| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2020-21003 | Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin.php.... | E | |
| CVE-2020-21005 | WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a... | E | |
| CVE-2020-21009 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-21012 | Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection ... | E | |
| CVE-2020-21013 | emlog v6.0.0 contains a SQL injection via /admin/comment.php.... | E | |
| CVE-2020-21014 | emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php.... | E | |
| CVE-2020-21016 | D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root... | E | |
| CVE-2020-21038 | Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php.... | E | |
| CVE-2020-21041 | Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c,... | E S | |
| CVE-2020-21046 | A local privilege escalation vulnerability was identified within the "luminati_net_updater_win_eagle... | | |
| CVE-2020-21047 | The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from ... | | |
| CVE-2020-21048 | An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of... | E S | |
| CVE-2020-21049 | An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a... | E S | |
| CVE-2020-21050 | Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at from... | E S | |
| CVE-2020-21052 | Cross Site Scripting vulnerability in zrlog zrlog v.2.1.3 allows a remote attacker to execute arbitr... | E | |
| CVE-2020-21053 | Cross Site Scriptiong (XSS) vulnerability exists in FusionPBX 4.5.7 allows remote malicious users to... | S | |
| CVE-2020-21054 | Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.7 allows remote malicious users to inject ... | S | |
| CVE-2020-21055 | A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any f... | S | |
| CVE-2020-21056 | Directory Traversal vulnerability exists in FusionPBX 4.5.7, which allows a remote malicious user to... | S | |
| CVE-2020-21057 | Directory Traversal vulnerability in FusionPBX 4.5.7, which allows a remote malicious user to delete... | S | |
| CVE-2020-21058 | Cross Site Scripting vulnerability in Typora v.0.9.79 allows a remote attacker to execute arbitrary ... | E S | |
| CVE-2020-21060 | SQL injection vulnerability found in PHPMyWind v.5.6 allows a remote attacker to gain privileges via... | E | |
| CVE-2020-21064 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-15048. Reason: This candidat... | R | |
| CVE-2020-21066 | An issue was discovered in Bento4 v1.5.1.0. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec... | E | |
| CVE-2020-21081 | A cross-site request forgery (CSRF) in Maccms 8.0 causes administrators to add and modify articles w... | E | |
| CVE-2020-21082 | A cross-site scripting (XSS) vulnerability in the background administrator article management module... | E | |
| CVE-2020-21087 | Cross Site Scripting (XSS) in X2Engine X2CRM v6.9 and older allows remote attackers to execute arbit... | E | |
| CVE-2020-21088 | Cross Site Scripting (XSS) in X2engine X2CRM v7.1 and older allows remote attackers to obtain sensit... | E | |
| CVE-2020-21101 | Cross Site Scriptiong vulnerabilityin Screenly screenly-ose all versions, including v1.8.2 (2019-09-... | | |
| CVE-2020-21119 | SQL Injection vulnerability in Kliqqi-CMS 2.0.2 in admin/admin_update_module_widgets.php in recordID... | E | |
| CVE-2020-21120 | SQL Injection vulnerability in file home\controls\cart.class.php in UQCMS 2.1.3, allows attackers ex... | E | |
| CVE-2020-21121 | Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter i... | E | |
| CVE-2020-21122 | UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attac... | E | |
| CVE-2020-21124 | UReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the desi... | E | |
| CVE-2020-21125 | An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code... | E | |
| CVE-2020-21126 | MetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via admin/?n=admin&c=index&a=doSaveInfo.... | E | |
| CVE-2020-21127 | MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel.... | E | |
| CVE-2020-21130 | Cross Site Scripting (XSS) vulnerability in HisiPHP 2.0.8 via the group name in addgroup.html.... | E | |
| CVE-2020-21131 | SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language&c=language_web&a=doAddLanguag... | E | |
| CVE-2020-21132 | SQL Injection vulnerability in Metinfo 7.0.0beta in index.php.... | E | |
| CVE-2020-21133 | SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid.... | E | |
| CVE-2020-21139 | EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) which ... | E | |
| CVE-2020-21141 | iCMS v7.0.15 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admincp.php?app=memb... | E | |
| CVE-2020-21142 | Cross Site Scripting (XSS) vulnerabilty in IPFire 2.23 via the IPfire web UI in the mail.cgi.... | E S | |
| CVE-2020-21146 | Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerability. When the user name is ins... | E | |
| CVE-2020-21147 | RockOA V1.9.8 is affected by a cross-site scripting (XSS) vulnerability which allows remote attacker... | E | |
| CVE-2020-21152 | SQL Injection vulnerability in inxedu 2.0.6 allows attackers to execute arbitrary commands via the f... | E | |
| CVE-2020-21161 | Cross Site Scripting (XSS) vulnerability in Ruckus Wireless ZoneDirector 9.8.3.0.... | E | |
| CVE-2020-21174 | File Upload vulenrability in liufee CMS v.2.0.7.1 allows a remote attacker to execute arbitrary code... | E S | |
| CVE-2020-21176 | SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 al... | E | |
| CVE-2020-21179 | Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL ... | E | |
| CVE-2020-21180 | Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL ... | E | |
| CVE-2020-21219 | Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME packa... | S | |
| CVE-2020-21224 | A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker... | E | |
| CVE-2020-21228 | JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in the component /user/release.ht... | E | |
| CVE-2020-21236 | A vulnerability in /damicms-master/admin.php?s=/Article/doedit of DamiCMS v6.0 allows attackers to c... | E | |
| CVE-2020-21237 | An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute for... | E | |
| CVE-2020-21238 | An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute forc... | E | |
| CVE-2020-21244 | An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that ... | E | |
| CVE-2020-21246 | Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary cod... | E S | |
| CVE-2020-21250 | CSZ CMS v1.2.4 was discovered to contain an arbitrary file upload vulnerability in the component /co... | E S | |
| CVE-2020-21252 | Cross Site Request Forgery vulnerability in Neeke HongCMS 3.0.0 allows a remote attacker to execute ... | E | |
| CVE-2020-21266 | Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting (XSS) due to a slow HTTP post vulne... | | |
| CVE-2020-21268 | Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute a... | E | |
| CVE-2020-21316 | A Cross-site scripting (XSS) vulnerability exists in the comment section in ZrLog 2.1.3, which allow... | S | |
| CVE-2020-21321 | emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which al... | E | |
| CVE-2020-21322 | An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arb... | E | |
| CVE-2020-21325 | An issue in WUZHI CMS v.4.1.0 allows a remote attacker to execute arbitrary code via the set_chache ... | E | |
| CVE-2020-21333 | Cross Site Scripting (XSS) vulnerability in PublicCMS 4.0 to get an admin cookie when the Administra... | E | |
| CVE-2020-21342 | Insecure permissions issue in zzcms 201910 via the reset any user password in /one/getpassword.php.... | E | |
| CVE-2020-21345 | Cross Site Scripting (XSS) vulnerability in Halo 1.1.3 via post publish components in the manage pan... | E | |
| CVE-2020-21353 | A stored cross site scripting (XSS) vulnerability in /admin/snippets.php of GetSimple CMS 3.4.0a all... | E | |
| CVE-2020-21356 | An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclo... | E | |
| CVE-2020-21357 | A stored cross site scripting (XSS) vulnerability in /admin.php?mod=user&act=addnew of PopojiCMS 1.2... | E | |
| CVE-2020-21358 | A cross site request forgery (CSRF) in Wage-CMS 1.5.x-dev allows attackers to arbitrarily add users.... | E | |
| CVE-2020-21359 | An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers ... | E | |
| CVE-2020-21362 | A cross site scripting (XSS) vulnerability in the background search function of Maccms10 allows atta... | E | |
| CVE-2020-21363 | An arbitrary file deletion vulnerability exists within Maccms10.... | E | |
| CVE-2020-21365 | Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read loca... | E | |
| CVE-2020-21366 | Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via... | E | |
| CVE-2020-21377 | SQL injection vulnerability in yunyecms V2.0.1 via the selcart parameter.... | E | |
| CVE-2020-21378 | SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to ad... | E | |
| CVE-2020-21386 | A Cross-Site Request Forgery (CSRF) in the component admin.php/admin/type/info.html of Maccms 10 all... | E | |
| CVE-2020-21387 | A cross-site scripting (XSS) vulnerability in the parameter type_en of Maccms 10 allows attackers to... | E | |
| CVE-2020-21394 | SQL Injection vulnerability in Zhong Bang Technology Co., Ltd CRMEB mall system V2.60 and V3.1 via t... | E | |
| CVE-2020-21400 | SQL injection vulnerability in gaozhifeng PHPMyWind v.5.6 allows a remote attacker to execute arbitr... | E | |
| CVE-2020-21405 | An issue was discovered in H96 Smart TV Box H96 Pro Plus allows attackers to corrupt files via calls... | E | |
| CVE-2020-21406 | An issue was discovered in RK Smart TV Box MAX and V88 SmartTV box that allows attackers to cause a ... | E | |
| CVE-2020-21426 | Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allow... | | |
| CVE-2020-21427 | Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 all... | | |
| CVE-2020-21428 | Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote... | | |
| CVE-2020-21431 | HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.p... | E | |
| CVE-2020-21434 | Maccms 10 contains a cross-site scripting (XSS) vulnerability in the Editing function under the Memb... | E | |
| CVE-2020-21452 | An issue was discovered in uniview ISC2500-S. This is an upload vulnerability where an attacker can ... | | |
| CVE-2020-21468 | A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS)... | | |
| CVE-2020-21469 | An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeate... | E | |
| CVE-2020-21474 | File Upload vulnerability in NucleusCMS v.3.71 allows a remote attacker to execute arbitrary code vi... | E | |
| CVE-2020-21480 | An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via ... | E | |
| CVE-2020-21481 | An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via... | E | |
| CVE-2020-21482 | A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrat... | E | |
| CVE-2020-21483 | An arbitrary file upload vulnerability in Jizhicms v1.5 allows attackers to execute arbitrary code v... | E | |
| CVE-2020-21485 | Cross Site Scripting vulnerability in Alluxio v.1.8.1 allows a remote attacker to executea arbitrary... | E | |
| CVE-2020-21486 | SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information... | E | |
| CVE-2020-21487 | Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows at... | S | |
| CVE-2020-21489 | File Upload vulnerability in Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via... | E S | |
| CVE-2020-21490 | An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. Thi... | E | |
| CVE-2020-21493 | An issue in the component route\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames... | E | |
| CVE-2020-21494 | A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 a... | E | |
| CVE-2020-21495 | A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.... | E | |
| CVE-2020-21496 | A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.... | E | |
| CVE-2020-21503 | waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submiss... | E | |
| CVE-2020-21504 | waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admi... | E | |
| CVE-2020-21505 | waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admi... | E | |
| CVE-2020-21506 | waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admi... | E | |
| CVE-2020-21514 | An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 allows attackers to gain esc... | E | |
| CVE-2020-21516 | There is an arbitrary file upload vulnerability in FeehiCMS 2.0.8 at the head image upload, that all... | E S | |
| CVE-2020-21517 | Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.... | E | |
| CVE-2020-21522 | An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,... | E | |
| CVE-2020-21523 | A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File ... | E | |
| CVE-2020-21524 | There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other b... | E | |
| CVE-2020-21525 | Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3,... | E | |
| CVE-2020-21526 | An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the backgr... | E | |
| CVE-2020-21527 | There is an Arbitrary file deletion vulnerability in halo v1.1.3. A backup function in the backgroun... | | |
| CVE-2020-21528 | A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2... | E | |
| CVE-2020-21529 | fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.... | E | |
| CVE-2020-21530 | fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.... | E | |
| CVE-2020-21531 | fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.... | E | |
| CVE-2020-21532 | fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.... | E | |
| CVE-2020-21533 | fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.... | E | |
| CVE-2020-21534 | fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.... | E | |
| CVE-2020-21535 | fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.... | E | |
| CVE-2020-21547 | Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.... | E S | |
| CVE-2020-21548 | Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosix... | E S | |
| CVE-2020-21554 | A File Deletion vulnerability exists in TinyShop 3.1.1 in the back_list parameter in controllers\adm... | E | |
| CVE-2020-21564 | An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11. There is a file upload vulnerability th... | E | |
| CVE-2020-21572 | Buffer overflow vulnerability in function src_parser_trans_stage_1_2_3 trgil gilcc before commit 803... | S | |
| CVE-2020-21573 | An issue was discoverered in in abhijitnathwani image-processing v0.1.0, allows local attackers to c... | | |
| CVE-2020-21574 | Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows attackers to cause a denial of s... | E | |
| CVE-2020-21583 | An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute... | E S | |
| CVE-2020-21585 | Vulnerability in emlog v6.0.0 allows user to upload webshells via zip plugin module.... | E | |
| CVE-2020-21588 | Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via ... | | |
| CVE-2020-21590 | Directory traversal in coreframe/app/template/admin/index.php in WUZHI CMS 4.1.0 allows attackers to... | E | |
| CVE-2020-21594 | libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be e... | E | |
| CVE-2020-21595 | libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via ... | E | |
| CVE-2020-21596 | libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exp... | E | |
| CVE-2020-21597 | libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited vi... | E | |
| CVE-2020-21598 | libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, w... | E | |
| CVE-2020-21599 | libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which ... | E | |
| CVE-2020-21600 | libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, w... | E | |
| CVE-2020-21601 | libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exp... | E | |
| CVE-2020-21602 | libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, whi... | E | |
| CVE-2020-21603 | libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can ... | E | |
| CVE-2020-21604 | libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be ... | E | |
| CVE-2020-21605 | libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be explo... | E | |
| CVE-2020-21606 | libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which ca... | E | |
| CVE-2020-21627 | Ruijie RG-UAC commit 9071227 was discovered to contain a vulnerability in the component /current_act... | | |
| CVE-2020-21639 | Ruijie RG-UAC 6000-E50 commit 9071227 was discovered to contain a cross-site scripting (XSS) vulnera... | | |
| CVE-2020-21641 | Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus before 4... | | |
| CVE-2020-21642 | Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine... | | |
| CVE-2020-21643 | Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via t... | E | |
| CVE-2020-21648 | WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manag... | E | |
| CVE-2020-21649 | Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, ... | E | |
| CVE-2020-21650 | Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Conf... | E | |
| CVE-2020-21651 | Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\poin... | E | |
| CVE-2020-21652 | Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Conf... | E | |
| CVE-2020-21653 | Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, ... | E | |
| CVE-2020-21654 | emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to g... | E | |
| CVE-2020-21656 | XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability in the component xyhai.php?s=... | E | |
| CVE-2020-21658 | A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administr... | E | |
| CVE-2020-21662 | SQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to run arbitrary SQL commands ... | | |
| CVE-2020-21665 | In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious ... | S | |
| CVE-2020-21667 | In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not... | E | |
| CVE-2020-21674 | Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.... | S | |
| CVE-2020-21675 | A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows atta... | E S | |
| CVE-2020-21676 | A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b al... | E S | |
| CVE-2020-21677 | A heap-based buffer overflow in the sixel_encoder_output_without_macro function in encoder.c of Libs... | E S | |
| CVE-2020-21678 | A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b al... | E S | |
| CVE-2020-21679 | Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote... | E | |
| CVE-2020-21680 | A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows a... | E S | |
| CVE-2020-21681 | A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to... | E S | |
| CVE-2020-21682 | A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to ... | E S | |
| CVE-2020-21683 | A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3... | E S | |
| CVE-2020-21684 | A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause ... | E S | |
| CVE-2020-21685 | Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote atta... | E | |
| CVE-2020-21686 | A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before ... | E | |
| CVE-2020-21687 | Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers ... | E | |
| CVE-2020-21688 | A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to ... | E S | |
| CVE-2020-21690 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-20451. Reason: This candidat... | R | |
| CVE-2020-21697 | A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 a... | E S | |
| CVE-2020-21699 | The web server Tengine 2.2.2 developed in the Nginx version from 0.5.6 thru 1.13.2 is vulnerable to ... | | |
| CVE-2020-21710 | A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.... | E S | |
| CVE-2020-21722 | Buffer Overflow vulnerability in oggvideotools 0.9.1 allows remote attackers to run arbitrary code v... | E | |
| CVE-2020-21723 | A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.... | E | |
| CVE-2020-21724 | Buffer Overflow vulnerability in ExtractorInformation function in streamExtractor.cpp in oggvideotoo... | E | |
| CVE-2020-21725 | OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class... | E | |
| CVE-2020-21726 | OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class... | E | |
| CVE-2020-21729 | JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-v... | E | |
| CVE-2020-21731 | Gazie 7.29 is affected by: Cross Site Scripting (XSS) via http://192.168.100.7/gazie/modules/config/... | | |
| CVE-2020-21732 | Rukovoditel Project Management app 2.6 is affected by: Cross Site Scripting (XSS). An attacker can a... | | |
| CVE-2020-21733 | Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpn... | E | |
| CVE-2020-21783 | In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody[content... | E | |
| CVE-2020-21784 | phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php.... | E | |
| CVE-2020-21785 | In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability.... | E | |
| CVE-2020-21786 | In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controlle... | E | |
| CVE-2020-21787 | CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php.... | E | |
| CVE-2020-21788 | In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnera... | E | |
| CVE-2020-21806 | SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php..... | E | |
| CVE-2020-21808 | SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/ne... | E S | |
| CVE-2020-21809 | SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the (1) listid parameter... | E S | |
| CVE-2020-21813 | A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/d... | E S | |
| CVE-2020-21814 | A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlwescape ../../programs/e... | E S | |
| CVE-2020-21815 | A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2S... | E S | |
| CVE-2020-21816 | A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/es... | E S | |
| CVE-2020-21817 | A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/esca... | E S | |
| CVE-2020-21818 | A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../pro... | E | |
| CVE-2020-21819 | A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../prog... | E S | |
| CVE-2020-21827 | A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_sect... | E | |
| CVE-2020-21830 | A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/b... | E S | |
| CVE-2020-21831 | A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles... | E S | |
| CVE-2020-21832 | A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_sect... | E S | |
| CVE-2020-21833 | A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes... | E S | |
| CVE-2020-21834 | A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.... | E S | |
| CVE-2020-21835 | A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../sr... | E S | |
| CVE-2020-21836 | A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview... | E S | |
| CVE-2020-21838 | A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo... | E S | |
| CVE-2020-21839 | An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decod... | E S | |
| CVE-2020-21840 | A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../... | E S | |
| CVE-2020-21841 | A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.... | E S | |
| CVE-2020-21842 | A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhist... | E S | |
| CVE-2020-21843 | A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits... | E S | |
| CVE-2020-21844 | GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remot... | E S | |
| CVE-2020-21845 | Codoforum 4.8.3 allows HTML Injection in the 'admin dashboard Manage users Section.'... | E | |
| CVE-2020-21854 | Cross Site Scripting vulnerabiity exists in WDScanner 1.1 in the system management page.... | E | |
| CVE-2020-21861 | File upload vulnerability in DuxCMS 2.1 allows attackers to execute arbitrary php code via duxcms/Ad... | E | |
| CVE-2020-21862 | Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admi... | E | |
| CVE-2020-21865 | ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s... | | |
| CVE-2020-21881 | Cross Site Request Forgery (CSRF) vulnerability in admin.php in DuxCMS 2.1 allows remote attackers t... | E | |
| CVE-2020-21883 | Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command i... | E | |
| CVE-2020-21884 | Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site re... | E | |
| CVE-2020-21890 | Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript... | E S | |
| CVE-2020-21896 | A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device... | E S | |
| CVE-2020-21913 | International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bu... | E S | |
| CVE-2020-21929 | A stored cross site scripting (XSS) vulnerability in the web_copyright field of Eyoucms v1.4.1 allow... | E | |
| CVE-2020-21930 | A stored cross site scripting (XSS) vulnerability in the web_attr_2 field of Eyoucms v1.4.1 allows a... | E | |
| CVE-2020-21932 | A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows atta... | E | |
| CVE-2020-21933 | An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin pa... | E | |
| CVE-2020-21934 | An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authenticati... | E | |
| CVE-2020-21935 | A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.... | E | |
| CVE-2020-21936 | An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows ... | E | |
| CVE-2020-21937 | An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Bui... | E | |
| CVE-2020-21967 | File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to ru... | E | |
| CVE-2020-21976 | An arbitrary file upload in the component of NewsOne CMS v1.1.... | E | |
| CVE-2020-21987 | HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS). XSS vulnerabilities occur... | E | |
| CVE-2020-21989 | HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface all... | E | |
| CVE-2020-21990 | Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an informa... | E | |
| CVE-2020-21991 | AVE DOMINAplus <=1.10.x suffers from an authentication bypass vulnerability due to missing control c... | E | |
| CVE-2020-21992 | Inim Electronics SmartLiving SmartLAN/G/SI <=6.x suffers from an authenticated remote command inject... | E | |
| CVE-2020-21993 | In WEMS Limited Enterprise Manager 2.58, input passed to the GET parameter 'email' is not properly s... | E | |
| CVE-2020-21994 | AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an ... | E | |
| CVE-2020-21995 | Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker cou... | E | |
| CVE-2020-21996 | AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can expl... | E | |
| CVE-2020-21997 | Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and inform... | E | |
| CVE-2020-21998 | In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter in 'api.php' script is not pro... | E | |
| CVE-2020-21999 | iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vu... | E |