ReportizFlow
Filtered by vendor
Subscriptions
Total
12645 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-24649 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.8 Critical |
| A remote bytemessageresource transformentity" input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-24647 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.8 Critical |
| A remote accessmgrservlet classname input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-24615 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 5.3 Medium |
| Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP. | ||||
| CVE-2020-24606 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 8.6 High |
| Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF. | ||||
| CVE-2020-24593 | 1 Mitel | 1 Micloud Management Portal | 2024-11-21 | 7.2 High |
| Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation. | ||||
| CVE-2020-24588 | 9 Arista, Cisco, Debian and 6 more | 351 C-100, C-100 Firmware, C-110 and 348 more | 2024-11-21 | 3.5 Low |
| The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. | ||||
| CVE-2020-24505 | 1 Intel | 33 Ethernet Network Adapter 700 Firmware, Ethernet Network Adapter V710-at2, Ethernet Network Adapter X710-am2 and 30 more | 2024-11-21 | 4.4 Medium |
| Insufficient input validation in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2020-24502 | 2 Intel, Redhat | 11 Ethernet Network Adapter E810-cqda1, Ethernet Network Adapter E810-cqda1 For Ocp, Ethernet Network Adapter E810-cqda1 For Ocp 3.0 and 8 more | 2024-11-21 | 5.5 Medium |
| Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access. | ||||
| CVE-2020-24496 | 1 Intel | 4 Ethernet Network Adapter X722-da2, Ethernet Network Adapter X722-da2 Firmware, Ethernet Network Adapter X722-da4 and 1 more | 2024-11-21 | 4.4 Medium |
| Insufficient input validation in the firmware for Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2020-24491 | 1 Intel | 3 Core I3, Core I5, Core I7 | 2024-11-21 | 4.4 Medium |
| Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2020-24486 | 3 Intel, Netapp, Siemens | 548 Bios, Core I3-l13g4, Core I5-l16g7 and 545 more | 2024-11-21 | 5.5 Medium |
| Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2020-24453 | 1 Intel | 1 Epid Software Development Kit | 2024-11-21 | 7.8 High |
| Improper input validation in the Intel(R) EPID SDK before version 8, may allow an authenticated user to potentially enable an escalation of privilege via local access. | ||||
| CVE-2020-24452 | 1 Intel | 1 Sgx Platform | 2024-11-21 | 5.5 Medium |
| Improper input validation in the Intel(R) SGX Platform Software for Windows* may allow an authenticated user to potentially enable a denial of service via local access. | ||||
| CVE-2020-24432 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 6.7 Medium |
| Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user. To exploit this issue, an attacker must acquire and then modify a certified PDF document that is trusted by the victim. The attacker then needs to convince the victim to open the document. | ||||
| CVE-2020-24427 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 3.3 Low |
| Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec that could result in the disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2020-24388 | 2 Fedoraproject, Yubico | 2 Fedora, Yubihsm-shell | 2024-11-21 | 7.5 High |
| An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2. The function does not validate the embedded length field of a message received from the device. This could lead to an oversized memcpy() call that will crash the running process. This could be used by an attacker to cause a denial of service. | ||||
| CVE-2020-24377 | 1 Free | 10 Freebox Delta, Freebox Delta Firmware, Freebox Mini and 7 more | 2024-11-21 | 9.6 Critical |
| A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3. | ||||
| CVE-2020-24376 | 1 Free | 10 Freebox Delta, Freebox Delta Firmware, Freebox Mini and 7 more | 2024-11-21 | 9.6 Critical |
| A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3. | ||||
| CVE-2020-24374 | 1 Free | 2 Freebox Hd, Freebox Hd Firmware | 2024-11-21 | 9.6 Critical |
| A DNS rebinding vulnerability in Freebox v5 before 1.5.29. | ||||
| CVE-2020-24359 | 1 Hashicorp | 1 Vault-ssh-helper | 2024-11-21 | 7.5 High |
| HashiCorp vault-ssh-helper up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host's network interface was located, rather than the specific IP address assigned to that interface. Fixed in 0.2.0. | ||||