Show filters
32,133 Total Results
Displaying 11-20 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
High

CVE-2020-1147

Disclosure Date: July 14, 2020 (last updated August 28, 2020)
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Attacker Value
Very High

CVE-2020-6418

Disclosure Date: February 27, 2020 (last updated July 30, 2020)
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Attacker Value
Very High

CVE-2021-30807

Disclosure Date: October 19, 2021 (last updated October 21, 2021)
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Attacker Value
Moderate

CVE-2021-39609

Disclosure Date: August 23, 2021 (last updated August 31, 2021)
Cross Site Scripting (XSS) vulnerability exiss in FlatCore-CMS 2.0.7 via the upload image function.
Attacker Value
High

CVE-2021-26411

Disclosure Date: March 11, 2021 (last updated March 18, 2021)
Internet Explorer Memory Corruption Vulnerability
Attacker Value
Unknown

CVE-2021-21017

Disclosure Date: February 09, 2021 (last updated February 12, 2021)
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Attacker Value
Unknown

CVE-2020-24587

Disclosure Date: May 11, 2021 (last updated May 29, 2021)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
Attacker Value
High

CVE-2021-21193

Disclosure Date: March 16, 2021 (last updated March 24, 2021)
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Attacker Value
Moderate

CVE-2020-35687

Disclosure Date: January 13, 2021 (last updated January 16, 2021)
PHPFusion version 9.03.90 is vulnerable to CSRF attack which leads to deletion of all shoutbox messages by the attacker on behalf of the logged in victim.
Attacker Value
Unknown

CVE-2020-16017

Disclosure Date: January 08, 2021 (last updated January 12, 2021)
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.