Vulnerability_Archives

CVE_ARCHIVES.DB

ARCHIVE_CHRONOLOGY.INDEXSTATUS: ONLINE

Risk_Filter:

Records: 19,222

Mode: SECURE_QUERY

CVE-2020-35931

HIGH

An issue was discovered in Foxit Reader before 10.1.1 (and before 4.1.1 on macOS) and PhantomPDF before 9.7.5 and 10.x before 10.1.1 (and before 4.1.1

Discovered

Dec 31, 2020

CVE-2020-26165

HIGH

qdPM through 9.1 allows PHP Object Injection via timeReportActions::executeExport in core/apps/qdPM/modules/timeReport/actions/actions.class.php becau

Discovered

Dec 31, 2020

CVE-2020-35930

MEDIUM

Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI.

Discovered

Dec 31, 2020

CVE-2019-25011

MEDIUM

NetBox through 2.6.2 allows an Authenticated User to conduct an XSS attack against an admin via a GFM-rendered field, as demonstrated by /dcim/sites/a

Discovered

Dec 31, 2020

CVE-2020-25799

MEDIUM

LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Quota component of the Survey page. When the survey quota being viewed, e.g. by an

Discovered

Dec 31, 2020

CVE-2020-25797

MEDIUM

LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Add Participants Function (First and last name parameters). When the survey partici

Discovered

Dec 31, 2020

CVE-2020-11835

MEDIUM

In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_da9313.c, failure to check the parameter buf in the function proc_work_mode_write

Discovered

Dec 31, 2020

CVE-2020-11834

MEDIUM

In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the function proc_fastchg_fw_update_write in proc_fastchg_fw_update_write does not c

Discovered

Dec 31, 2020

CVE-2020-11833

MEDIUM

In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_data_log_write does not ch

Discovered

Dec 31, 2020

CVE-2020-11832

MEDIUM

In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not c

Discovered

Dec 31, 2020

CVE-2018-19945

CRITICAL

A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6. Caused by improper limitations of a pathname to a restric

Discovered

Dec 31, 2020

CVE-2018-19944

HIGH

A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allo

Discovered

Dec 31, 2020

CVE-2018-19941

HIGH

A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an attacker to access sensitive information stored in cl

Discovered

Dec 31, 2020

CVE-2020-35897

MEDIUM

An issue was discovered in the atom crate before 0.3.6 for Rust. An unsafe Send implementation allows a cross-thread data race.

Discovered

Dec 31, 2020

CVE-2020-35896

HIGH

An issue was discovered in the ws crate through 2020-09-25 for Rust. The outgoing buffer is not properly limited, leading to a remote memory-consumpti

Discovered

Dec 31, 2020

CVE-2020-35895

CRITICAL

An issue was discovered in the stack crate before 0.3.1 for Rust. ArrayVec has an out-of-bounds write via element insertion.

Discovered

Dec 31, 2020

CVE-2020-35894

HIGH

An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur.

Discovered

Dec 31, 2020

CVE-2020-35893

HIGH

An issue was discovered in the simple-slab crate before 0.3.3 for Rust. remove() has an off-by-one error, causing memory leakage and a drop of uniniti

Discovered

Dec 31, 2020

CVE-2020-35892

CRITICAL

An issue was discovered in the simple-slab crate before 0.3.3 for Rust. index() allows an out-of-bounds read.

Discovered

Dec 31, 2020

CVE-2020-35891

HIGH

An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via a remove() double free.

Discovered

Dec 31, 2020

...