Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-16986 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 2.1 LOW | 6.2 MEDIUM |
| Azure Sphere Denial of Service Vulnerability | |||||
| CVE-2020-16985 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 2.1 LOW | 6.2 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2020-16984 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 7.2 HIGH | 7.3 HIGH |
| Azure Sphere Unsigned Code Execution Vulnerability | |||||
| CVE-2020-16983 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 7.2 HIGH | 5.7 MEDIUM |
| Azure Sphere Tampering Vulnerability | |||||
| CVE-2020-16982 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 7.2 HIGH | 6.1 MEDIUM |
| Azure Sphere Unsigned Code Execution Vulnerability | |||||
| CVE-2020-16981 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 7.2 HIGH | 6.1 MEDIUM |
| Azure Sphere Elevation of Privilege Vulnerability | |||||
| CVE-2020-16979 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 4.0 MEDIUM | 5.3 MEDIUM |
| Microsoft SharePoint Information Disclosure Vulnerability | |||||
| CVE-2020-16970 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 7.2 HIGH | 8.1 HIGH |
| Azure Sphere Unsigned Code Execution Vulnerability | |||||
| CVE-2020-17153 | 1 Microsoft | 1 Edge | 2023-12-31 | 5.8 MEDIUM | 4.3 MEDIUM |
| Microsoft Edge for Android Spoofing Vulnerability | |||||
| CVE-2020-17150 | 1 Microsoft | 1 Visual Studio Code | 2023-12-31 | 6.8 MEDIUM | 7.8 HIGH |
| Visual Studio Code Remote Code Execution Vulnerability | |||||
| CVE-2020-17145 | 1 Microsoft | 2 Azure Devops Server, Team Foundation Server | 2023-12-31 | 4.9 MEDIUM | 5.4 MEDIUM |
| Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | |||||
| CVE-2020-17140 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 4.0 MEDIUM | 8.1 HIGH |
| Windows SMB Information Disclosure Vulnerability | |||||
| CVE-2020-17133 | 1 Microsoft | 1 Dynamics Nav | 2023-12-31 | 4.0 MEDIUM | 6.5 MEDIUM |
| Microsoft Dynamics Business Central/NAV Information Disclosure | |||||
| CVE-2020-17131 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2023-12-31 | 5.1 MEDIUM | 4.2 MEDIUM |
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2020-17130 | 1 Microsoft | 2 365 Apps, Excel | 2023-12-31 | 6.0 MEDIUM | 6.5 MEDIUM |
| Microsoft Excel Security Feature Bypass Vulnerability | |||||
| CVE-2020-17129 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2020-17128 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2020-17127 | 1 Microsoft | 1 Excel | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2020-17126 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Microsoft Excel Information Disclosure Vulnerability | |||||
| CVE-2020-17125 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2020-17124 | 1 Microsoft | 3 365 Apps, Office, Powerpoint | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Microsoft PowerPoint Remote Code Execution Vulnerability | |||||
| CVE-2020-17123 | 1 Microsoft | 4 365 Apps, Excel, Office Online Server and 1 more | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2020-17122 | 1 Microsoft | 3 Office, Office Web Apps, Sharepoint Server | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2020-17121 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||
| CVE-2020-17120 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 4.0 MEDIUM | 5.3 MEDIUM |
| Microsoft SharePoint Information Disclosure Vulnerability | |||||
| CVE-2020-17115 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 6.0 MEDIUM | 8.0 HIGH |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||
| CVE-2020-17002 | 1 Microsoft | 1 C Sdk For Azure Iot | 2023-12-31 | 9.4 HIGH | 7.4 HIGH |
| Azure SDK for C Security Feature Bypass Vulnerability | |||||
| CVE-2020-16996 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 4.0 MEDIUM | 6.5 MEDIUM |
| Kerberos Security Feature Bypass Vulnerability | |||||
| CVE-2020-16971 | 1 Microsoft | 1 Azure Sdk For Java | 2023-12-31 | 6.4 MEDIUM | 7.4 HIGH |
| Azure SDK for Java Security Feature Bypass Vulnerability | |||||
| CVE-2020-16964 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Backup Engine Elevation of Privilege Vulnerability | |||||
| CVE-2020-16963 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Backup Engine Elevation of Privilege Vulnerability | |||||
| CVE-2020-16962 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Backup Engine Elevation of Privilege Vulnerability | |||||
| CVE-2020-16961 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Backup Engine Elevation of Privilege Vulnerability | |||||
| CVE-2020-16960 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Backup Engine Elevation of Privilege Vulnerability | |||||
| CVE-2020-16959 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Backup Engine Elevation of Privilege Vulnerability | |||||
| CVE-2020-16958 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Backup Engine Elevation of Privilege Vulnerability | |||||
| CVE-2023-6186 | 3 Debian, Fedoraproject, Libreoffice | 3 Debian Linux, Fedora, Libreoffice | 2023-12-31 | N/A | 8.8 HIGH |
| Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user. | |||||
| CVE-2023-6185 | 3 Debian, Fedoraproject, Libreoffice | 3 Debian Linux, Fedora, Libreoffice | 2023-12-31 | N/A | 8.8 HIGH |
| Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system. | |||||
| CVE-2023-37536 | 3 Apache, Fedoraproject, Hcltech | 3 Xerces-c\+\+, Fedora, Bigfix Platform | 2023-12-31 | N/A | 8.8 HIGH |
| An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request. | |||||
| CVE-2020-12803 | 3 Fedoraproject, Libreoffice, Opensuse | 3 Fedora, Libreoffice, Leap | 2023-12-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need for macros or other active scripting Prior to version 6.4.4 LibreOffice allowed forms to be submitted to any URI, including file: URIs, enabling form submissions to overwrite local files. User-interaction is required to submit the form, but to avoid the possibility of malicious documents engineered to maximize the possibility of inadvertent user submission this feature has now been limited to http[s] URIs, removing the possibility to overwrite local files. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4. | |||||
| CVE-2020-12802 | 3 Fedoraproject, Libreoffice, Opensuse | 3 Fedora, Libreoffice, Leap | 2023-12-31 | 4.3 MEDIUM | 5.3 MEDIUM |
| LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where remote graphic links loaded from docx documents were omitted from this protection prior to version 6.4.4. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4. | |||||
| CVE-2020-12801 | 2 Libreoffice, Opensuse | 2 Libreoffice, Leap | 2023-12-31 | 5.0 MEDIUM | 5.3 MEDIUM |
| If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3. | |||||
| CVE-2018-1311 | 4 Apache, Debian, Oracle and 1 more | 9 Xerces-c\+\+, Debian Linux, Goldengate and 6 more | 2023-12-31 | 6.8 MEDIUM | 8.1 HIGH |
| The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable. | |||||
| CVE-2023-36546 | 2023-12-31 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2023-40462 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2023-12-31 | N/A | 7.5 HIGH |
| The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable. | |||||
| CVE-2023-48893 | 1 Slims | 1 Senayan Library Management System Bulian | 2023-12-31 | N/A | 8.8 HIGH |
| SLiMS (aka SENAYAN Library Management System) through 9.6.1 allows admin/modules/reporting/customs/staff_act.php SQL Injection via startDate or untilDate. | |||||
| CVE-2023-50471 | 1 Cjson Project | 1 Cjson | 2023-12-30 | N/A | 7.5 HIGH |
| cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c. | |||||
| CVE-2023-49468 | 1 Struktur | 1 Libde265 | 2023-12-30 | N/A | 8.8 HIGH |
| Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc. | |||||
| CVE-2023-49467 | 1 Struktur | 1 Libde265 | 2023-12-30 | N/A | 8.8 HIGH |
| Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at motion.cc. | |||||
| CVE-2023-49465 | 1 Struktur | 1 Libde265 | 2023-12-30 | N/A | 8.8 HIGH |
| Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc. | |||||