| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2020-18013 | SQL Injextion vulnerability exists in Whatsns 4.0 via the ip parameter in index.php?admin_banned/add... | E | |
| CVE-2020-18019 | SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by i... | E | |
| CVE-2020-18020 | SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by inject... | E | |
| CVE-2020-18022 | Cross Site Scripting (XSS) in Qibosoft QiboCMS v7 and earlier allows remote attackers to execute arb... | E | |
| CVE-2020-18032 | Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows rem... | E S | |
| CVE-2020-18035 | Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by inj... | | |
| CVE-2020-18048 | An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a cra... | E | |
| CVE-2020-18065 | Cross Site Scripting (XSS) vulnerability exists in PopojiCMS 2.0.1 in admin.php?mod=menumanager-----... | E | |
| CVE-2020-18066 | Cross Site Scripting vulnerability in ZrLog 2.1.0 via the (1) userName and (2) email parameters in p... | E | |
| CVE-2020-18070 | Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into ... | E | |
| CVE-2020-18077 | A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attac... | E | |
| CVE-2020-18078 | A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator... | E | |
| CVE-2020-18081 | The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attacker... | E | |
| CVE-2020-18084 | Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to execute arbitrary code by injec... | E | |
| CVE-2020-18102 | Cross Site Scripting (XSS) in Hotels_Server v1.0 allows remote attackers to execute arbitrary code b... | E | |
| CVE-2020-18106 | The GET parameter "id" in WMS v1.0 is passed without filtering, which allows attackers to perform SQ... | E | |
| CVE-2020-18114 | An arbitrary file upload vulnerability in the /uploads/dede component of DedeCMS V5.7SP2 allows atta... | E | |
| CVE-2020-18116 | A lack of filtering for searched keywords in the search bar of YouDianCMS 8.0 allows attackers to pe... | E | |
| CVE-2020-18121 | A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leadi... | E | |
| CVE-2020-18123 | A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitraril... | E | |
| CVE-2020-18124 | A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitraril... | E | |
| CVE-2020-18125 | A reflected cross-site scripting (XSS) vulnerability in the /plugin/ajax.php component of Indexhibit... | E | |
| CVE-2020-18126 | Multiple stored cross-site scripting (XSS) vulnerabilities in the Sections module of Indexhibit 2.1.... | E | |
| CVE-2020-18127 | An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily vie... | E | |
| CVE-2020-18129 | A CSRF vulnerability in Eyoucms v1.2.7 allows an attacker to add an admin account via login.php.... | E | |
| CVE-2020-18131 | Cross Site Request Forgery (CSRF) vulnerability in Bluethrust Clan Scripts v4 allows attackers to es... | E | |
| CVE-2020-18132 | Cross Site Scripting (XSS) vulnerability in MIPCMS 3.6.0 allows attackers to execute arbitrary code ... | E | |
| CVE-2020-18144 | SQL Injection Vulnerability in ECTouch v2 via the integral_min parameter in index.php.... | E | |
| CVE-2020-18145 | Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getconte... | E | |
| CVE-2020-18151 | Cross Site Request Forgery (CSRF) vulnerability in ThinkCMF v5.1.0, which can add an admin account.... | E | |
| CVE-2020-18155 | SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connect... | E | |
| CVE-2020-18157 | Cross Site Request Forgery (CSRF) vulnerability in MetInfo 6.1.3 via a doaddsave action in admin/ind... | E | |
| CVE-2020-18158 | Cross Site Scripting (XSS) vulnerability in HuCart 5.7.4 via nickname in index.php.... | E | |
| CVE-2020-18164 | SQL Injection vulnerability exists in tp-shop 2.x-3.x via the /index.php/home/api/shop fBill paramet... | E | |
| CVE-2020-18165 | Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by in... | E | |
| CVE-2020-18166 | Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by atta... | E | |
| CVE-2020-18167 | Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by in... | E | |
| CVE-2020-18169 | A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows at... | E | |
| CVE-2020-18170 | An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows at... | E | |
| CVE-2020-18171 | TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding (OLE) which can allow attackers to ob... | E | |
| CVE-2020-18172 | A code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 allows atta... | E | |
| CVE-2020-18173 | A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbi... | E | |
| CVE-2020-18174 | A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to escalate ... | E | |
| CVE-2020-18175 | SQL Injection vulnerability in Metinfo 6.1.3 via a dosafety_emailadd action in basic.php.... | E | |
| CVE-2020-18178 | Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files v... | E | |
| CVE-2020-18184 | In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote atta... | E | |
| CVE-2020-18185 | class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the confi... | E | |
| CVE-2020-18190 | Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary file... | E | |
| CVE-2020-18191 | GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attackers are able to delete arbitrar... | E | |
| CVE-2020-18194 | Cross Site Scripting (XSS) in emlog v6.0.0 allows remote attackers to execute arbitrary code by addi... | E | |
| CVE-2020-18195 | Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary c... | E | |
| CVE-2020-18198 | Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary c... | E | |
| CVE-2020-18215 | Multiple SQL Injection vulnerabilities in PHPSHE 1.7 in phpshe/admin.php via the (1) ad_id, (2) menu... | E | |
| CVE-2020-18220 | Weak Encoding for Password in DoraCMS v2.1.1 and earlier allows attackers to obtain sensitive inform... | E | |
| CVE-2020-18221 | Cross Site Scripting (XSS) in Typora v0.9.65 and earlier allows remote attackers to execute arbitrar... | E | |
| CVE-2020-18229 | Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by in... | E | |
| CVE-2020-18230 | Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by in... | E | |
| CVE-2020-18232 | Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers ... | E | |
| CVE-2020-18243 | SQL injection vulnerability found in Enricozab CMS v.1.0 allows a remote attacker to execute arbitra... | | |
| CVE-2020-18259 | ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the... | E | |
| CVE-2020-18261 | An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attacker... | E | |
| CVE-2020-18262 | ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid para... | E | |
| CVE-2020-18263 | PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via... | E | |
| CVE-2020-18264 | Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote attackers to gain privilege and e... | E | |
| CVE-2020-18265 | Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote attackers to gain privilege and e... | E | |
| CVE-2020-18268 | Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive informatio... | E S | |
| CVE-2020-18280 | Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbi... | E | |
| CVE-2020-18282 | Cross-site scripting (XSS) vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrar... | E | |
| CVE-2020-18305 | Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web ... | | |
| CVE-2020-18324 | Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kick... | E | |
| CVE-2020-18325 | Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the C... | E | |
| CVE-2020-18326 | Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Mem... | E | |
| CVE-2020-18327 | Cross Site Scripting (XSS) vulnerability exists in Alfresco Alfresco Community Edition v5.2.0 via th... | E | |
| CVE-2020-18329 | An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version ... | | |
| CVE-2020-18330 | An issue was discovered in the default configuration of ChinaMobile PLC Wireless Router model GPN2.4... | E | |
| CVE-2020-18331 | Directory traversal vulnerability in ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running th... | E | |
| CVE-2020-18336 | Cross Site Scripting (XSS) vulnerability found in Typora v.0.9.65 allows a remote attacker to obtain... | E | |
| CVE-2020-18378 | A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser... | E | |
| CVE-2020-18382 | Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block... | E | |
| CVE-2020-18392 | Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows remote attackers to cause a D... | E | |
| CVE-2020-18395 | A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which c... | E | |
| CVE-2020-18404 | An issue was discovered in espcms version P8.18101601. There is a cross site scripting (XSS) vulnera... | E | |
| CVE-2020-18406 | An issue was discovered in cmseasy v7.0.0 that allows user credentials to be sent in clear text due ... | E | |
| CVE-2020-18409 | Cross Site Request Forgery (CSRF) vulnerability was discovered in CatfishCMS 4.8.63 that would allow... | E | |
| CVE-2020-18410 | A stored cross site scripting (XSS) vulnerability in /index.php?admin-master-article-edit of Chaoji ... | E | |
| CVE-2020-18413 | Stored cross site scripting (XSS) vulnerability in /index.php?admin-master-navmenu-add of Chaoji CMS... | E | |
| CVE-2020-18414 | Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 that allows attackers to execute... | E | |
| CVE-2020-18416 | An cross site request forgery (CSRF) vulnerability discovered in Jymusic v2.0.0.,that allows attacke... | E | |
| CVE-2020-18418 | A Cross site request forgery (CSRF) vulnerability was discovered in FeiFeiCMS v4.1.190209, which all... | E | |
| CVE-2020-18428 | tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR componen... | E S | |
| CVE-2020-18430 | tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage componen... | E S | |
| CVE-2020-18432 | File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and ga... | | |
| CVE-2020-18438 | Directory traversal vulnerability in qinggan phpok 5.1, allows attackers to disclose sensitive infor... | E | |
| CVE-2020-18439 | An issue was discoverered in in function edit_save_f in framework/admin/tpl_control.php in qinggan p... | E | |
| CVE-2020-18440 | Buffer overflow vulnerability in framework/init.php in qinggan phpok 5.1, allows attackers to execut... | E | |
| CVE-2020-18442 | Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the retur... | E S | |
| CVE-2020-18445 | Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the upurl function in Page.php.... | E | |
| CVE-2020-18446 | Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the param parameter in the inse... | E | |
| CVE-2020-18449 | Cross Site Scripting (XSS) vulnerability exists in UKCMS v1.1.10 via data in the index function in S... | E | |
| CVE-2020-18451 | Cross Site Scripting (XSS) vulnerability exists in DamiCMS v6.0.6 via the title parameter in the doa... | E | |
| CVE-2020-18454 | Cross Site Request Forgery (CSRF) vulnerability in bycms v1.3 via admin.php/systems/index/module_id/... | E | |
| CVE-2020-18455 | Cross Site Scripting (XSS) vulnerability exists in bycms v3.0.4 via the title parameter in the edit ... | E | |
| CVE-2020-18456 | Cross Site Scripting (XSS) vulnerability exists in PbootCMS v1.3.7 via the title parameter in the mo... | E | |
| CVE-2020-18457 | Cross Site Request Forgery (CSRF) vulnerability exists in bycms v1.3.0 that can add an admin account... | E | |
| CVE-2020-18458 | Cross Site Request Forgery (CSRF) vulnerability exists in DamiCMS v6.0.6 that can add an admin accou... | E | |
| CVE-2020-18460 | Cross Site Request Forgery (CSRF) vulnerability exists in 711cms v1.0.7 that can add an admin accoun... | E | |
| CVE-2020-18462 | File Upload vulnerabilty in AikCms v2.0.0 in poster_edit.php because the background file management ... | E | |
| CVE-2020-18463 | Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in video_list.php, which can let a ... | E | |
| CVE-2020-18464 | Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in video_list.php, which can let a m... | E | |
| CVE-2020-18467 | Cross Site Scripting (XSS) vulnerabilty exists in BigTree-CMS 4.4.3 in the tag name field found in t... | E S | |
| CVE-2020-18468 | Cross Site Scripting (XSS) vulnerability exists in qdPM 9.1 in the Heading field found in the Login ... | E | |
| CVE-2020-18469 | Stored cross-site scripting (XSS) vulnerability in the Copyright Text field found in the Application... | E | |
| CVE-2020-18470 | Stored cross-site scripting (XSS) vulnerability in the Name of application field found in the Genera... | E | |
| CVE-2020-18475 | Cross Site Scripting (XSS) vulnerabilty exists in Hucart CMS 5.7.4 is via the mes_title field. The f... | E | |
| CVE-2020-18476 | SQL Injection vulnerability in Hucart CMS 5.7.4 via the basic information field found in the avatar ... | E | |
| CVE-2020-18477 | SQL Injection vulnerability in Hucart CMS 5.7.4 via the purchase enquiry field found in the Message ... | E | |
| CVE-2020-18494 | Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers ... | E | |
| CVE-2020-18544 | SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" param... | E | |
| CVE-2020-18568 | The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection vulnerabili... | E | |
| CVE-2020-18646 | Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information via t... | E | |
| CVE-2020-18647 | Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information via t... | E | |
| CVE-2020-18648 | Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote attackers to gain local privileges... | E | |
| CVE-2020-18651 | Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and... | E S | |
| CVE-2020-18652 | Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attacker... | E S | |
| CVE-2020-18654 | Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote attackers to execute arbitrary code via... | E | |
| CVE-2020-18657 | Cross Site Scripting (XSS) vulnerability in GetSimpleCMS <= 3.3.15 in admin/changedata.php via the r... | E | |
| CVE-2020-18658 | Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS <=3.3.15 via the timezone parameter to set... | E | |
| CVE-2020-18659 | Cross Site Scripting vulnerability in GetSimpleCMS <=3.3.15 via the (1) sitename, (2) username, and ... | E | |
| CVE-2020-18660 | GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the ... | E | |
| CVE-2020-18661 | Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the url parameter to bbs/login.... | E | |
| CVE-2020-18662 | SQL Injection vulnerability in gnuboard5 <=v5.3.2.8 via the table_prefix parameter in install_db.php... | E | |
| CVE-2020-18663 | Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the act parameter in bbs/move_u... | E | |
| CVE-2020-18664 | Cross Site Scripting (XSS) vulnerability in WebPort <=1.19.1via the connection name parameter in typ... | E | |
| CVE-2020-18665 | Directory Traversal vulnerability in WebPort <=1.19.1 in tags of system settings.... | E | |
| CVE-2020-18666 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-18664. Reason: This candidat... | R | |
| CVE-2020-18667 | SQL Injection vulnerability in WebPort <=1.19.1 via the new connection, parameter name in type-conn.... | E | |
| CVE-2020-18668 | Cross Site Scripting (XSS) vulnerabililty in WebPort <=1.19.1 via the description parameter to scrip... | E | |
| CVE-2020-18670 | Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /inst... | E S | |
| CVE-2020-18671 | Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/tes... | E S | |
| CVE-2020-18683 | Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java ... | E | |
| CVE-2020-18684 | Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java vi... | E | |
| CVE-2020-18685 | Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java ... | E | |
| CVE-2020-18693 | Cross Site Scripting (XSS) in MineWebCMS v1.7.0 allows remote attackers to execute arbitrary code by... | E | |
| CVE-2020-18694 | Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote attackers to obtain sensitive inf... | E | |
| CVE-2020-18698 | Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attackers to launch brute force login ... | E | |
| CVE-2020-18699 | Cross Site Scripting (XSS) in Lin-CMS-Flask v0.1.1 allows remote attackers to execute arbitrary code... | E | |
| CVE-2020-18701 | Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive informa... | E | |
| CVE-2020-18702 | Cross Site Scripting (XSS) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via th... | E S | |
| CVE-2020-18703 | XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via t... | E S | |
| CVE-2020-18704 | Unrestricted Upload of File with Dangerous Type in Django-Widgy v0.8.4 allows remote attackers to ex... | E | |
| CVE-2020-18705 | XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via t... | E S | |
| CVE-2020-18713 | SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of ... | E | |
| CVE-2020-18714 | SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of ... | E | |
| CVE-2020-18715 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-18716 | SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of ... | E | |
| CVE-2020-18717 | SQL Injection in ZZZCMS zzzphp 1.7.1 allows remote attackers to execute arbitrary code due to a lack... | E | |
| CVE-2020-18723 | Stored cross-site scripting (XSS) in file attachment field in MDaemon webmail 19.5.5 allows an attac... | E | |
| CVE-2020-18724 | Authenticated stored cross-site scripting (XSS) in the contact name field in the distribution list o... | E | |
| CVE-2020-18730 | A segmentation violation in the Iec104_Deal_I function of IEC104 v1.0 allows attackers to cause a de... | E | |
| CVE-2020-18731 | A segmentation violation in the Iec104_Deal_FirmUpdate function of IEC104 v1.0 allows attackers to c... | E | |
| CVE-2020-18734 | A stack buffer overflow in /ddsi/q_bitset.h of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS... | E | |
| CVE-2020-18735 | A heap buffer overflow in /src/dds_stream.c of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS... | E | |
| CVE-2020-18737 | An issue was discovered in Typora 0.9.67. There is an XSS vulnerability that causes Remote Code Exec... | E | |
| CVE-2020-18741 | Improper Authorization in ThinkSAAS v2.7 allows remote attackers to modify the description of any us... | E | |
| CVE-2020-18746 | SQL Injection in AiteCMS v1.0 allows remote attackers to execute arbitrary code via the component "a... | E | |
| CVE-2020-18748 | Cross Site Scripting (XSS) in Typora v0.9.65 allows attackers to execute arbitrary code via mathjax ... | E | |
| CVE-2020-18750 | Buffer overflow in pdf2json 0.69 allows local users to execute arbitrary code by converting a crafte... | E S | |
| CVE-2020-18753 | An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to gain access to th... | E | |
| CVE-2020-18754 | An information disclosure vulnerability exists within Dut Computer Control Engineering Co.'s PLC MAC... | E | |
| CVE-2020-18756 | An arbitrary memory access vulnerability in the EPA protocol of Dut Computer Control Engineering Co.... | E | |
| CVE-2020-18757 | An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to cause persistent ... | E | |
| CVE-2020-18758 | An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to execute arbitrary... | E | |
| CVE-2020-18759 | An information disclosure vulnerability exists in the EPA protocol of Dut Computer Control Engineeri... | E | |
| CVE-2020-18766 | A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotely execute system commands.... | E | |
| CVE-2020-18768 | There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows a... | E | |
| CVE-2020-18770 | An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, ... | E | |
| CVE-2020-18771 | Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in ni... | E | |
| CVE-2020-18773 | An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to c... | E | |
| CVE-2020-18774 | A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attacker... | E | |
| CVE-2020-18775 | In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_b_mb_intfi in vc1_block.c that a... | E | |
| CVE-2020-18776 | In Libav 12.3, there is a segmentation fault in vc1_decode_b_mb_intfr in vc1_block.c that allows an ... | E | |
| CVE-2020-18778 | In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_p_mb_intfi in vc1_block.c that a... | E | |
| CVE-2020-18780 | A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attacke... | E | |
| CVE-2020-18781 | Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denia... | E | |
| CVE-2020-18831 | Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remot... | E S | |
| CVE-2020-18839 | Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a d... | E | |
| CVE-2020-18875 | Incorrect Access Control in DotCMS versions before 5.1 allows remote attackers to gain privileges by... | | |
| CVE-2020-18877 | SQL Injection in Wuzhi CMS v4.1.0 allows remote attackers to obtain sensitive information via the 'f... | E | |
| CVE-2020-18878 | Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the... | E | |
| CVE-2020-18879 | Unrestricted File Upload in Bludit v3.8.1 allows remote attackers to execute arbitrary code by uploa... | E | |
| CVE-2020-18885 | Command Injection in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the "text ... | E | |
| CVE-2020-18886 | Unrestricted File Upload in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the... | E | |
| CVE-2020-18888 | Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to delete t... | E | |
| CVE-2020-18889 | Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that can change the admin's passwor... | E | |
| CVE-2020-18890 | Rmote Code Execution (RCE) vulnerability in puppyCMS v5.1 due to insecure permissions, which could l... | E | |
| CVE-2020-18897 | An use-after-free vulnerability in the libpff_item_tree_create_node function of libyal Libpff before... | E S | |
| CVE-2020-18898 | A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to ... | E | |
| CVE-2020-18899 | An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 a... | E | |
| CVE-2020-18900 | A heap-based buffer overflow in the libexe_io_handle_read_coff_optional_header function of libyal li... | E | |
| CVE-2020-18912 | An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via t... | E | |
| CVE-2020-18913 | EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcms_web/Search.... | E | |
| CVE-2020-18917 | The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP co... | E | |
| CVE-2020-18964 | Cross Site Request Forgery (CSRF) Vulnerability in ForestBlog latest version via the website Managem... | E | |
| CVE-2020-18971 | Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the c... | E | |
| CVE-2020-18972 | Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obta... | E | |
| CVE-2020-18974 | Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service v... | E | |
| CVE-2020-18976 | Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checks... | E S | |
| CVE-2020-18979 | Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the X-forwarded-for Header parameter.... | E | |
| CVE-2020-18980 | Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr and themeName parameters.... | E | |
| CVE-2020-18982 | Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via CommentAuthorUrl.... | E | |
| CVE-2020-18984 | A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp com... | | |
| CVE-2020-18985 | An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers to r... | | |
| CVE-2020-18998 | Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via t... | E | |
| CVE-2020-18999 | Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via t... | E |