Show filters
1,988 Total Results
Displaying 801-810 of 1,988
Sort by:
Attacker Value
Unknown

CVE-2020-17054

Disclosure Date: November 11, 2020 (last updated February 22, 2025)
Chakra Scripting Engine Memory Corruption Vulnerability
0
Attacker Value
Unknown

CVE-2020-17048

Disclosure Date: November 11, 2020 (last updated February 22, 2025)
Chakra Scripting Engine Memory Corruption Vulnerability
0
Attacker Value
Unknown

CVE-2020-17058

Disclosure Date: November 11, 2020 (last updated February 22, 2025)
Microsoft Browser Memory Corruption Vulnerability
0
Attacker Value
Unknown

CVE-2020-17052

Disclosure Date: November 11, 2020 (last updated February 22, 2025)
Scripting Engine Memory Corruption Vulnerability
0
Attacker Value
Unknown

CVE-2020-5940

Disclosure Date: November 05, 2020 (last updated February 22, 2025)
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.3, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility.
Attacker Value
Unknown

CVE-2020-26084

Disclosure Date: November 04, 2020 (last updated February 22, 2025)
A vulnerability in the REST API of Cisco Edge Fog Fabric could allow an authenticated, remote attacker to access files outside of their authorization sphere on an affected device. The vulnerability is due to incorrect authorization enforcement on an affected system. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device.
Attacker Value
Unknown

CVE-2020-13943

Disclosure Date: October 12, 2020 (last updated November 28, 2024)
If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources.
Attacker Value
Unknown

CVE-2020-5930

Disclosure Date: September 25, 2020 (last updated November 28, 2024)
In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 and BIG-IQ 5.2.0-7.1.0, unauthenticated attackers can cause disruption of service via undisclosed methods.
Attacker Value
Unknown

CVE-2020-0878

Disclosure Date: September 11, 2020 (last updated February 22, 2025)
<p>A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, …
0
Attacker Value
Unknown

CVE-2020-1180

Disclosure Date: September 11, 2020 (last updated February 22, 2025)
<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.</p> <p>If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.</p>
0