Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3248 | 2 Canonical, Google | 2 Ubuntu Linux, Chrome | 2020-08-03 | 5.0 MEDIUM | N/A |
| Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors. | |||||
| CVE-2010-3246 | 1 Google | 1 Chrome | 2020-08-03 | 4.3 MEDIUM | N/A |
| Google Chrome before 6.0.472.53 does not properly handle the _blank value for the target attribute of unspecified elements, which allows remote attackers to bypass the pop-up blocker via unknown vectors. | |||||
| CVE-2010-2897 | 1 Google | 1 Chrome | 2020-08-03 | 10.0 HIGH | N/A |
| Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors. | |||||
| CVE-2019-20032 | 1 Nec | 8 Sl1100, Sl1100 Firmware, Sl2100 and 5 more | 2020-08-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may access the system's administration modem. | |||||
| CVE-2019-20030 | 1 Nec | 2 Um8000, Um8000 Firmware | 2020-08-03 | 4.6 MEDIUM | 7.8 HIGH |
| An attacker with knowledge of the modem access number on a NEC UM8000 voicemail system may use SSH tunneling or standard Linux utilities to gain access to the system's LAN port. All versions are affected. | |||||
| CVE-2010-3117 | 1 Google | 1 Chrome | 2020-08-03 | 10.0 HIGH | N/A |
| Google Chrome before 5.0.375.127 does not properly implement the notifications feature, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-4041 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2020-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors. | |||||
| CVE-2010-4039 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2020-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors. | |||||
| CVE-2010-3413 | 1 Google | 1 Chrome | 2020-07-31 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the pop-up blocking functionality in Google Chrome before 6.0.472.59 allows remote attackers to cause a denial of service (application crash) via unknown vectors. | |||||
| CVE-2010-4204 | 3 Fedoraproject, Google, Webkitgtk | 3 Fedora, Chrome, Webkitgtk | 2020-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-4205 | 1 Google | 1 Chrome | 2020-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| Google Chrome before 7.0.517.44 does not properly handle the data types of event objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2020-1652 | 1 Opennms | 1 Opennms | 2020-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| OpenNMS is accessible via port 9443 | |||||
| CVE-2019-18618 | 3 Hp, Lenovo, Synaptics | 266 Elite Slice, Elite Slice Firmware, Elite X2 1012 G2 and 263 more | 2020-07-30 | 3.6 LOW | 6.0 MEDIUM |
| Incorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions prior to 2019-11-15) allows a local administrator or physical attacker to compromise the confidentiality of sensor data via injection of an unverified partition table. | |||||
| CVE-2010-4578 | 2 Debian, Google | 3 Debian Linux, Chrome, Chrome Os | 2020-07-28 | 7.5 HIGH | N/A |
| Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | |||||
| CVE-2010-3111 | 1 Google | 1 Chrome | 2020-07-28 | 10.0 HIGH | N/A |
| Google Chrome before 6.0.472.53 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors, a different vulnerability than CVE-2010-2897. | |||||
| CVE-2020-11623 | 1 Avertx | 4 Hd438, Hd438 Firmware, Hd838 and 1 more | 2020-07-28 | 7.2 HIGH | 6.8 MEDIUM |
| An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. An attacker with physical access to the UART interface could access additional diagnostic and configuration functionalities as well as the camera's bootloader. Successful exploitation could compromise confidentiality, integrity, and availability of the affected system. It could even render the device inoperable. | |||||
| CVE-2020-15715 | 1 Rconfig | 1 Rconfig | 2020-07-28 | 6.5 MEDIUM | 9.9 CRITICAL |
| rConfig 3.9.5 could allow a remote authenticated attacker to execute arbitrary code on the system, because of an error in the search.crud.php script. An attacker could exploit this vulnerability using the nodeId parameter. | |||||
| CVE-2009-3655 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 5.0 MEDIUM | N/A |
| Rhino Software Serv-U 7.0.0.1 through 8.2.0.3 allows remote attackers to cause a denial of service (server crash) via unspecified vectors related to the "SITE SET TRANSFERPROGRESS ON" FTP command. | |||||
| CVE-2008-3731 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Serv-U File Server 7.0.0.1, and other versions before 7.2.0.1, allows remote authenticated users to cause a denial of service (daemon crash) via an SSH session with SFTP commands for directory creation and logging. | |||||
| CVE-2019-17514 | 1 Python | 1 Python | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that security-relevant code elsewhere is affected. This issue is not a Python implementation bug, and there are no reports that NMR researchers were specifically relying on library/glob.html. In other words, because the older documentation stated "finds all the pathnames matching a specified pattern according to the rules used by the Unix shell," one might have incorrectly inferred that the sorting that occurs in a Unix shell also occurred for glob.glob. There is a workaround in newer versions of Willoughby nmr-data_compilation-p2.py and nmr-data_compilation-p3.py, which call sort() directly. | |||||