Total
10626 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3280 | 1 Cisco | 1 Unified Contact Center Express | 2020-05-27 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user on an affected device. | |||||
| CVE-2020-12389 | 2 Microsoft, Mozilla | 3 Windows, Firefox, Firefox Esr | 2020-05-27 | 7.5 HIGH | 10.0 CRITICAL |
| The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. | |||||
| CVE-2020-1173 | 1 Microsoft | 1 Power Bi Report Server | 2020-05-27 | 3.5 LOW | 6.8 MEDIUM |
| A spoofing vulnerability exists in Microsoft Power BI Report Server in the way it validates the content-type of uploaded attachments, aka 'Microsoft Power BI Report Server Spoofing Vulnerability'. | |||||
| CVE-2017-6188 | 2 Debian, Munin-monitoring | 2 Debian Linux, Munin | 2020-05-27 | 1.9 LOW | 5.5 MEDIUM |
| Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user. | |||||
| CVE-2020-5537 | 1 Cybozu | 1 Desktop | 2020-05-27 | 7.5 HIGH | 9.8 CRITICAL |
| Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors. | |||||
| CVE-2011-1456 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | |||||
| CVE-2011-1452 | 1 Google | 1 Chrome | 2020-05-22 | 5.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload. | |||||
| CVE-2011-1451 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-05-22 | 7.5 HIGH | N/A |
| Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | |||||
| CVE-2011-1448 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-1303 | 1 Google | 1 Chrome | 2020-05-22 | 7.5 HIGH | N/A |
| Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-1443 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | |||||
| CVE-2011-1450 | 1 Google | 1 Chrome | 2020-05-22 | 5.0 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | |||||
| CVE-2011-1447 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-1442 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-1438 | 1 Google | 1 Chrome | 2020-05-22 | 7.5 HIGH | N/A |
| Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs. | |||||
| CVE-2011-1434 | 1 Google | 1 Chrome | 2020-05-22 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2020-7137 | 1 Hpe | 2 Superdome Flex Server, Superdome Flex Server Firmware | 2020-05-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| A validation issue in HPE Superdome Flex's RMC component may allow local elevation of privilege. Apply HPE Superdome Flex Server version 3.25.46 or later to resolve this issue. | |||||
| CVE-2018-14349 | 4 Canonical, Debian, Mutt and 1 more | 4 Ubuntu Linux, Debian Linux, Mutt and 1 more | 2020-05-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message. | |||||
| CVE-2018-14351 | 4 Canonical, Debian, Mutt and 1 more | 4 Ubuntu Linux, Debian Linux, Mutt and 1 more | 2020-05-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size. | |||||
| CVE-2020-4411 | 2 Ibm, Linux | 3 Aix, Spectrum Scale, Linux Kernel | 2020-05-19 | 4.9 MEDIUM | 7.1 HIGH |
| The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986. | |||||