CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

524 matches found

NVD•added 2021/06/24 8:15 p.m.•7 views

CVE-2020-17759

An issue was found in the Evernote client for Windows 10, 7, and 2008 in the protocol handler. This enables attackers for arbitrary command execution if the user clicks on a specially crafted URL. AKA: WINNOTE-19941...

8.8CVSS0.00442EPSS

Exploits0References1

OSV•added 2021/06/24 8:15 p.m.•0 views

CVE-2020-17759

8.8CVSS7.5AI score0.00442EPSS

Exploits0References1

Prion•added 2021/06/24 8:15 p.m.•6 views

Command injection

6.8CVSS8.7AI score0.00442EPSS

Exploits0References1Affected Software1

CVE•added 2021/06/24 7:16 p.m.•76 views

CVE-2020-17759

CVE-2020-17759 affects the Evernote client for Windows 10, 7, and 2008 via the protocol handler. The vulnerability allows attackers to achieve arbitrary command execution when a user clicks a specially crafted URL. This is the root cause described across multiple connected sources (e.g., NVD entr...

8.8CVSS8.7AI score0.00442EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/06/24 7:16 p.m.•13 views

CVE-2020-17759

8.8AI score0.00442EPSS

Exploits0References1

CNNVD•added 2021/06/24 12:0 a.m.•1 views

Evernote命令注入漏洞

Evernote Impression Notes is a suite of note-taking software for the macOS platform from the American company Evernote. The software allows you to create, manage, synchronize, search, and share notes anytime, anywhere. The Evernote client suffers from a command injection vulnerability that stems...

8.8CVSS8.1AI score0.00442EPSS

Exploits0References2

Tenable Nessus•added 2021/06/10 12:0 a.m.•38 views

SUSE SLES11 Security Update : curl (SUSE-SU-2019:14172-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2019:14172-1 advisory. - Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. CVE-2019-5482 Note that Nessus has not tested for this issue but has...

9.8CVSS6.5AI score0.09715EPSS

Exploits0References4

RedHat Linux•added 2021/03/30 9:49 a.m.•1 views

curl: heap buffer overflow in function tftp_receive_packet()

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3...

9.8CVSS7.4AI score0.09715EPSS

Exploits0References5

CNVD•added 2021/03/11 12:0 a.m.•8 views

Facebook Gameroom Code Execution Vulnerability

Facebook Gameroom is a software of Facebook Inc. It is used for watching videos, playing games, and sharing content. A security vulnerability exists in versions prior to Facebook Gameroom v1.26.0 that stems from the fbgames protocol handler not properly referencing parameters passed to the...

9.8CVSS7.2AI score0.01161EPSS

Exploits0References1

NVD•added 2021/03/10 4:15 p.m.•8 views

CVE-2021-24030

The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0...

9.8CVSS0.01161EPSS

Exploits0References1

Prion•added 2021/03/10 4:15 p.m.•14 views

Design/Logic Flaw

7.5CVSS9.4AI score0.01161EPSS

Exploits0References1Affected Software1

CVE•added 2021/03/10 3:50 p.m.•45 views

CVE-2021-24030

The CVE-2021-24030 issue affects Facebook Gameroom’s fbgames protocol handler, where arguments to the executable are not properly quoted. This causes code execution if a malicious URL is processed. Affected versions are prior to v1.26.0; upgrading to v1.26.0 or later is the stated remediation. Th...

9.8CVSS9.4AI score0.01161EPSS

Exploits0References1Affected Software1

CNVD•added 2020/11/24 12:0 a.m.•1 views

JetBrains Toolbox Remote Code Execution Vulnerability

JetBrains Toolbox is a JetBrains product management application from the Czech company JetBrains. A remote code execution vulnerability exists in JetBrains ToolBox versions prior to 1.18, which stems from vulnerability to attacks that execute remote code via a browser protocol handler. No details...

10CVSS8.1AI score0.00035EPSS

Exploits0References1

CNVD•added 2020/11/24 12:0 a.m.•2 views

JetBrains Toolbox Denial of Service Vulnerability

JetBrains Toolbox is a JetBrains product management application from the Czech company JetBrains. A denial-of-service vulnerability exists in JetBrains ToolBox versions prior to 1.18, which stems from susceptibility to denial-of-service attacks via the browser protocol handler. No detailed...

7.5CVSS6.8AI score0.00006EPSS

Exploits0References1

NVD•added 2020/11/16 3:15 p.m.•14 views

CVE-2020-25013

JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler...

7.5CVSS7.4AI score0.00006EPSS

Exploits0References2

OSV•added 2020/11/16 3:15 p.m.•0 views

CVE-2020-25207

JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler...

9.8CVSS7.4AI score

Exploits0References2