| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2020-22000 | HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom c... | E | |
| CVE-2020-22001 | HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP add... | E | |
| CVE-2020-22002 | An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim Electronics Smart... | E | |
| CVE-2020-22007 | OS Command Injection vulnerability in OKER G955V1 v1.03.02.20161128, allows physical attackers to in... | E | |
| CVE-2020-22015 | Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libav... | E | |
| CVE-2020-22016 | A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov ... | E | |
| CVE-2020-22017 | A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/... | E | |
| CVE-2020-22019 | Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, w... | E | |
| CVE-2020-22020 | Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldma... | E | |
| CVE-2020-22021 | Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, whic... | E | |
| CVE-2020-22022 | A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_fi... | E | |
| CVE-2020-22023 | A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_b... | | |
| CVE-2020-22024 | Buffer Overflow vulnerability in FFmpeg 4.2 at the lagfun_frame16 function in libavfilter/vf_lagfun.... | E | |
| CVE-2020-22025 | A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, w... | E | |
| CVE-2020-22026 | Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at libavfilter/af_tr... | E | |
| CVE-2020-22027 | A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighb... | E | |
| CVE-2020-22028 | Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.... | E | |
| CVE-2020-22029 | A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: ... | E | |
| CVE-2020-22030 | A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in crossfa... | E | |
| CVE-2020-22031 | A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in filter... | E | |
| CVE-2020-22032 | A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gauss... | E | |
| CVE-2020-22033 | A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convo... | E | |
| CVE-2020-22034 | A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which mi... | E | |
| CVE-2020-22035 | A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_b... | E | |
| CVE-2020-22036 | A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bw... | E | |
| CVE-2020-22037 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context... | E S | |
| CVE-2020-22038 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_v4l2_m2m_creat... | E | |
| CVE-2020-22039 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the inavi_add_ientry ... | E | |
| CVE-2020-22040 | A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a memory leak in the v_frame_alloc fu... | E | |
| CVE-2020-22041 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_buffersrc_add_... | E | |
| CVE-2020-22042 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak is affected by: memory l... | E | |
| CVE-2020-22043 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak at the fifo_alloc_common... | E | |
| CVE-2020-22044 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the url_open_dyn_buf_... | E S | |
| CVE-2020-22046 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_... | E | |
| CVE-2020-22048 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get... | E | |
| CVE-2020-22049 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sect... | E | |
| CVE-2020-22051 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the filter_frame func... | E | |
| CVE-2020-22054 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set funct... | E | |
| CVE-2020-22056 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the config_input func... | E | |
| CVE-2020-22057 | The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC version v6.2.7 were disc... | | |
| CVE-2020-22061 | SUPERAntispyware v8.0.0.1050 was discovered to contain an issue in the component saskutil64.sys. Thi... | E | |
| CVE-2020-22079 | Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 a... | E | |
| CVE-2020-22083 | jsonpickle through 1.4.1 allows remote code execution during deserialization of a malicious payload ... | E | |
| CVE-2020-22120 | A remote code execution (RCE) vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat v5.1... | E S | |
| CVE-2020-22122 | A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers... | E | |
| CVE-2020-22124 | A vulnerability in the \inc\config.php component of joyplus-cms v1.6 allows attackers to access sens... | E | |
| CVE-2020-22148 | A stored cross site scripting (XSS) vulnerability in /admin.php?page=tags of Piwigo 2.10.1 allows at... | E | |
| CVE-2020-22150 | A cross site scripting (XSS) vulnerability in /admin.php?page=permalinks of Piwigo 2.10.1 allows att... | E | |
| CVE-2020-22151 | Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via... | E | |
| CVE-2020-22152 | Cross Site Scripting vulnerability in daylight studio FUEL- CMS v.1.4.6 allows a remote attacker to ... | E | |
| CVE-2020-22153 | File Upload vulnerability in FUEL-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via... | E | |
| CVE-2020-22158 | MediaKind (formerly Ericsson) RX8200 5.13.3 devices are vulnerable to multiple reflected and stored ... | | |
| CVE-2020-22159 | EVERTZ devices 3080IPX exe-guest-v1.2-r26125, 7801FC 1.3 Build 27, and 7890IXG V494 are vulnerable t... | E | |
| CVE-2020-22164 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\check_av... | E | |
| CVE-2020-22165 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-log... | E | |
| CVE-2020-22166 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\forgot-p... | E | |
| CVE-2020-22167 | PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerabilit... | E | |
| CVE-2020-22168 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-e... | E | |
| CVE-2020-22169 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointm... | E | |
| CVE-2020-22170 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doct... | E | |
| CVE-2020-22171 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\registra... | E | |
| CVE-2020-22172 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doct... | E | |
| CVE-2020-22173 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-pro... | E | |
| CVE-2020-22174 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-app... | E | |
| CVE-2020-22175 | PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\admin\be... | E | |
| CVE-2020-22176 | PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerabili... | E | |
| CVE-2020-22181 | A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router dev... | | |
| CVE-2020-22198 | SQL Injection vulnerability in DedeCMS 5.7 via mdescription parameter to member/ajax_membergroup.php... | E | |
| CVE-2020-22199 | SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php... | E | |
| CVE-2020-22200 | Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to public_get_suggest_keyword... | E | |
| CVE-2020-22201 | phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize pa... | E | |
| CVE-2020-22203 | SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php.... | E | |
| CVE-2020-22204 | SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. .... | E | |
| CVE-2020-22205 | SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php.... | E | |
| CVE-2020-22206 | SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php.... | E | |
| CVE-2020-22208 | SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php.... | E | |
| CVE-2020-22209 | SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php.... | E | |
| CVE-2020-22210 | SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.... | E | |
| CVE-2020-22211 | SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.... | E | |
| CVE-2020-22212 | SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php.... | E | |
| CVE-2020-22217 | Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply ... | E S | |
| CVE-2020-22218 | An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access... | S | |
| CVE-2020-22219 | Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attacke... | E | |
| CVE-2020-22222 | Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS... | E | |
| CVE-2020-22223 | Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerabili... | E | |
| CVE-2020-22224 | Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS... | E | |
| CVE-2020-22225 | Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerabili... | E | |
| CVE-2020-22226 | Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerabili... | E | |
| CVE-2020-22249 | Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extens... | E | |
| CVE-2020-22251 | Cross Site Scripting (XSS) vulnerability in phpList 3.5.3 via the login name field in Manage Adminis... | E | |
| CVE-2020-22253 | Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808... | M | |
| CVE-2020-22273 | Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Setting... | | |
| CVE-2020-22274 | JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.... | | |
| CVE-2020-22275 | Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with... | E | |
| CVE-2020-22276 | WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry.... | E | |
| CVE-2020-22277 | Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a ... | E | |
| CVE-2020-22278 | phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this bec... | E | |
| CVE-2020-22283 | A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free S... | S | |
| CVE-2020-22284 | A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP ... | S | |
| CVE-2020-22312 | A cross-site scripting (XSS) vulnerability was discovered in the OJ/admin-tool /cal_scores.php funct... | E | |
| CVE-2020-22327 | An issue was discovered in HFish 0.5.1. When a payload is inserted where the name is entered, XSS co... | E | |
| CVE-2020-22330 | Cross-Site Scripting (XSS) vulnerability in Subrion 4.2.1 via the title when adding a page.... | E | |
| CVE-2020-22334 | Cross Site Request Forgery (CSRF) vulnerability in beescms v4 allows attackers to delete the adminis... | E | |
| CVE-2020-22336 | An issue was discovered in pdfcrack 0.17 thru 0.18, allows attackers to execute arbitrary code via a... | E | |
| CVE-2020-22345 | /graphStatus/displayServiceStatus.php in Centreon 19.10.8 allows remote attackers to execute arbitra... | E S | |
| CVE-2020-22352 | The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of servic... | E | |
| CVE-2020-22390 | Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers... | E | |
| CVE-2020-22392 | Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then edi... | E | |
| CVE-2020-22394 | In YzmCMS v5.5 the member contribution function in the editor contains a cross-site scripting (XSS) ... | E | |
| CVE-2020-22402 | Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain us... | S | |
| CVE-2020-22403 | Cross Site Request Forgery (CSRF) vulnerability in Express cart v1.1.16 allows attackers to add an a... | | |
| CVE-2020-22421 | 74CMS v6.0.4 was discovered to contain a cross-site scripting (XSS) vulnerability via /index.php?m=&... | E | |
| CVE-2020-22425 | Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, where an authorized user is able ... | | |
| CVE-2020-22427 | NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerability. An authenticated nagiosa... | E | |
| CVE-2020-22428 | SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory n... | | |
| CVE-2020-22429 | redox-os v0.1.0 was discovered to contain a use-after-free bug via the gethostbyaddr() function at /... | E | |
| CVE-2020-22452 | SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.... | E S | |
| CVE-2020-22453 | Untis WebUntis before 2020.9.6 allows XSS in multiple functions that store information.... | | |
| CVE-2020-22474 | In webERP 4.15, the ManualContents.php file allows users to specify the "Language" parameter, which ... | E S | |
| CVE-2020-22475 | "Tasks" application version before 9.7.3 is affected by insecure permissions. The VoiceCommandActivi... | E S | |
| CVE-2020-22481 | An issue was discovered in HFish 0.5.1. When a payload is inserted where the password is entered, XS... | E | |
| CVE-2020-22524 | Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows a... | E | |
| CVE-2020-22533 | Cross Site Scripting vulnerability found in Zentao allows a remote attacker to execute arbitrary cod... | E | |
| CVE-2020-22535 | Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update functi... | E | |
| CVE-2020-22539 | An arbitrary file upload vulnerability in the Add Category function of Codoforum v4.9 allows attacke... | E | |
| CVE-2020-22540 | Stored Cross-Site Scripting (XSS) vulnerability in Codoforum v4.9, allows attackers to execute arbit... | E | |
| CVE-2020-22550 | Veno File Manager 3.5.6 is affected by a directory traversal vulnerability. Using the traversal allo... | E | |
| CVE-2020-22552 | The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP proto... | E | |
| CVE-2020-22570 | Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via... | E | |
| CVE-2020-22597 | An issue in Jerrscript- project Jerryscrip v. 2.3.0 allows a remote attacker to execute arbitrary co... | E S | |
| CVE-2020-22607 | Cross Site Scripting vulnerabilty in LimeSurvey 4.1.11+200316 via the (1) name and (2) description p... | S | |
| CVE-2020-22608 | Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name paramet... | S | |
| CVE-2020-22609 | Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name p... | S | |
| CVE-2020-22612 | Installer RCE on settings file write in MyBB before 1.8.22.... | | |
| CVE-2020-22617 | Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when ... | S | |
| CVE-2020-22623 | Directory traversal vulnerability in Jinfornet Jreport 15.6 allows unauthenticated attackers to gain... | | |
| CVE-2020-22628 | Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_rati... | E S | |
| CVE-2020-22643 | Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remo... | E | |
| CVE-2020-22647 | An issue found in DepositGame v.1.0 allows an attacker to gain sensitive information via the GetBonu... | E | |
| CVE-2020-22650 | A memory leak vulnerability in sim-organizer.c of AlienVault Ossim v5 causes a denial of service (DO... | | |
| CVE-2020-22653 | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.... | S | |
| CVE-2020-22654 | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.... | S | |
| CVE-2020-22655 | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.... | S | |
| CVE-2020-22656 | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.... | S | |
| CVE-2020-22657 | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.... | S | |
| CVE-2020-22658 | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.... | S | |
| CVE-2020-22659 | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.... | S | |
| CVE-2020-22660 | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.... | S | |
| CVE-2020-22661 | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.... | S | |
| CVE-2020-22662 | In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.... | S | |
| CVE-2020-22669 | Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerabi... | E S | |
| CVE-2020-22673 | Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of... | E S | |
| CVE-2020-22674 | An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrack... | E S | |
| CVE-2020-22675 | An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buff... | E S | |
| CVE-2020-22677 | An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buf... | E S | |
| CVE-2020-22678 | An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parse... | E S | |
| CVE-2020-22679 | Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a den... | E S | |
| CVE-2020-22719 | Shimo Document v2.0.1 contains a cross-site scripting (XSS) vulnerability which allows attackers to ... | | |
| CVE-2020-22720 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-22721 | A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to... | E | |
| CVE-2020-22722 | Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in th... | E | |
| CVE-2020-22723 | A cross-site scripting (XSS) vulnerability in Beijing Liangjing Zhicheng Technology Co., Ltd ljcmssh... | | |
| CVE-2020-22724 | A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury Rout... | E | |
| CVE-2020-22732 | CMS Made Simple (CMSMS) 2.2.14 allows stored XSS via the Extensions > Fie Picker..... | | |
| CVE-2020-22741 | An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary users... | E | |
| CVE-2020-22755 | File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumb... | E | |
| CVE-2020-22761 | Cross Site Request Forgery (CSRF) vulnerability in FlatPress 1.1 via the DeleteFile function in flat... | E S | |
| CVE-2020-22765 | Cross Site Scripting (XSS) vulnerability in NukeViet cms 4.4.0 via the editor in the News module.... | | |
| CVE-2020-22781 | In Etherpad < 1.8.3, a specially crafted URI would raise an unhandled exception in the cache mechani... | E | |
| CVE-2020-22782 | Etherpad < 1.8.3 is affected by a denial of service in the import functionality. Upload of binary fi... | E | |
| CVE-2020-22783 | Etherpad <1.8.3 stored passwords used by users insecurely in the database and in log files. This aff... | E S | |
| CVE-2020-22784 | In Etherpad UeberDB < 0.4.4, due to MySQL omitting trailing spaces on char / varchar columns during ... | S | |
| CVE-2020-22785 | Etherpad < 1.8.3 is affected by a missing lock check which could cause a denial of service. Aggressi... | E | |
| CVE-2020-22789 | Unauthenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta allows a remote attacker to... | E | |
| CVE-2020-22790 | Authenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta allows a remote attacker to e... | E | |
| CVE-2020-22807 | An issue was dicovered in vtiger crm 7.2. Union sql injection in the calendar exportdata feature.... | E | |
| CVE-2020-22808 | An issue was found in yii2_fecshop 2.x. There is a reflected XSS vulnerability in the check cart pag... | E S | |
| CVE-2020-22809 | In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates priv... | E | |
| CVE-2020-22818 | MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter.... | E M | |
| CVE-2020-22819 | MKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter.... | E M | |
| CVE-2020-22820 | MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter.... | E M | |
| CVE-2020-22839 | Reflected cross-site scripting vulnerability (XSS) in the evoadm.php file in b2evolution cms version... | E | |
| CVE-2020-22840 | Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform... | E | |
| CVE-2020-22841 | Stored XSS in b2evolution CMS version 6.11.6 and prior allows an attacker to perform malicious JavaS... | E | |
| CVE-2020-22842 | CMS Made Simple before 2.2.15 allows XSS via the m1_mod parameter in a ModuleManager local_uninstall... | E | |
| CVE-2020-22844 | A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of se... | | |
| CVE-2020-22845 | A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of se... | | |
| CVE-2020-22848 | A remote code execution (RCE) vulnerability in the \Playsong.php component of cscms v4.1 allows atta... | E | |
| CVE-2020-22864 | A cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG Editor 3.1... | E | |
| CVE-2020-22873 | Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote ... | S | |
| CVE-2020-22874 | Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote at... | E S | |
| CVE-2020-22875 | Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote att... | E S | |
| CVE-2020-22876 | Buffer Overflow vulnerability in quickjs.c in QuickJS, allows remote attackers to cause denial of se... | E | |
| CVE-2020-22882 | Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of s... | E | |
| CVE-2020-22884 | Buffer overflow vulnerability in function jsvGetStringChars in Espruino before RELEASE_2V09, allows ... | E | |
| CVE-2020-22885 | Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows... | E | |
| CVE-2020-22886 | Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remo... | E | |
| CVE-2020-22907 | Stack overflow vulnerability in function jsi_evalcode_sub in jsish before 3.0.18, allows remote atta... | E S | |
| CVE-2020-22916 | An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a... | | |
| CVE-2020-22937 | A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5 allows attackers to execute ar... | E | |
| CVE-2020-22983 | A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier,... | | |
| CVE-2020-22984 | Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote u... | | |
| CVE-2020-22985 | Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote u... | | |
| CVE-2020-22986 | Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote u... | | |
| CVE-2020-22987 | Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote u... | |