Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2020-9430

    In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.... Read more

    Affected Products : fedora debian_linux leap wireshark
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2020-9429

    In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.... Read more

    Affected Products : leap wireshark
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2020-9428

    In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.... Read more

    Affected Products : fedora debian_linux leap wireshark
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.0

    MEDIUM
    CVE-2020-9427

    OX Guard 2.10.3 and earlier allows SSRF.... Read more

    Affected Products : ox_guard
    • Published: Jun. 15, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2020-9426

    OX Guard 2.10.3 and earlier allows XSS.... Read more

    Affected Products : ox_guard
    • Published: Jun. 15, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2020-9425

    An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacker can retrieve saved cleartext credentials via a GET request to settings.php. Because the application was not exiting after a redirect is applied, the rest... Read more

    Affected Products : rconfig
    • Published: Mar. 20, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-9423

    LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, su... Read more

    Affected Products : logicaldoc
    • Published: Mar. 18, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-9418

    An untrusted search path vulnerability in the installer of PDFescape Desktop version 4.0.22 and earlier allows an attacker to gain privileges and execute code via DLL hijacking.... Read more

    Affected Products : windows pdfescape
    • Published: Mar. 05, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2020-9417

    The Transaction Insight reporting component of TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System, TIBCO Foresight Archive and Retrieval System Healthcare Edition, TIBCO Foresight Operational Monitor, TIBCO Foresight Operational Monitor He... Read more

    • Published: Oct. 20, 2020
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2020-9416

    The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vulnerability that theoretically allows a legitimate user to... Read more

    • Published: Sep. 15, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2020-9415

    The TIBCO Data Virtualization Server component of TIBCO Software Inc.'s TIBCO Data Virtualization and TIBCO Data Virtualization for AWS Marketplace contains a vulnerability that theoretically allows a malicious authenticated user to download any arbitrary... Read more

    • Published: Aug. 18, 2020
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2020-9414

    The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contains a vulnerability that theoretically allows an authenticated user with specific permissions to obtai... Read more

    • Published: Jun. 30, 2020
    • Modified: Nov. 21, 2024

  • 9.6

    CRITICAL
    CVE-2020-9413

    The MFT Browser file transfer client and MFT Browser admin client components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contain a vulnerability that theoretically allows an attacker ... Read more

    • Published: Jun. 30, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-9412

    The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows execution of arbitrary commands at the privilege level of the affected system following a failed ... Read more

    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-9411

    The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows an attacker to perform unauthorized network file transfers to and from the file system accessible... Read more

    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2020-9410

    The report generator component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMat... Read more

    • Published: May. 20, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-9409

    The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated ... Read more

    • Published: May. 20, 2020
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2020-9408

    The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker with write permissions to the Spotfire Library, but not ... Read more

    • Published: Mar. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2020-9407

    IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie.... Read more

    Affected Products : online_weather
    • Published: Feb. 26, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-9406

    IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service.... Read more

    Affected Products : online_weather
    • Published: Feb. 26, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 294846 Results