Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3968 matches found

CVE
CVEadded 2020/07/09 2:39 p.m.258 views

CVE-2020-12419

CVE-2020-12419 describes a use-after-free in the browser/windowing code: during processing of callbacks in window flushing in the parent process, a window may die, leading to memory corruption and a potentially exploitable crash. Affected products in the provided docs include Thunderbird and Fire...

9.3CVSS8.4AI score0.00438EPSS
Exploits0References11Affected Software3
Prion
Prionadded 2020/07/02 8:15 p.m.32 views

Null pointer dereference

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference...

2.1CVSS3.7AI score0.00047EPSS
Exploits0References4Affected Software2
Amazon
Amazonadded 2020/06/30 12:0 a.m.43 views

Important: nghttp2

Issue Overview: In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The...

7.5CVSS7.1AI score0.01247EPSS
Exploits0
NVD
NVDadded 2020/06/09 8:15 p.m.11 views

CVE-2020-8323

A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution...

6.7CVSS0.0005EPSS
Exploits0References1
NVD
NVDadded 2020/06/09 8:15 p.m.14 views

CVE-2020-8321

A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution...

6.7CVSS0.00137EPSS
Exploits0References1
NVD
NVDadded 2020/06/09 8:15 p.m.12 views

CVE-2020-8322

A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution...

6.7CVSS0.0005EPSS
Exploits0References1
OSV
OSVadded 2020/06/09 8:15 p.m.0 views

CVE-2020-8321

A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution...

6.7CVSS6AI score
Exploits0References1
Prion
Prionadded 2020/06/09 8:15 p.m.15 views

Code injection

A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution...

4.6CVSS6.8AI score0.0005EPSS
Exploits0References1
Prion
Prionadded 2020/06/09 8:15 p.m.14 views

Code injection

A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution...

4.6CVSS6.9AI score0.0005EPSS
Exploits0References1Affected Software121
CVE
CVEadded 2020/06/09 7:50 p.m.72 views

CVE-2020-8323

The CVE-2020-8323 issue affects Lenovo systems (ThinkPad/ThinkStation/Lenovo Notebook) via a vulnerability in the SMI callback function used by the Legacy SD driver. The underlying flaw could allow arbitrary code execution on affected devices. Public details identify the vulnerable component as t...

6.7CVSS7.1AI score0.0005EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/06/09 7:50 p.m.18 views

CVE-2020-8323

A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution...

6.4CVSS7AI score0.0005EPSS
Exploits0References1
CVE
CVEadded 2020/06/09 7:50 p.m.57 views

CVE-2020-8321

Lenovo System Lock Preinstallation driver contains an SMI callback vulnerability in the System Lock Preinstallation (SLP) driver affecting Lenovo Notebook and ThinkStation models, potentially allowing arbitrary code execution via the SMI handler. The issue (CVE-2020-8321) is documented with Lenov...

6.7CVSS7AI score0.00137EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/06/09 7:50 p.m.19 views

CVE-2020-8322

A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution...

6.4CVSS6.9AI score0.0005EPSS
Exploits0References1
CVE
CVEadded 2020/06/09 7:50 p.m.50 views

CVE-2020-8322

CVE-2020-8322 affects Lenovo Notebook and ThinkStation systems, where a vulnerability in the SMI callback function used by the Legacy USB driver could allow arbitrary code execution. The issue is tied to the Legacy USB driver’s SMI handling, with potential impact described as arbitrary code execu...

6.7CVSS7AI score0.0005EPSS
Exploits0References1Affected Software1
Lenovo
Lenovoadded 2020/06/04 8:26 p.m.70 views

Multi-vendor BIOS Security Vulnerabilities (June 2020) - Lenovo Support US

Lenovo Security Advisory: LEN-30042 Potential Impact: Privilege escalation, denial of service, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0528, CVE-2020-0529, CVE-2020-8320, CVE-2020-8321, CVE-2020-8322, CVE-2020-8323, CVE-2020-8333, CVE-2020-833...

7.2CVSS2.3AI score0.00137EPSS
Exploits0
Lenovo
Lenovoadded 2020/06/04 8:26 p.m.43 views

Multi-vendor BIOS Security Vulnerabilities (June 2020) - Lenovo Support US

No description provided...

7.8CVSS5.5AI score0.00072EPSS
Exploits0
OSV
OSVadded 2020/06/03 11:15 p.m.18 views

CVE-2020-11080

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes th...

7.5CVSS7AI score
Exploits0References14
OSV
OSVadded 2020/06/03 11:15 p.m.2 views

DEBIAN-CVE-2020-11080

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes th...

7.5CVSS6.3AI score0.01247EPSS
Exploits0References1
OSV
OSVadded 2020/06/03 11:15 p.m.2 views

ALPINE-CVE-2020-11080

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes th...

7.5CVSS6.9AI score0.01247EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2020/06/03 11:15 p.m.35 views

CVE-2020-11080

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes th...

7.5CVSS6.8AI score0.01247EPSS
Exploits0References6
Rows per page
Query Builder