Export limit exceeded: 11157 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11157 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-35342 | 1 Gnu | 1 Binutils | 2024-11-21 | 7.5 High |
| GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak. | ||||
| CVE-2020-35215 | 1 Atomix | 1 Atomix | 2024-11-21 | 6.5 Medium |
| An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states. | ||||
| CVE-2020-35123 | 1 Zimbra | 1 Collaboration | 2024-11-21 | 6.5 Medium |
| In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8.8.15 Patch 17. | ||||
| CVE-2020-2908 | 2 Opensuse, Oracle | 2 Leap, Vm Virtualbox | 2024-11-21 | 8.2 High |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | ||||
| CVE-2020-2324 | 1 Jenkins | 1 Cvs | 2024-11-21 | 7.5 High |
| Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2305 | 2 Jenkins, Redhat | 2 Mercurial, Openshift | 2024-11-21 | 6.5 Medium |
| Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2304 | 2 Jenkins, Redhat | 2 Subversion, Openshift | 2024-11-21 | 6.5 Medium |
| Jenkins Subversion Plugin 2.13.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2284 | 1 Jenkins | 1 Liquibase Runner | 2024-11-21 | 7.1 High |
| Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2247 | 1 Jenkins | 1 Klocwork Analysis | 2024-11-21 | 6.5 Medium |
| Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2245 | 1 Jenkins | 1 Valgrind | 2024-11-21 | 7.1 High |
| Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2178 | 1 Jenkins | 1 Parasoft Findings | 2024-11-21 | 7.1 High |
| Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2171 | 1 Jenkins | 1 Rapiddeploy | 2024-11-21 | 8.8 High |
| Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2144 | 1 Jenkins | 1 Rundeck | 2024-11-21 | 7.1 High |
| Jenkins Rundeck Plugin 3.6.6 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2138 | 1 Jenkins | 1 Cobertura | 2024-11-21 | 7.1 High |
| Jenkins Cobertura Plugin 1.15 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2120 | 1 Jenkins | 1 Fitnesse | 2024-11-21 | 8.8 High |
| Jenkins FitNesse Plugin 1.30 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2115 | 1 Jenkins | 1 Nunit | 2024-11-21 | 8.8 High |
| Jenkins NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2108 | 1 Jenkins | 1 Websphere Deployer | 2024-11-21 | 7.6 High |
| Jenkins WebSphere Deployer Plugin 1.6.1 and earlier does not configure the XML parser to prevent XXE attacks which can be exploited by a user with Job/Configure permissions. | ||||
| CVE-2020-2092 | 1 Jenkins | 1 Robot Framework | 2024-11-21 | 8.8 High |
| Jenkins Robot Framework Plugin 2.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing users with Job/Configure to have Jenkins parse crafted XML documents. | ||||
| CVE-2020-2012 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 7.5 High |
| Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system. This issue affects: All versions of PAN-OS for Panorama 7.1 and 8.0; PAN-OS for Panorama 8.1 versions earlier than 8.1.13; PAN-OS for Panorama 9.0 versions earlier than 9.0.7. | ||||
| CVE-2020-2009 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 7.2 High |
| An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions. This issue affects: All versions of PAN-OS 7.1; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7. | ||||