Show filters
19,892 Total Results
Displaying 121-130 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Very Low
CVE-2021-24094
Disclosure Date: February 25, 2021 (last updated November 28, 2024)
Windows TCP/IP Remote Code Execution Vulnerability
3
Attacker Value
Very High
CVE-2020-17132
Disclosure Date: December 10, 2020 (last updated November 28, 2024)
Microsoft Exchange Remote Code Execution Vulnerability
3
Attacker Value
Moderate
CVE-2020-8200
Disclosure Date: September 18, 2020 (last updated February 22, 2025)
Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server.
3
Attacker Value
Unknown
CVE-2020-11022
Disclosure Date: April 29, 2020 (last updated February 21, 2025)
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
4
Attacker Value
Low
ADV200006 - Type 1 Font Parsing Remote Code Execution Vulnerability in Windows
Disclosure Date: April 15, 2020 (last updated October 06, 2023)
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1020.
1
Attacker Value
Moderate
CVE-2020-0787 Windows BITS Privesc
Disclosure Date: March 12, 2020 (last updated February 21, 2025)
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
1
Attacker Value
Very High
CVE-2020-2551
Disclosure Date: January 15, 2020 (last updated November 27, 2024)
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3
Attacker Value
High
CVE-2019-1458
Disclosure Date: December 10, 2019 (last updated November 27, 2024)
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
3
Attacker Value
Very High
CVE-2019-1388
Disclosure Date: November 12, 2019 (last updated November 27, 2024)
An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.
3
Attacker Value
Very High
CVE-2019-11043
Disclosure Date: October 28, 2019 (last updated July 17, 2024)
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
1
