Total
8212 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3730 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2020-02-14 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3736 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2020-02-14 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3731 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2020-02-14 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3732 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2020-02-14 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3733 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2020-02-14 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3734 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2020-02-14 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3735 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2020-02-14 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-4741 | 3 Ibm, Linux, Microsoft | 4 Aix, Content Navigator, Linux Kernel and 1 more | 2020-02-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 172815. | |||||
| CVE-2019-4427 | 2 Ibm, Microsoft | 2 Cloud Cli, Windows | 2020-02-14 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Cloud CLI 0.6.0 through 0.16.1 windows installers are signed using SHA1 certificate. An attacker might be able to exploit the weak algorithm to generate a installer with malicious software inside. IBM X-Force ID: 162773. | |||||
| CVE-2018-5063 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2020-02-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-5064 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2020-02-13 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-4985 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2020-02-13 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-5065 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2020-02-13 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2020-3925 | 2 Changingtec, Microsoft | 2 Servisign, Windows | 2020-02-12 | 9.3 HIGH | 8.8 HIGH |
| A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arbitrary command on target system via malicious crafted scripts. | |||||
| CVE-2015-2062 | 2 Huge-it, Microsoft | 2 Huge-it Slider, Windows | 2020-02-11 | 6.5 MEDIUM | 7.2 HIGH |
| Multiple SQL injection vulnerabilities in the Huge-IT Slider (slider-image) plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popup_posts or edit_cat action in the sliders_huge_it_slider page to wp-admin/admin.php. | |||||
| CVE-2019-4732 | 2 Ibm, Microsoft | 3 Sdk, Websphere Application Server, Windows | 2020-02-06 | 6.9 MEDIUM | 6.5 MEDIUM |
| IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618. | |||||
| CVE-2020-3941 | 2 Microsoft, Vmware | 2 Windows, Tools | 2020-02-05 | 4.4 MEDIUM | 7.0 HIGH |
| The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11. | |||||
| CVE-2015-0242 | 3 Debian, Microsoft, Postgresql | 3 Debian Linux, Windows, Postgresql | 2020-01-31 | 6.5 MEDIUM | 8.8 HIGH |
| Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a floating point number with a large precision, as demonstrated by using the to_char function. | |||||
| CVE-2020-3131 | 2 Cisco, Microsoft | 2 Webex Teams, Windows | 2020-01-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service (DoS) condition. The attacker needs a valid developer account to exploit this vulnerability. The vulnerability is due to insufficient input validation when processing received adaptive cards. The attacker could exploit this vulnerability by sending an adaptive card with malicious content to an existing user of the Cisco Webex Teams client for Windows. A successful exploit could allow the attacker to cause the targeted user's client to crash continuously. This vulnerability was introduced in Cisco Webex Teams client for Windows Release 3.0.13131. | |||||
| CVE-2013-6773 | 2 Microsoft, Splunk | 2 Windows, Splunk | 2020-01-27 | 4.6 MEDIUM | 7.8 HIGH |
| Splunk 5.0.3 has an Unquoted Service Path in Windows for Universal Forwarder which can allow an attacker to escalate privileges | |||||