The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2020-9591 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to unauthorized access to admin panel. | MEDIUM | Jun 26, 2020 |
CVE-2020-9590 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 26, 2020 |
CVE-2020-9589 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 26, 2020 |
CVE-2020-9588 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass. | MEDIUM | Jun 26, 2020 |
CVE-2020-9587 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts. | MEDIUM | Jun 26, 2020 |
CVE-2020-9586 | Adobe Character Animator versions 3.2 and earlier have a buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 26, 2020 |
CVE-2020-9585 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 26, 2020 |
CVE-2020-9584 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | LOW | Jun 26, 2020 |
CVE-2020-9583 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 26, 2020 |
CVE-2020-9582 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 26, 2020 |
CVE-2020-9581 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | MEDIUM | Jun 26, 2020 |
CVE-2020-9580 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 26, 2020 |
CVE-2020-9579 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 26, 2020 |
CVE-2020-9578 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 26, 2020 |
CVE-2020-9577 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure . | MEDIUM | Jun 26, 2020 |
CVE-2020-9576 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 26, 2020 |
CVE-2020-9575 | Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 26, 2020 |
CVE-2020-9574 | Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9573 | Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 27, 2020 |
CVE-2020-9572 | Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 27, 2020 |
CVE-2020-9571 | Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 27, 2020 |
CVE-2020-9570 | Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9569 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9568 | Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9567 | Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9566 | Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9565 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9564 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9563 | Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 27, 2020 |
CVE-2020-9562 | Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 27, 2020 |
CVE-2020-9561 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9560 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9559 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9558 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | MEDIUM | Jun 27, 2020 |
CVE-2020-9557 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | MEDIUM | Jun 27, 2020 |
CVE-2020-9556 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9555 | Adobe Bridge versions 10.0.1 and earlier version have a stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | Jun 27, 2020 |
CVE-2020-9554 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | HIGH | Jun 27, 2020 |
CVE-2020-9553 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | MEDIUM | Jun 27, 2020 |
CVE-2020-9552 | Adobe Bridge versions 10.0 have a heap-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | MEDIUM | Mar 27, 2020 |
CVE-2020-9551 | Adobe Bridge versions 10.0 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | MEDIUM | Mar 27, 2020 |
CVE-2020-9550 | Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons, allowing an attacker to sniff and spoof beacon requests remotely. | HIGH | Mar 6, 2020 |
CVE-2020-9549 | In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. | MEDIUM | Mar 5, 2020 |
CVE-2020-9548 | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). | MEDIUM | Mar 6, 2020 |
CVE-2020-9547 | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). | MEDIUM | Mar 6, 2020 |
CVE-2020-9546 | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). | MEDIUM | Mar 6, 2020 |
CVE-2020-9545 | Pale Moon 28.x before 28.8.4 has a segmentation fault related to module scripting, as demonstrated by a Lacoste web site. | MEDIUM | Mar 4, 2020 |
CVE-2020-9544 | An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn\'t perform authentication checks for a firmware-update POST request. Any attacker that can access the administrative interface can install firmware of their choice. | MEDIUM | Mar 10, 2020 |
CVE-2020-9543 | OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks. | HIGH | Mar 12, 2020 |
CVE-2020-9540 | Sophos HitmanPro.Alert before build 861 allows local elevation of privilege. | MEDIUM | Mar 3, 2020 |