Export limit exceeded: 84517 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (84517 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7831 | 2 Inogard, Microsoft | 2 Ebiz4u, Windows | 2024-11-21 | 8.8 High |
| A vulnerability in the web-based contract management service interface Ebiz4u of INOGARD could allow an victim user to download any file. The attacker is able to use startup menu directory via directory traversal for automatic execution. The victim user need to reboot, however. | ||||
| CVE-2020-7830 | 1 Raonwiz | 1 Raon Kupload | 2024-11-21 | 7.8 High |
| RAONWIZ v2018.0.2.50 and earlier versions contains a vulnerability that could allow remote files to be downloaded by lack of validation. Vulnerabilities in downloading with Kupload agent allow files to be downloaded to arbitrary paths due to insufficient verification of extensions and download paths. This issue affects: RAONWIZ RAON KUpload 2018.0.2.50 versions and earlier. | ||||
| CVE-2020-7829 | 2 Hmtalk, Microsoft | 2 Daviewindy, Windows | 2024-11-21 | 7.8 High |
| DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | ||||
| CVE-2020-7828 | 2 Hmtalk, Microsoft | 2 Daviewindy, Windows | 2024-11-21 | 7.8 High |
| DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | ||||
| CVE-2020-7827 | 2 Hmtalk, Microsoft | 2 Daviewindy, Windows | 2024-11-21 | 7.8 High |
| DaviewIndy 8.98.7 and earlier version contain Use-After-Free vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | ||||
| CVE-2020-7826 | 1 Eyesurfer | 1 Bflyinstallerx.ocx | 2024-11-21 | 8.8 High |
| EyeSurfer BflyInstallerX.ocx v1.0.0.16 and earlier versions contain a vulnerability that could allow remote files to be download by setting the arguments to the vulnerable method. This can be leveraged for code execution. When the vulnerable method is called, they fail to properly check the parameters that are passed to it. | ||||
| CVE-2020-7825 | 1 Tobesoft | 1 Miplatform | 2024-11-21 | 8.8 High |
| A vulnerability exists that could allow the execution of operating system commands on systems running MiPlatform 2019.05.16 and earlier. An attacker could execute arbitrary remote command by sending parameters to WinExec function in ExtCommandApi.dll module of MiPlatform. | ||||
| CVE-2020-7823 | 1 Hmtalk | 1 Daviewindy | 2024-11-21 | 7.8 High |
| DaviewIndy has a Memory corruption vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | ||||
| CVE-2020-7822 | 2 Hmtalk, Microsoft | 2 Daviewindy, Windows | 2024-11-21 | 7.8 High |
| DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | ||||
| CVE-2020-7821 | 2 Microsoft, Nexaweb | 3 Windows, Nexacro 14, Nexacro 17 | 2024-11-21 | 7.8 High |
| Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim’s PC | ||||
| CVE-2020-7820 | 2 Microsoft, Nexaweb | 3 Windows, Nexacro 14, Nexacro 17 | 2024-11-21 | 7.8 High |
| Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vulnerable API. This can be leveraged for code execution by rebooting the victim’s PC | ||||
| CVE-2020-7818 | 1 Hmtalk | 1 Daviewindy | 2024-11-21 | 7.8 High |
| DaviewIndy 8.98.9 and earlier has a Heap-based overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | ||||
| CVE-2020-7816 | 2 Hmtalk, Microsoft | 4 Daoffice, Dava\+, Daview Indy and 1 more | 2024-11-21 | 7 High |
| A vulnerability in the JPEG image parsing module in DaView Indy, DaVa+, DaOffice softwares could allow an unauthenticated, remote attacker to cause an arbitrary code execution on an affected device.nThe vulnerability is due to a stack overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. | ||||
| CVE-2020-7815 | 2 Microsoft, Tobesoft | 2 Windows, Xplatform | 2024-11-21 | 7.8 High |
| XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. File download vulnerability in ____COMPONENT____ of TOBESOFT XPLATFORM allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: TOBESOFT XPLATFORM 9.2.250 versions prior to 9.2.260 on Windows. | ||||
| CVE-2020-7814 | 2 Microsoft, Raonwiz | 2 Windows, Raon K Upload | 2024-11-21 | 7.8 High |
| RAONWIZ v2018.0.2.50 and eariler versions contains a vulnerability that could allow remote files to be downloaded and excuted by lack of validation to file extension, witch can used as remote-code-excution attacks by hackers File download & execution vulnerability in ____COMPONENT____ of RAONWIZ RAON KUpload allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: RAONWIZ RAON KUpload 2018.0.2.50 versions prior to 2018.0.2.51 on Windows. | ||||
| CVE-2020-7813 | 1 Kaoni | 1 Ezhttptrans | 2024-11-21 | 7.8 High |
| Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download and execute arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution. | ||||
| CVE-2020-7812 | 2 Kaoni, Microsoft | 2 Ezhttptrans, Windows | 2024-11-21 | 7.8 High |
| Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution by rebooting the victim’s PC. | ||||
| CVE-2020-7810 | 2 Handysoft, Microsoft | 2 Hslogin2.dll, Windows | 2024-11-21 | 8.8 High |
| hslogin2.dll ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. This is due to a lack of integrity verification of the policy files referenced in the update process, and a remote attacker could induce a user to crafted web page, causing damage such as malicious code infection. | ||||
| CVE-2020-7808 | 2 Microsoft, Raonwiz | 4 Windows 10, Windows 7, Windows 8 and 1 more | 2024-11-21 | 8.7 High |
| In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check on update module(web.js) allows an attacker to modify arguments which causes downloading a random DLL and injection on it. | ||||
| CVE-2020-7806 | 2 Microsoft, Tobesoft | 2 Windows, Xplatform | 2024-11-21 | 7.8 High |
| Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. It allows attacker to cause remote code execution. | ||||