.0 before 8.0.7, 9.0 before 9.0.4, and 10.0 before 10.0.0 allows for unauthenticated remote code execution against a configured SugarCRM instance via crafted HTTP requests. (This is exploitable even after installation is completed.). | ||||
| CVE-2020-7461 | 2 Freebsd, Siemens | 5 Freebsd, Simatic Rf350m, Simatic Rf350m Firmware and 2 more | 2024-11-21 | 7.3 High |
| In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, dhclient(8) fails to handle certain malformed input related to handling of DHCP option 119 resulting a heap overflow. The heap overflow could in principle be exploited to achieve remote code execution. The affected process runs with reduced privileges in a Capsicum sandbox, limiting the immediate impact of an exploit. | ||||
| CVE-2020-7374 | 1 Documalis | 2 Free Pdf Editor, Free Pdf Scanner | 2024-11-21 | 5.3 Medium |
| Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the user running the Documalis Free PDF Editor or Documalis Free PDF Scanner software. | ||||
| CVE-2020-7246 | 1 Qdpm | 1 Qdpm | 2024-11-21 | 8.8 High |
| A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884. | ||||
| CVE-2020-7237 | 1 Cacti | 1 Cacti | 2024-11-21 | 8.8 High |
| Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product. | ||||
| CVE-2020-7209 | 1 Hp | 1 Linuxki | 2024-11-21 | 9.8 Critical |
| LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2. | ||||
| CVE-2020-7203 | 1 Hp | 1 Ilo Amplifier Pack | 2024-11-21 | 9.8 Critical |
| A potential security vulnerability has been identified in HPE iLO Amplifier Pack server version 1.70. The vulnerability could be exploited to allow remote code execution. | ||||
| CVE-2020-7200 | 1 Hp | 1 Systems Insight Manager | 2024-11-21 | 9.8 Critical |
| A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6. The vulnerability could be exploited to allow remote code execution. | ||||
| CVE-2020-7195 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 8.8 High |
| A iccselectrules expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-7194 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 8.8 High |
| A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-7193 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 8.8 High |
| A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-7192 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 8.8 High |
| A devicethresholdconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-7191 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 8.8 High |
| A devsoftsel expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-7190 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 8.8 High |
| A deviceselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-7189 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 8.8 High |
| A faultflasheventselectfact expression language injectionremote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-7188 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 8.8 High |
| A userselectpagingcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||