Export limit exceeded: 358957 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (747 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-15801 | 3 Microsoft, Netapp, Python | 3 Windows, Max Data, Python | 2024-11-21 | 9.8 Critical |
| In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file) is not affected. | ||||
| CVE-2020-13417 | 4 Apple, Aviatrix, Linux and 1 more | 6 Macos, Controller, Gateway and 3 more | 2024-11-21 | 9.8 Critical |
| An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters. | ||||
| CVE-2020-12651 | 4 Apple, Linux, Microsoft and 1 more | 5 Iphone Os, Macos, Linux Kernel and 2 more | 2024-11-21 | 9.8 Critical |
| SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that exceeds INT_MAX. | ||||
| CVE-2020-12389 | 2 Microsoft, Mozilla | 3 Windows, Firefox, Firefox Esr | 2024-11-21 | 10.0 Critical |
| The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. | ||||
| CVE-2020-12388 | 2 Microsoft, Mozilla | 3 Windows, Firefox, Firefox Esr | 2024-11-21 | 10.0 Critical |
| The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. | ||||
| CVE-2020-10964 | 2 Microsoft, S9y | 2 Windows, Serendipity | 2024-11-21 | 9.8 Critical |
| Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename. | ||||
| CVE-2020-10867 | 2 Avast, Microsoft | 2 Antivirus, Windows | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled. | ||||
| CVE-2020-10515 | 2 Microsoft, Starface | 2 Windows, Unified Communication \& Collaboration Client | 2024-11-21 | 9.8 Critical |
| STARFACE UCC Client before 6.7.1.204 on WIndows allows binary planting to execute code with System rights, aka usd-2020-0006. | ||||
| CVE-2020-0902 | 1 Microsoft | 1 Service Fabric | 2024-11-21 | 9.8 Critical |
| An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain conditions, aka 'Service Fabric Elevation of Privilege'. | ||||
| CVE-2020-0901 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | 9.8 Critical |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | ||||
| CVE-2020-0872 | 1 Microsoft | 1 Application Inspector | 2024-11-21 | 9.6 Critical |
| A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'. | ||||
| CVE-2020-0690 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 9.8 Critical |
| An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. | ||||
| CVE-2020-0654 | 1 Microsoft | 1 Onedrive | 2024-11-21 | 9.1 Critical |
| A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint requirements of the App.The security update addresses the vulnerability by correcting the way Microsoft OneDrive App for Android handles sharing links., aka 'Microsoft OneDrive for Android Security Feature Bypass Vulnerability'. | ||||
| CVE-2020-0610 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 9.8 Critical |
| A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609. | ||||
| CVE-2020-0609 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 9.8 Critical |
| A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0610. | ||||
| CVE-2019-9855 | 3 Libreoffice, Microsoft, Opensuse | 3 Libreoffice, Windows, Leap | 2024-11-21 | 9.8 Critical |
| LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1. | ||||
| CVE-2019-8257 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-8255 | 4 Adobe, Apple, Linux and 1 more | 4 Brackets, Mac Os X, Linux Kernel and 1 more | 2024-11-21 | 9.8 Critical |
| Brackets versions 1.14 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2019-8248 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2024-11-21 | 9.8 Critical |
| Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-8247 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2024-11-21 | 9.8 Critical |
| Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||