| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-13769 | Hig | 0.57 | 8.8 | 0.03 | Nov 16, 2020 | LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request. | ||
| CVE-2020-25209 | Hig | 0.49 | 7.5 | 0.02 | Nov 16, 2020 | In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API. | ||
| CVE-2020-25013 | Hig | 0.49 | 7.5 | 0.01 | Nov 16, 2020 | JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler. | ||
| CVE-2020-5659 | Hig | 0.57 | 8.8 | 0.01 | Nov 16, 2020 | SQL injection vulnerability in the XooNIps 3.49 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | ||
| CVE-2020-28649 | Hig | 0.57 | 8.8 | 0.01 | Nov 16, 2020 | The orbisius-child-theme-creator plugin before 1.5.2 for WordPress allows CSRF via orbisius_ctc_theme_editor_manage_file. | ||
| CVE-2020-28648 | Hig | 0.58 | 8.8 | 0.06 | Nov 16, 2020 | Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code. | ||
| CVE-2020-8273 | Hig | 0.57 | 8.8 | 0.02 | Nov 16, 2020 | Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8. | ||
| CVE-2020-8272 | Hig | 0.49 | 7.5 | 0.01 | Nov 16, 2020 | Authentication Bypass resulting in exposure of SD-WAN functionality in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 | ||
| CVE-2020-8270 | Hig | 0.57 | 8.8 | 0.03 | Nov 16, 2020 | An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 hotfix CTX285341 and CTX285342 | ||
| CVE-2020-8269 | Hig | 0.57 | 8.8 | 0.03 | Nov 16, 2020 | An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9 | ||
| CVE-2020-8259 | Hig | 0.53 | 8.1 | 0.01 | Nov 16, 2020 | Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys. | ||
| CVE-2020-5666 | Hig | 0.49 | 7.5 | 0.08 | Nov 16, 2020 | Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules (R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120(EN)CPU Firmware versions from '35' to '51') allows a remote attacker to cause an error in a CPU unit via a specially crafted… | ||
| CVE-2020-2492 | Hig | 0.47 | 7.2 | 0.02 | Nov 16, 2020 | If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. | ||
| CVE-2020-2490 | Hig | 0.47 | 7.2 | 0.02 | Nov 16, 2020 | If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. | ||
| CVE-2020-25695 | Hig | 0.61 | 8.8 | 0.46 | Nov 16, 2020 | A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a… | ||
| CVE-2020-25694 | Hig | 0.53 | 8.1 | 0.02 | Nov 16, 2020 | A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant… | ||
| CVE-2020-28268 | — | Hig | 0.42 | 7.5 | 0.03 | Nov 15, 2020 | Prototype pollution vulnerability in 'controlled-merge' versions 1.0.0 through 1.2.0 allows attacker to cause a denial of service and may lead to remote code execution. | |
| CVE-2020-7772 | — | Hig | 0.42 | 7.5 | 0.03 | Nov 15, 2020 | This affects the package doc-path before 2.1.2. | |
| CVE-2020-15481 | Hig | 0.51 | 7.8 | 0.01 | Nov 13, 2020 | An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSForensics v7.1 Build 1012, and PerformanceTest v10.0 Build 1008. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling… | ||
| CVE-2020-5796 | Hig | 0.51 | 7.8 | 0.02 | Nov 13, 2020 | Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges. | ||
| CVE-2020-27217 | — | Hig | 0.49 | 7.5 | 0.01 | Nov 13, 2020 | In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. In particular, a device may send messages that are bigger than the max-message-size that the protocol adapter has indicated during link… | |
| CVE-2020-12313 | Hig | 0.57 | 8.8 | 0.01 | Nov 13, 2020 | Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||
| CVE-2020-26230 | Hig | 0.00 | 7.4 | 0.02 | Nov 13, 2020 | Radar COVID is the official COVID-19 exposure notification app for Spain. In affected versions of Radar COVID, identification and de-anonymization of COVID-19 positive users that upload Radar COVID TEKs to the Radar COVID server is possible. This vulnerability enables the… | ||
| CVE-2020-26223 | Hig | 0.00 | 7.7 | 0.01 | Nov 13, 2020 | Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty… | ||
| CVE-2020-8583 | Hig | 0.49 | 7.5 | 0.01 | Nov 13, 2020 | Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session. | ||
| CVE-2020-6019 | Hig | 0.00 | 7.5 | 0.03 | Nov 13, 2020 | Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash. | ||
| CVE-2020-26222 | Hig | 0.50 | 8.7 | 0.03 | Nov 13, 2020 | Dependabot is a set of packages for automated dependency management for Ruby, JavaScript, Python, PHP, Elixir, Rust, Java, .NET, Elm and Go. In Dependabot-Core from version 0.119.0.beta1 before version 0.125.1, there is a remote code execution vulnerability in dependabot-common… | ||
| CVE-2020-25557 | Hig | 0.61 | 8.8 | 0.10 | Nov 13, 2020 | In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "username" while changing his/her username & password. After that, when attacker logs in to the application, attacker's code will be run. As a result of this vulnerability, authenticated user can run command on the… | ||
| CVE-2020-25538 | Hig | 0.61 | 8.8 | 0.10 | Nov 13, 2020 | An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server. | ||
| CVE-2020-25165 | Hig | 0.49 | 7.5 | 0.02 | Nov 13, 2020 | BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD… | ||
| CVE-2020-25155 | Hig | 0.49 | 7.5 | 0.01 | Nov 13, 2020 | The affected product transmits unencrypted sensitive information, which may allow an attacker to access this information on the NIO 50 (all versions). | ||
| CVE-2020-25151 | Hig | 0.49 | 7.5 | 0.01 | Nov 13, 2020 | The affected product does not properly validate input, which may allow an attacker to execute a denial-of-service attack on the NIO 50 (all versions). | ||
| CVE-2020-21667 | Hig | 0.47 | 7.2 | 0.01 | Nov 13, 2020 | In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection. | ||
| CVE-2020-6156 | Hig | 0.51 | 7.8 | 0.01 | Nov 13, 2020 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance USDC file format path element token index. | ||
| CVE-2020-6155 | Hig | 0.51 | 7.8 | 0.03 | Nov 13, 2020 | A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim… | ||
| CVE-2020-6150 | Hig | 0.51 | 7.8 | 0.01 | Nov 13, 2020 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow. | ||
| CVE-2020-6149 | Hig | 0.51 | 7.8 | 0.01 | Nov 13, 2020 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section. | ||
| CVE-2020-6148 | Hig | 0.51 | 7.8 | 0.01 | Nov 13, 2020 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. An instance exists in USDC file format FIELDSETS section decompression heap overflow. | ||
| CVE-2020-6147 | Hig | 0.51 | 7.8 | 0.01 | Nov 13, 2020 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow. | ||
| CVE-2020-1847 | Hig | 0.49 | 7.5 | 0.01 | Nov 13, 2020 | There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions… | ||
| CVE-2020-15783 | Hig | 0.49 | 7.5 | 0.02 | Nov 12, 2020 | A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a… | ||
| CVE-2020-12927 | Hig | 0.51 | 7.8 | 0.00 | Nov 12, 2020 | A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system. | ||
| CVE-2020-27386 | Hig | 0.09 | 8.8 | 0.73 | Nov 12, 2020 | An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary files by using the FileManager to upload malicious code (e.g., ASP code) in the form of a safe file type (e.g., a TXT file), and then using… | ||
| CVE-2020-27385 | Hig | 0.53 | 8.1 | 0.02 | Nov 12, 2020 | Incorrect Access Control in the FileEditor (/Admin/Views/FileEditor/) in FlexDotnetCMS before v1.5.11 allows an authenticated remote attacker to read and write to existing files outside the web root. The files can be accessed via directory traversal, i.e., by entering a .. (dot… | ||
| CVE-2020-26805 | Hig | 0.47 | 7.2 | 0.01 | Nov 12, 2020 | In Sentrifugo 3.2, admin can edit employee's informations via this endpoint --> /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data… | ||
| CVE-2020-26804 | Hig | 0.57 | 8.8 | 0.01 | Nov 12, 2020 | In Sentrifugo 3.2, users can share an announcement under "Organization -> Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so… | ||
| CVE-2020-26803 | Hig | 0.57 | 8.8 | 0.01 | Nov 12, 2020 | In Sentrifugo 3.2, users can upload an image under "Assets -> Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server. | ||
| CVE-2020-24525 | Hig | 0.51 | 7.8 | 0.00 | Nov 12, 2020 | Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2020-24456 | Hig | 0.51 | 7.8 | 0.00 | Nov 12, 2020 | Incorrect default permissions in the Intel(R) Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2020-24454 | Hig | 0.49 | 7.5 | 0.01 | Nov 12, 2020 | Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime Pro Edition before version 20.3 and Intel(R) Quartus(R) Prime Standard Edition before version 20.2 may allow unauthenticated user to potentially enable information disclosure via… |
- risk 0.57cvss 8.8epss 0.03
LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request.
- risk 0.49cvss 7.5epss 0.02
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
- risk 0.49cvss 7.5epss 0.01
JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler.
- risk 0.57cvss 8.8epss 0.01
SQL injection vulnerability in the XooNIps 3.49 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
- risk 0.57cvss 8.8epss 0.01
The orbisius-child-theme-creator plugin before 1.5.2 for WordPress allows CSRF via orbisius_ctc_theme_editor_manage_file.
- risk 0.58cvss 8.8epss 0.06
Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code.
- risk 0.57cvss 8.8epss 0.02
Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8.
- risk 0.49cvss 7.5epss 0.01
Authentication Bypass resulting in exposure of SD-WAN functionality in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8
- risk 0.57cvss 8.8epss 0.03
An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 hotfix CTX285341 and CTX285342
- risk 0.57cvss 8.8epss 0.03
An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9
- risk 0.53cvss 8.1epss 0.01
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys.
- risk 0.49cvss 7.5epss 0.08
Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules (R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120(EN)CPU Firmware versions from '35' to '51') allows a remote attacker to cause an error in a CPU unit via a specially crafted…
- risk 0.47cvss 7.2epss 0.02
If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907.
- risk 0.47cvss 7.2epss 0.02
If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907.
- risk 0.61cvss 8.8epss 0.46
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a…
- risk 0.53cvss 8.1epss 0.02
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant…
- risk 0.42cvss 7.5epss 0.03
Prototype pollution vulnerability in 'controlled-merge' versions 1.0.0 through 1.2.0 allows attacker to cause a denial of service and may lead to remote code execution.
- risk 0.42cvss 7.5epss 0.03
This affects the package doc-path before 2.1.2.
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSForensics v7.1 Build 1012, and PerformanceTest v10.0 Build 1008. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling…
- risk 0.51cvss 7.8epss 0.02
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges.
- risk 0.49cvss 7.5epss 0.01
In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. In particular, a device may send messages that are bigger than the max-message-size that the protocol adapter has indicated during link…
- risk 0.57cvss 8.8epss 0.01
Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
- risk 0.00cvss 7.4epss 0.02
Radar COVID is the official COVID-19 exposure notification app for Spain. In affected versions of Radar COVID, identification and de-anonymization of COVID-19 positive users that upload Radar COVID TEKs to the Radar COVID server is possible. This vulnerability enables the…
- risk 0.00cvss 7.7epss 0.01
Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty…
- risk 0.49cvss 7.5epss 0.01
Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session.
- risk 0.00cvss 7.5epss 0.03
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash.
- risk 0.50cvss 8.7epss 0.03
Dependabot is a set of packages for automated dependency management for Ruby, JavaScript, Python, PHP, Elixir, Rust, Java, .NET, Elm and Go. In Dependabot-Core from version 0.119.0.beta1 before version 0.125.1, there is a remote code execution vulnerability in dependabot-common…
- risk 0.61cvss 8.8epss 0.10
In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "username" while changing his/her username & password. After that, when attacker logs in to the application, attacker's code will be run. As a result of this vulnerability, authenticated user can run command on the…
- risk 0.61cvss 8.8epss 0.10
An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server.
- risk 0.49cvss 7.5epss 0.02
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD…
- risk 0.49cvss 7.5epss 0.01
The affected product transmits unencrypted sensitive information, which may allow an attacker to access this information on the NIO 50 (all versions).
- risk 0.49cvss 7.5epss 0.01
The affected product does not properly validate input, which may allow an attacker to execute a denial-of-service attack on the NIO 50 (all versions).
- risk 0.47cvss 7.2epss 0.01
In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection.
- risk 0.51cvss 7.8epss 0.01
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance USDC file format path element token index.
- risk 0.51cvss 7.8epss 0.03
A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim…
- risk 0.51cvss 7.8epss 0.01
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow.
- risk 0.51cvss 7.8epss 0.01
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section.
- risk 0.51cvss 7.8epss 0.01
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. An instance exists in USDC file format FIELDSETS section decompression heap overflow.
- risk 0.51cvss 7.8epss 0.01
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow.
- risk 0.49cvss 7.5epss 0.01
There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions…
- risk 0.49cvss 7.5epss 0.02
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a…
- risk 0.51cvss 7.8epss 0.00
A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system.
- risk 0.09cvss 8.8epss 0.73
An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary files by using the FileManager to upload malicious code (e.g., ASP code) in the form of a safe file type (e.g., a TXT file), and then using…
- risk 0.53cvss 8.1epss 0.02
Incorrect Access Control in the FileEditor (/Admin/Views/FileEditor/) in FlexDotnetCMS before v1.5.11 allows an authenticated remote attacker to read and write to existing files outside the web root. The files can be accessed via directory traversal, i.e., by entering a .. (dot…
- risk 0.47cvss 7.2epss 0.01
In Sentrifugo 3.2, admin can edit employee's informations via this endpoint --> /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data…
- risk 0.57cvss 8.8epss 0.01
In Sentrifugo 3.2, users can share an announcement under "Organization -> Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so…
- risk 0.57cvss 8.8epss 0.01
In Sentrifugo 3.2, users can upload an image under "Assets -> Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server.
- risk 0.51cvss 7.8epss 0.00
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.51cvss 7.8epss 0.00
Incorrect default permissions in the Intel(R) Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.49cvss 7.5epss 0.01
Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime Pro Edition before version 20.3 and Intel(R) Quartus(R) Prime Standard Edition before version 20.2 may allow unauthenticated user to potentially enable information disclosure via…