Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Search Type: Search All
  • CVSS Version: 3
  • CVSS V3 Severity: Critical (9-10)
There are 12,303 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2020-25414

A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code.

Published: June 17, 2021; 11:15:07 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-22212

SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php.

Published: June 16, 2021; 2:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-22211

SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.

Published: June 16, 2021; 2:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-22210

SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.

Published: June 16, 2021; 2:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-22209

SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php.

Published: June 16, 2021; 2:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-22208

SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php.

Published: June 16, 2021; 2:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-22206

SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php.

Published: June 16, 2021; 2:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-22205

SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php.

Published: June 16, 2021; 2:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-22204

SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. .

Published: June 16, 2021; 2:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-22199

SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php.

Published: June 16, 2021; 1:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-35760

bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files).

Published: June 16, 2021; 12:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-22198

SQL Injection vulnerability in DedeCMS 5.7 via mdescription parameter to member/ajax_membergroup.php.

Published: June 16, 2021; 12:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-9493

A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.

Published: June 16, 2021; 4:15:06 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 6.8 MEDIUM
CVE-2021-33622

Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value.

Published: June 15, 2021; 4:15:14 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 6.8 MEDIUM
CVE-2021-0324

Product: AndroidVersions: Android SoCAndroid ID: A-175402462

Published: June 14, 2021; 4:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2021-0474

In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-177611958

Published: June 11, 2021; 1:15:09 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2021-22175

When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled

Published: June 11, 2021; 12:15:09 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 6.8 MEDIUM
CVE-2021-25387

An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

Published: June 11, 2021; 11:15:08 AM -0400
V3.1: 10.0 CRITICAL
V2.0: 7.5 HIGH
CVE-2021-25386

An improper input validation vulnerability in sdfffd_parse_chunk_FVER() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

Published: June 11, 2021; 11:15:08 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2021-25385

An improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

Published: June 11, 2021; 11:15:08 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH