| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-28367 | — | Hig | 0.42 | 7.5 | 0.02 | Nov 18, 2020 | Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive. | |
| CVE-2020-28366 | Hig | 0.42 | 7.5 | 0.02 | Nov 18, 2020 | Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file. | ||
| CVE-2020-28362 | — | Hig | 0.49 | 7.5 | 0.04 | Nov 18, 2020 | Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. | |
| CVE-2020-28091 | Hig | 0.52 | 7.5 | 0.04 | Nov 18, 2020 | cxuucms v3 has a SQL injection vulnerability, which can lead to the leakage of all database data via the keywords parameter via search.php. | ||
| CVE-2020-26933 | Hig | 0.47 | 7.2 | 0.00 | Nov 18, 2020 | Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. Improper initialization of this shut-down may result in… | ||
| CVE-2020-25406 | Hig | 0.48 | 7.3 | 0.01 | Nov 18, 2020 | app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows users to upload files to upload executable files. | ||
| CVE-2020-24297 | Hig | 0.57 | 8.8 | 0.04 | Nov 18, 2020 | httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Fixed version: TL-WPA4220(EU)_V4_201023 | ||
| CVE-2020-7564 | Hig | 0.57 | 8.8 | 0.01 | Nov 18, 2020 | A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write… | ||
| CVE-2020-7563 | Hig | 0.57 | 8.8 | 0.01 | Nov 18, 2020 | A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading… | ||
| CVE-2020-7562 | Hig | 0.53 | 8.1 | 0.01 | Nov 18, 2020 | A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a… | ||
| CVE-2020-28914 | Hig | 0.00 | 7.1 | 0.00 | Nov 17, 2020 | An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable… | ||
| CVE-2020-26552 | Hig | 0.49 | 7.5 | 0.01 | Nov 17, 2020 | An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access. | ||
| CVE-2020-26551 | Hig | 0.49 | 7.5 | 0.01 | Nov 17, 2020 | An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file. | ||
| CVE-2020-26550 | Hig | 0.49 | 7.5 | 0.01 | Nov 17, 2020 | An issue was discovered in Aviatrix Controller before R5.3.1151. An encrypted file containing credentials to unrelated systems is protected by a three-character key. | ||
| CVE-2020-26549 | Hig | 0.49 | 7.5 | 0.01 | Nov 17, 2020 | An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading. | ||
| CVE-2020-26548 | Hig | 0.57 | 8.8 | 0.01 | Nov 17, 2020 | An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system. | ||
| CVE-2020-26216 | — | Hig | 0.45 | 8.0 | 0.01 | Nov 17, 2020 | TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11 and 2.6.10 is vulnerable to Cross-Site Scripting. Three XSS vulnerabilities have been detected in Fluid: 1. TagBasedViewHelper allowed XSS through maliciously crafted additionalAttributes arrays by creating… | |
| CVE-2020-28136 | Hig | 0.57 | 8.8 | 0.03 | Nov 17, 2020 | An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page. | ||
| CVE-2020-26405 | Hig | 0.46 | 7.1 | 0.01 | Nov 17, 2020 | Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. Affected versions are >=12.8, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2. | ||
| CVE-2020-25400 | Hig | 0.49 | 7.5 | 0.02 | Nov 17, 2020 | Cross domain policies in Taskcafe Project Management tool before version 0.1.0 and 0.1.1 allows remote attackers to access sensitive data such as access token. | ||
| CVE-2020-13958 | Hig | 0.51 | 7.8 | 0.03 | Nov 17, 2020 | A vulnerability in Apache OpenOffice scripting events allows an attacker to construct documents containing hyperlinks pointing to an executable on the target users file system. These hyperlinks can be triggered unconditionally. In fixed versions no internal protocol may be… | ||
| CVE-2020-27554 | Hig | 0.49 | 7.5 | 0.01 | Nov 17, 2020 | Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 exists which could leak sensitive information transmitted between the mobile app and the camera device. | ||
| CVE-2020-27553 | Hig | 0.49 | 7.5 | 0.02 | Nov 17, 2020 | In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. This allows an attacker with network access to the web-server to download any files from the “/etc” folder without authentication. No path… | ||
| CVE-2020-21665 | Hig | 0.00 | 7.2 | 0.01 | Nov 17, 2020 | In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh. | ||
| CVE-2020-7841 | Hig | 0.57 | 8.8 | 0.02 | Nov 17, 2020 | Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto:// | ||
| CVE-2020-28688 | Hig | 0.61 | 8.8 | 0.12 | Nov 17, 2020 | The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files. | ||
| CVE-2020-28687 | Hig | 0.61 | 8.8 | 0.12 | Nov 17, 2020 | The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files. | ||
| CVE-2020-7774 | — | Hig | 0.46 | 7.3 | 0.69 | Nov 17, 2020 | The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution. | |
| CVE-2020-27131 | Hig | 0.60 | 8.1 | 0.88 | Nov 17, 2020 | Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserialization of user-supplied… | ||
| CVE-2020-27125 | Hig | 0.48 | 7.4 | 0.02 | Nov 17, 2020 | A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this… | ||
| CVE-2020-27192 | Hig | 0.51 | 7.8 | 0.00 | Nov 17, 2020 | BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool. | ||
| CVE-2020-25705 | Hig | 0.49 | 7.4 | 0.07 | Nov 17, 2020 | A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as… | ||
| CVE-2020-15349 | Hig | 0.51 | 7.8 | 0.01 | Nov 17, 2020 | BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process (copy, move, delete) as root and changing permissions. | ||
| CVE-2020-14389 | Hig | 0.53 | 8.1 | 0.01 | Nov 17, 2020 | It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to manage the resources in the new account console, allowing access and modification of data the user was not intended to have. | ||
| CVE-2020-26225 | Hig | 0.50 | 8.7 | 0.01 | Nov 16, 2020 | In PrestaShop Product Comments before version 4.2.0, an attacker could inject malicious web code into the users' web browsers by creating a malicious link. The problem was introduced in version 4.0.0 and is fixed in 4.2.0 | ||
| CVE-2020-26224 | Hig | 0.00 | 7.5 | 0.02 | Nov 16, 2020 | In PrestaShop before version 1.7.6.9 an attacker is able to list all the orders placed on the website without being logged by abusing the function that allows a shopping cart to be recreated from an order already placed. The problem is fixed in 1.7.6.9. | ||
| CVE-2020-28693 | Hig | 0.57 | 8.8 | 0.03 | Nov 16, 2020 | An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/<php_file_name> | ||
| CVE-2020-26217 | Hig | 0.52 | 8.0 | 0.85 | Nov 16, 2020 | XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security… | ||
| CVE-2020-26509 | Hig | 0.49 | 7.5 | 0.01 | Nov 16, 2020 | Airleader Master and Easy <= 6.21 devices have default credentials that can be used for a denial of service. | ||
| CVE-2020-28692 | Hig | 0.47 | 7.2 | 0.02 | Nov 16, 2020 | In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and abuse .htaccess through the logs function for executing PHP files. | ||
| CVE-2020-23490 | Hig | 0.00 | 7.5 | 0.03 | Nov 16, 2020 | There was a local file disclosure vulnerability in AVideo < 8.9 via the proxy streaming. An unauthenticated attacker can exploit this issue to read an arbitrary file on the server. Which could leak database credentials or other sensitive information such as /etc/passwd file. | ||
| CVE-2020-23489 | — | Hig | 0.50 | 8.8 | 0.02 | Nov 16, 2020 | The import.json.php file before 8.9 for Avideo is vulnerable to a File Deletion vulnerability. This allows the deletion of configuration.php, which leads to certain privilege checks not being in place, and therefore a user can escalate privileges to admin. | |
| CVE-2020-4700 | Hig | 0.57 | 8.8 | 0.01 | Nov 16, 2020 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077. | ||
| CVE-2020-4655 | Hig | 0.57 | 8.8 | 0.01 | Nov 16, 2020 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the… | ||
| CVE-2020-4647 | Hig | 0.57 | 8.8 | 0.01 | Nov 16, 2020 | IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | ||
| CVE-2020-4476 | Hig | 0.49 | 7.5 | 0.01 | Nov 16, 2020 | IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.… | ||
| CVE-2020-28723 | Hig | 0.49 | 7.5 | 0.02 | Nov 16, 2020 | Memory leak in IPv6Param::setAddress in CloudAvid PParam 1.3.1. | ||
| CVE-2020-27623 | Hig | 0.49 | 7.5 | 0.01 | Nov 16, 2020 | JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances. | ||
| CVE-2020-27423 | Hig | 0.52 | 7.5 | 0.06 | Nov 16, 2020 | Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on any legitimate user's mailbox | ||
| CVE-2020-27191 | Hig | 0.49 | 7.5 | 0.08 | Nov 16, 2020 | LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
- risk 0.42cvss 7.5epss 0.02
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive.
- risk 0.42cvss 7.5epss 0.02
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file.
- risk 0.49cvss 7.5epss 0.04
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
- risk 0.52cvss 7.5epss 0.04
cxuucms v3 has a SQL injection vulnerability, which can lead to the leakage of all database data via the keywords parameter via search.php.
- risk 0.47cvss 7.2epss 0.00
Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. Improper initialization of this shut-down may result in…
- risk 0.48cvss 7.3epss 0.01
app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows users to upload files to upload executable files.
- risk 0.57cvss 8.8epss 0.04
httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Fixed version: TL-WPA4220(EU)_V4_201023
- risk 0.57cvss 8.8epss 0.01
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write…
- risk 0.57cvss 8.8epss 0.01
A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading…
- risk 0.53cvss 8.1epss 0.01
A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a…
- risk 0.00cvss 7.1epss 0.00
An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable…
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Aviatrix Controller before R5.3.1151. An encrypted file containing credentials to unrelated systems is protected by a three-character key.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system.
- risk 0.45cvss 8.0epss 0.01
TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11 and 2.6.10 is vulnerable to Cross-Site Scripting. Three XSS vulnerabilities have been detected in Fluid: 1. TagBasedViewHelper allowed XSS through maliciously crafted additionalAttributes arrays by creating…
- risk 0.57cvss 8.8epss 0.03
An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page.
- risk 0.46cvss 7.1epss 0.01
Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. Affected versions are >=12.8, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.
- risk 0.49cvss 7.5epss 0.02
Cross domain policies in Taskcafe Project Management tool before version 0.1.0 and 0.1.1 allows remote attackers to access sensitive data such as access token.
- risk 0.51cvss 7.8epss 0.03
A vulnerability in Apache OpenOffice scripting events allows an attacker to construct documents containing hyperlinks pointing to an executable on the target users file system. These hyperlinks can be triggered unconditionally. In fixed versions no internal protocol may be…
- risk 0.49cvss 7.5epss 0.01
Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 exists which could leak sensitive information transmitted between the mobile app and the camera device.
- risk 0.49cvss 7.5epss 0.02
In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. This allows an attacker with network access to the web-server to download any files from the “/etc” folder without authentication. No path…
- risk 0.00cvss 7.2epss 0.01
In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh.
- risk 0.57cvss 8.8epss 0.02
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://
- risk 0.61cvss 8.8epss 0.12
The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files.
- risk 0.61cvss 8.8epss 0.12
The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files.
- risk 0.46cvss 7.3epss 0.69
The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution.
- risk 0.60cvss 8.1epss 0.88
Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserialization of user-supplied…
- risk 0.48cvss 7.4epss 0.02
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this…
- risk 0.51cvss 7.8epss 0.00
BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool.
- risk 0.49cvss 7.4epss 0.07
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as…
- risk 0.51cvss 7.8epss 0.01
BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process (copy, move, delete) as root and changing permissions.
- risk 0.53cvss 8.1epss 0.01
It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to manage the resources in the new account console, allowing access and modification of data the user was not intended to have.
- risk 0.50cvss 8.7epss 0.01
In PrestaShop Product Comments before version 4.2.0, an attacker could inject malicious web code into the users' web browsers by creating a malicious link. The problem was introduced in version 4.0.0 and is fixed in 4.2.0
- risk 0.00cvss 7.5epss 0.02
In PrestaShop before version 1.7.6.9 an attacker is able to list all the orders placed on the website without being logged by abusing the function that allows a shopping cart to be recreated from an order already placed. The problem is fixed in 1.7.6.9.
- risk 0.57cvss 8.8epss 0.03
An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/<php_file_name>
- risk 0.52cvss 8.0epss 0.85
XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security…
- risk 0.49cvss 7.5epss 0.01
Airleader Master and Easy <= 6.21 devices have default credentials that can be used for a denial of service.
- risk 0.47cvss 7.2epss 0.02
In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and abuse .htaccess through the logs function for executing PHP files.
- risk 0.00cvss 7.5epss 0.03
There was a local file disclosure vulnerability in AVideo < 8.9 via the proxy streaming. An unauthenticated attacker can exploit this issue to read an arbitrary file on the server. Which could leak database credentials or other sensitive information such as /etc/passwd file.
- risk 0.50cvss 8.8epss 0.02
The import.json.php file before 8.9 for Avideo is vulnerable to a File Deletion vulnerability. This allows the deletion of configuration.php, which leads to certain privilege checks not being in place, and therefore a user can escalate privileges to admin.
- risk 0.57cvss 8.8epss 0.01
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077.
- risk 0.57cvss 8.8epss 0.01
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the…
- risk 0.57cvss 8.8epss 0.01
IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
- risk 0.49cvss 7.5epss 0.01
IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.…
- risk 0.49cvss 7.5epss 0.02
Memory leak in IPv6Param::setAddress in CloudAvid PParam 1.3.1.
- risk 0.49cvss 7.5epss 0.01
JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances.
- risk 0.52cvss 7.5epss 0.06
Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on any legitimate user's mailbox
- risk 0.49cvss 7.5epss 0.08
LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.