Max CVSS 7.2 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-14093 4.3
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.
21-07-2021 - 11:39 15-06-2020 - 05:15
CVE-2020-0548 2.1
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
21-07-2021 - 11:39 28-01-2020 - 01:15
CVE-2020-0549 2.1
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
21-07-2021 - 11:39 28-01-2020 - 01:15
CVE-2020-2875 4.0
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network ac
26-05-2021 - 12:15 15-04-2020 - 14:15
CVE-2020-2933 3.5
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple pro
26-05-2021 - 12:15 15-04-2020 - 14:15
CVE-2020-2934 5.1
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network ac
26-05-2021 - 12:15 15-04-2020 - 14:15
CVE-2020-13254 4.3
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.
20-01-2021 - 15:15 03-06-2020 - 14:15
CVE-2020-13596 4.3
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.
20-01-2021 - 15:15 03-06-2020 - 14:15
CVE-2020-4049 3.5
In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severit
23-12-2020 - 18:51 12-06-2020 - 16:15
CVE-2020-2875 4.0
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network ac
25-09-2020 - 19:15 15-04-2020 - 14:15
CVE-2020-2934 5.1
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network ac
25-09-2020 - 19:15 15-04-2020 - 14:15
CVE-2020-2933 3.5
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple pro
25-09-2020 - 19:15 15-04-2020 - 14:15
CVE-2020-4047 3.5
In affected versions of WordPress, authenticated users with upload permissions (like authors) are able to inject JavaScript into some media file attachment pages in a certain way. This can lead to script execution in the context of a higher privilege
11-09-2020 - 17:15 12-06-2020 - 16:15
CVE-2020-4048 4.9
In affected versions of WordPress, due to an issue in wp_validate_redirect() and URL sanitization, an arbitrary external link can be crafted leading to unintended/open redirect when clicked. This has been patched in version 5.4.2, along with all the
11-09-2020 - 17:15 12-06-2020 - 16:15
CVE-2020-4050 6.0
In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misuse the filter. Once installed, it can be leveraged b
11-09-2020 - 17:15 12-06-2020 - 16:15
CVE-2020-14954 4.3
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates i
28-07-2020 - 22:15 21-06-2020 - 17:15
CVE-2020-13965 4.3
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS via a malicious XML attachment because text/xml is among the allowed types for a preview.
23-07-2020 - 20:06 09-06-2020 - 03:15
CVE-2020-9402 6.5
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggreg
14-07-2020 - 17:28 05-03-2020 - 15:15
CVE-2020-4046 3.5
In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this coul
01-07-2020 - 15:15 12-06-2020 - 16:15
CVE-2020-13428 6.8
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary co
19-06-2020 - 16:15 08-06-2020 - 19:15
CVE-2020-13964 4.3
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmail_output_html.php allows XSS via the username template object.
19-06-2020 - 03:15 09-06-2020 - 03:15
CVE-2003-0985 7.2
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing
03-05-2018 - 01:29 20-01-2004 - 05:00
CVE-2004-0077 7.2
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local
03-05-2018 - 01:29 03-03-2004 - 05:00
CVE-2003-0961 7.2
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.
18-10-2016 - 02:38 15-12-2003 - 05:00
Back to Top Mark selected
Back to Top