• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-862

CVE-2020-13270

February 26, 2023 by

Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API

CVE-2020-13276

February 26, 2023 by

User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1

CVE-2020-13154

February 26, 2023 by

Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users to discover the File Protection password via a getFileProtectionSettings call to AjaxServlet.

CVE-2020-13144

February 26, 2023 by

Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the “Create New course>New section>New subsection>New unit>Add new component>Problem button>Advanced tab>Custom Python evaluated code” screen, edit the problem, and execute Python code. This leads to arbitrary code execution.

CVE-2020-12734

February 26, 2023 by

DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and demand a ransom payment from the rightful device owner, because there is no way to reset to Factory Default settings.

CVE-2020-12745

February 26, 2023 by

An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass the locked-state protection mechanism and access clipboard content via USSD. The Samsung ID is SVE-2019-16556 (May 2020).

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 43
  • Go to page 44
  • Go to page 45
  • Go to page 46
  • Go to page 47
  • Interim pages omitted …
  • Go to page 211
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE