|
209101
|
8.8 |
HIGH
Network
|
microsoft
|
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_rt_8.1
windows_server_2019
|
Microsoft Windows Security Feature Bypass Vulnerability
|
NVD-CWE-noinfo
|
CVE-2020-17162
|
2024-11-21 14:07 |
2021-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209102
|
7.8 |
HIGH
Local
|
we-con
|
levistudiou
|
Multiple buffer overflow vulnerabilities exist when LeviStudioU (Version 2019-09-21 and prior) processes project files. Opening a specially crafted project file could allow an attacker to exploit and…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-16243
|
2024-11-21 14:07 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209103
|
9.8 |
CRITICAL
Network
|
phpok
|
phpok
|
PhpOK 5.4.137 contains a SQL injection vulnerability that can inject an attachment data through SQL, and then call the attachment replacement function through api.php to write a PHP file to the targe…
|
CWE-89
SQL Injection
|
CVE-2020-16629
|
2024-11-21 14:07 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209104
|
6.3 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() r…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-17380
|
2024-11-21 14:07 |
2021-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209105
|
6.1 |
MEDIUM
Network
|
owncloud
|
owncloud
|
ownCloud (Core) before 10.5 allows XSS in login page 'forgot password.'
|
CWE-79
Cross-site Scripting
|
CVE-2020-16255
|
2024-11-21 14:07 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209106
|
9.9 |
CRITICAL
Network
|
usvn
|
usvn
|
USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in the number_start or number_end parameter to LastHundredRequest (aka lasthundredrequestAction) in the…
|
CWE-78
OS Command
|
CVE-2020-17363
|
2024-11-21 14:07 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209107
|
8.8 |
HIGH
Network
|
1e
|
client
|
The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have a T…
|
CWE-74
CWE-668
Injection
Exposure of Resource to Wrong Sphere
|
CVE-2020-16268
|
2024-11-21 14:07 |
2020-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209108
|
9.6 |
CRITICAL
Network
|
notable
|
notable
|
Notable 1.8.4 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true).
|
CWE-79
Cross-site Scripting
|
CVE-2020-16608
|
2024-11-21 14:07 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209109
|
7.8 |
HIGH
Local
|
microsoft
|
visual_studio_code
|
Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2020-17159
|
2024-11-21 14:07 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209110
|
8.8 |
HIGH
Network
|
microsoft
|
dynamics_365
|
Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2020-17158
|
2024-11-21 14:07 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
