Total
2702 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36456 | 1 Toolshed Project | 1 Toolshed | 2024-11-21 | 8.1 High |
| An issue was discovered in the toolshed crate through 2020-11-15 for Rust. In CopyCell<T>, the Send trait lacks bounds on the contained type. | ||||
| CVE-2020-36455 | 1 Brokenlamp | 1 Slock | 2024-11-21 | 8.1 High |
| An issue was discovered in the slock crate through 2020-11-17 for Rust. Slock<T> unconditionally implements Send and Sync. | ||||
| CVE-2020-36451 | 1 Rcu Cell Project | 1 Rcu Cell | 2024-11-21 | 8.1 High |
| An issue was discovered in the rcu_cell crate through 2020-11-14 for Rust. There are unconditional implementations of Send and Sync for RcuCell<T>. | ||||
| CVE-2020-36450 | 1 Bunch Project | 1 Bunch | 2024-11-21 | 8.1 High |
| An issue was discovered in the bunch crate through 2020-11-12 for Rust. There are unconditional implementations of Send and Sync for Bunch<T>. | ||||
| CVE-2020-36449 | 1 Kekbit Project | 1 Kekbit | 2024-11-21 | 8.1 High |
| An issue was discovered in the kekbit crate before 0.3.4 for Rust. For ShmWriter<H>, Send is implemented without requiring H: Send. | ||||
| CVE-2020-36448 | 1 Cache Project | 1 Cache | 2024-11-21 | 8.1 High |
| An issue was discovered in the cache crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for Cache<K>. | ||||
| CVE-2020-36198 | 1 Qnap | 1 Malware Remover | 2024-11-21 | 6.7 Medium |
| A command injection vulnerability has been reported to affect certain versions of Malware Remover. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Malware Remover versions prior to 4.6.1.0. This issue does not affect: QNAP Systems Inc. Malware Remover 3.x. | ||||
| CVE-2020-35798 | 1 Netgear | 60 R6400v2, R6400v2 Firmware, R6700v3 and 57 more | 2024-11-21 | 9.3 Critical |
| Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50. | ||||
| CVE-2020-35794 | 1 Netgear | 14 Rbk752, Rbk752 Firmware, Rbk852 and 11 more | 2024-11-21 | 8.4 High |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. | ||||
| CVE-2020-35793 | 1 Netgear | 10 D7800, D7800 Firmware, R7500 and 7 more | 2024-11-21 | 6.1 Medium |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.58, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.2, and R9000 before 1.0.5.2. | ||||
| CVE-2020-35792 | 1 Netgear | 8 R7500, R7500 Firmware, R7800 and 5 more | 2024-11-21 | 8.3 High |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7500v2 before 1.0.3.48, R8900 before 1.0.5.2, R9000 before 1.0.5.2, and R7800 before 1.0.2.68. | ||||
| CVE-2020-35791 | 1 Netgear | 6 R7800, R7800 Firmware, R8900 and 3 more | 2024-11-21 | 6.4 Medium |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.68, R8900 before 1.0.5.2, and R9000 before 1.0.5.2. | ||||
| CVE-2020-35790 | 1 Netgear | 8 D7800, D7800 Firmware, R7800 and 5 more | 2024-11-21 | 6.4 Medium |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, R8900 before 1.0.4.26, and R9000 before 1.0.4.26. | ||||
| CVE-2020-35777 | 1 Netgear | 2 Dgn2200v1, Dgn2200v1 Firmware | 2024-11-21 | 8.4 High |
| NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by command injection. | ||||
| CVE-2020-2508 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | 7.2 High |
| A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.1.1456 build 20201015 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later) | ||||
| CVE-2020-2507 | 1 Qnap | 1 Helpdesk | 2024-11-21 | 9.8 Critical |
| The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3. | ||||
| CVE-2020-2492 | 1 Qnap | 1 Qts | 2024-11-21 | 7.2 High |
| If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. | ||||
| CVE-2020-2490 | 1 Qnap | 1 Qts | 2024-11-21 | 7.2 High |
| If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. | ||||
| CVE-2020-29599 | 3 Debian, Imagemagick, Redhat | 3 Debian Linux, Imagemagick, Enterprise Linux | 2024-11-21 | 7.8 High |
| ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c. | ||||
| CVE-2020-29548 | 1 Smartertools | 1 Smartermail | 2024-11-21 | 8.1 High |
| An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle attackers can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session. | ||||