Total
9170 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4231 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2020-05-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. IBM X-Force ID: 175335. | |||||
| CVE-2017-9791 | 1 Apache | 1 Struts | 2020-05-28 | 7.5 HIGH | 9.8 CRITICAL |
| The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. | |||||
| CVE-2016-2173 | 2 Fedoraproject, Vmware | 2 Fedora, Spring Advanced Message Queuing Protocol | 2020-05-28 | 7.5 HIGH | 9.8 CRITICAL |
| org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code. | |||||
| CVE-2019-7193 | 1 Qnap | 1 Qts | 2020-05-28 | 10.0 HIGH | 9.8 CRITICAL |
| This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions. | |||||
| CVE-2020-12389 | 2 Microsoft, Mozilla | 3 Windows, Firefox, Firefox Esr | 2020-05-27 | 7.5 HIGH | 10.0 CRITICAL |
| The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. | |||||
| CVE-2020-1173 | 1 Microsoft | 1 Power Bi Report Server | 2020-05-27 | 3.5 LOW | 6.8 MEDIUM |
| A spoofing vulnerability exists in Microsoft Power BI Report Server in the way it validates the content-type of uploaded attachments, aka 'Microsoft Power BI Report Server Spoofing Vulnerability'. | |||||
| CVE-2017-6188 | 2 Debian, Munin-monitoring | 2 Debian Linux, Munin | 2020-05-27 | 1.9 LOW | 5.5 MEDIUM |
| Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user. | |||||
| CVE-2020-5537 | 1 Cybozu | 1 Desktop | 2020-05-27 | 7.5 HIGH | 9.8 CRITICAL |
| Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors. | |||||
| CVE-2011-1804 | 1 Google | 1 Chrome | 2020-05-22 | 7.5 HIGH | N/A |
| rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-1456 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | |||||
| CVE-2011-1452 | 1 Google | 1 Chrome | 2020-05-22 | 5.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload. | |||||
| CVE-2011-1451 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-05-22 | 7.5 HIGH | N/A |
| Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | |||||
| CVE-2011-1448 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-1443 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | |||||
| CVE-2011-1303 | 1 Google | 1 Chrome | 2020-05-22 | 7.5 HIGH | N/A |
| Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-1450 | 1 Google | 1 Chrome | 2020-05-22 | 5.0 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | |||||
| CVE-2011-1447 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-1442 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-1438 | 1 Google | 1 Chrome | 2020-05-22 | 7.5 HIGH | N/A |
| Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs. | |||||
| CVE-2011-1434 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||