| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-27589 | — | Hig | 0.42 | 7.5 | 0.01 | Nov 6, 2020 | Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases. | |
| CVE-2020-27196 | — | Hig | 0.00 | 7.5 | 0.01 | Nov 6, 2020 | An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON payloads) causes a… | |
| CVE-2020-26883 | — | Hig | 0.00 | 7.5 | 0.01 | Nov 6, 2020 | In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents. | |
| CVE-2020-26882 | — | Hig | 0.00 | 7.5 | 0.01 | Nov 6, 2020 | In Play Framework 2.6.0 through 2.8.2, data amplification can occur when an application accepts multipart/form-data JSON input. | |
| CVE-2020-10292 | Hig | 0.53 | 8.2 | 0.01 | Nov 6, 2020 | Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network… | ||
| CVE-2020-10291 | Hig | 0.49 | 7.5 | 0.01 | Nov 6, 2020 | Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network… | ||
| CVE-2020-28196 | Hig | 0.00 | 7.5 | 0.04 | Nov 6, 2020 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. | ||
| CVE-2020-26521 | — | Hig | 0.42 | 7.5 | 0.02 | Nov 6, 2020 | The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code). | |
| CVE-2020-5649 | Hig | 0.49 | 7.5 | 0.04 | Nov 6, 2020 | Resource management error vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and… | ||
| CVE-2020-5646 | Hig | 0.49 | 7.5 | 0.04 | Nov 6, 2020 | NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and… | ||
| CVE-2020-5645 | Hig | 0.49 | 7.5 | 0.04 | Nov 6, 2020 | Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier,… | ||
| CVE-2020-27347 | Hig | 0.00 | 8.8 | 0.01 | Nov 6, 2020 | In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output. | ||
| CVE-2020-6877 | Hig | 0.57 | 8.8 | 0.01 | Nov 5, 2020 | A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1 | ||
| CVE-2020-25837 | Hig | 0.49 | 7.5 | 0.01 | Nov 5, 2020 | Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. The vulnerability affects versions 4.4.0.0 to 4.4.0.6 and 4.5.0.1 and 4.5.0.2. In certain configurations the vulnerability could disclose sensitive information. | ||
| CVE-2020-25661 | Hig | 0.49 | 7.5 | 0.02 | Nov 5, 2020 | A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing… | ||
| CVE-2020-13537 | Hig | 0.51 | 7.8 | 0.01 | Nov 5, 2020 | An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXViewService, which starts as a NT… | ||
| CVE-2020-13536 | Hig | 0.51 | 7.8 | 0.01 | Nov 5, 2020 | An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary. By default MXViewService, which starts as a NT… | ||
| CVE-2020-5946 | Hig | 0.49 | 7.5 | 0.01 | Nov 5, 2020 | In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, under some circumstances, certain format client-side alerts sent to the BIG-IP virtual server configured with DataSafe may cause the Traffic Management Microkernel (TMM) to restart,… | ||
| CVE-2020-5945 | Hig | 0.55 | 8.4 | 0.01 | Nov 5, 2020 | In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page contains a stored cross site scripting vulnerability (XSS). The issue allows a minor privilege escalation for resource admin to escalate to full admin. | ||
| CVE-2020-5942 | Hig | 0.49 | 7.5 | 0.01 | Nov 5, 2020 | In BIG-IP PEM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when processing Capabilities-Exchange-Answer (CEA) packets with certain attributes from the Policy and Charging Rules Function (PCRF) server, the… | ||
| CVE-2020-5941 | Hig | 0.49 | 7.5 | 0.01 | Nov 5, 2020 | On BIG-IP versions 16.0.0-16.0.0.1 and 15.1.0-15.1.0.5, using the RESOLV::lookup command within an iRule may cause the Traffic Management Microkernel (TMM) to generate a core file and restart. This issue occurs when data exceeding the maximum limit of a hostname passes to the… | ||
| CVE-2020-5939 | — | Hig | 0.49 | 7.5 | 0.01 | Nov 5, 2020 | In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition (VE) systems on VMware, with an Intel-based 85299 Network Interface Controller (NIC) card and Single Root I/O Virtualization (SR-IOV) enabled on vSphere,… | |
| CVE-2020-5793 | Hig | 0.51 | 7.8 | 0.00 | Nov 5, 2020 | A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially constructed path in a specifically named user directory. An attacker could… | ||
| CVE-2020-24437 | Hig | 0.54 | 7.8 | 0.45 | Nov 5, 2020 | Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the… | ||
| CVE-2020-24436 | Hig | 0.52 | 7.8 | 0.16 | Nov 5, 2020 | Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. An attacker could leverage this… | ||
| CVE-2020-24435 | Hig | 0.55 | 7.8 | 0.51 | Nov 5, 2020 | Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the… | ||
| CVE-2020-24433 | Hig | 0.52 | 7.8 | 0.15 | Nov 5, 2020 | Adobe Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and… | ||
| CVE-2020-24430 | Hig | 0.52 | 7.8 | 0.18 | Nov 5, 2020 | Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability when handling malicious JavaScript. This vulnerability could result in arbitrary code execution in the context of… | ||
| CVE-2020-24429 | Hig | 0.50 | 7.7 | 0.03 | Nov 5, 2020 | Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation. Exploitation of this issue requires user interaction… | ||
| CVE-2020-24428 | Hig | 0.50 | 7.7 | 0.02 | Nov 5, 2020 | Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation. Exploitation of… | ||
| CVE-2020-13661 | Hig | 0.57 | 8.8 | 0.01 | Nov 5, 2020 | Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose… | ||
| CVE-2020-26507 | Hig | 0.51 | 7.8 | 0.01 | Nov 5, 2020 | A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can… | ||
| CVE-2020-25399 | Hig | 0.51 | 7.8 | 0.01 | Nov 5, 2020 | Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat. | ||
| CVE-2020-25398 | Hig | 0.57 | 8.8 | 0.02 | Nov 5, 2020 | CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. | ||
| CVE-2020-28115 | Hig | 0.57 | 8.8 | 0.01 | Nov 5, 2020 | SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the object_path parameter. | ||
| CVE-2020-27688 | Hig | 0.49 | 7.5 | 0.02 | Nov 5, 2020 | RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt() method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted… | ||
| CVE-2020-27402 | — | Hig | 0.51 | 7.8 | 0.01 | Nov 5, 2020 | The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port (UART) connection or using adb. | |
| CVE-2020-24849 | Hig | 0.57 | 8.8 | 0.03 | Nov 5, 2020 | A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from the POST request at the page_config_adv.php page, it is possible to perform remote code execution by an authenticated attacker. This is… | ||
| CVE-2020-15950 | Hig | 0.57 | 8.8 | 0.01 | Nov 5, 2020 | Immuta v2.8.2 is affected by improper session management: user sessions are not revoked upon logout. | ||
| CVE-2020-15949 | Hig | 0.49 | 7.5 | 0.01 | Nov 5, 2020 | Immuta v2.8.2 is affected by one instance of insecure permissions that can lead to user account takeover. | ||
| CVE-2020-7763 | — | Hig | 0.42 | 7.5 | 0.02 | Nov 5, 2020 | This affects the package phantom-html-to-pdf before 0.6.1. | |
| CVE-2020-27387 | Hig | 0.04 | 8.8 | 0.18 | Nov 5, 2020 | An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker (with access to the FileManager) to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to provide the… | ||
| CVE-2020-25201 | — | Hig | 0.00 | 7.5 | 0.03 | Nov 4, 2020 | HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5. | |
| CVE-2020-26207 | Hig | 0.00 | 8.0 | 0.02 | Nov 4, 2020 | DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted `.dbschema` file. The patch was released in v2.7.4.3. As a workaround, ensure `.dbschema` files from untrusted sources are not opened. | ||
| CVE-2020-27692 | Hig | 0.57 | 8.8 | 0.01 | Nov 4, 2020 | The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings (responsible for managing devices remotely).… | ||
| CVE-2020-7129 | Hig | 0.47 | 7.2 | 0.03 | Nov 4, 2020 | A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | ||
| CVE-2020-8037 | Hig | 0.00 | 7.5 | 0.03 | Nov 4, 2020 | The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. | ||
| CVE-2020-8036 | Hig | 0.00 | 7.5 | 0.01 | Nov 4, 2020 | The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way. | ||
| CVE-2020-22278 | Hig | 0.57 | 8.8 | 0.02 | Nov 4, 2020 | phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents. | ||
| CVE-2020-22277 | Hig | 0.52 | 8.0 | 0.02 | Nov 4, 2020 | Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile. |
- risk 0.42cvss 7.5epss 0.01
Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases.
- risk 0.00cvss 7.5epss 0.01
An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON payloads) causes a…
- risk 0.00cvss 7.5epss 0.01
In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents.
- risk 0.00cvss 7.5epss 0.01
In Play Framework 2.6.0 through 2.8.2, data amplification can occur when an application accepts multipart/form-data JSON input.
- risk 0.53cvss 8.2epss 0.01
Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network…
- risk 0.49cvss 7.5epss 0.01
Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network…
- risk 0.00cvss 7.5epss 0.04
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
- risk 0.42cvss 7.5epss 0.02
The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code).
- risk 0.49cvss 7.5epss 0.04
Resource management error vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and…
- risk 0.49cvss 7.5epss 0.04
NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and…
- risk 0.49cvss 7.5epss 0.04
Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier,…
- risk 0.00cvss 8.8epss 0.01
In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.
- risk 0.57cvss 8.8epss 0.01
A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1
- risk 0.49cvss 7.5epss 0.01
Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. The vulnerability affects versions 4.4.0.0 to 4.4.0.6 and 4.5.0.1 and 4.5.0.2. In certain configurations the vulnerability could disclose sensitive information.
- risk 0.49cvss 7.5epss 0.02
A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing…
- risk 0.51cvss 7.8epss 0.01
An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXViewService, which starts as a NT…
- risk 0.51cvss 7.8epss 0.01
An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary. By default MXViewService, which starts as a NT…
- risk 0.49cvss 7.5epss 0.01
In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, under some circumstances, certain format client-side alerts sent to the BIG-IP virtual server configured with DataSafe may cause the Traffic Management Microkernel (TMM) to restart,…
- risk 0.55cvss 8.4epss 0.01
In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page contains a stored cross site scripting vulnerability (XSS). The issue allows a minor privilege escalation for resource admin to escalate to full admin.
- risk 0.49cvss 7.5epss 0.01
In BIG-IP PEM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when processing Capabilities-Exchange-Answer (CEA) packets with certain attributes from the Policy and Charging Rules Function (PCRF) server, the…
- risk 0.49cvss 7.5epss 0.01
On BIG-IP versions 16.0.0-16.0.0.1 and 15.1.0-15.1.0.5, using the RESOLV::lookup command within an iRule may cause the Traffic Management Microkernel (TMM) to generate a core file and restart. This issue occurs when data exceeding the maximum limit of a hostname passes to the…
- risk 0.49cvss 7.5epss 0.01
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition (VE) systems on VMware, with an Intel-based 85299 Network Interface Controller (NIC) card and Single Root I/O Virtualization (SR-IOV) enabled on vSphere,…
- risk 0.51cvss 7.8epss 0.00
A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially constructed path in a specifically named user directory. An attacker could…
- risk 0.54cvss 7.8epss 0.45
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the…
- risk 0.52cvss 7.8epss 0.16
Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. An attacker could leverage this…
- risk 0.55cvss 7.8epss 0.51
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the…
- risk 0.52cvss 7.8epss 0.15
Adobe Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and…
- risk 0.52cvss 7.8epss 0.18
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability when handling malicious JavaScript. This vulnerability could result in arbitrary code execution in the context of…
- risk 0.50cvss 7.7epss 0.03
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation. Exploitation of this issue requires user interaction…
- risk 0.50cvss 7.7epss 0.02
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation. Exploitation of…
- risk 0.57cvss 8.8epss 0.01
Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose…
- risk 0.51cvss 7.8epss 0.01
A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can…
- risk 0.51cvss 7.8epss 0.01
Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat.
- risk 0.57cvss 8.8epss 0.02
CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality.
- risk 0.57cvss 8.8epss 0.01
SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the object_path parameter.
- risk 0.49cvss 7.5epss 0.02
RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt() method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted…
- risk 0.51cvss 7.8epss 0.01
The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port (UART) connection or using adb.
- risk 0.57cvss 8.8epss 0.03
A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from the POST request at the page_config_adv.php page, it is possible to perform remote code execution by an authenticated attacker. This is…
- risk 0.57cvss 8.8epss 0.01
Immuta v2.8.2 is affected by improper session management: user sessions are not revoked upon logout.
- risk 0.49cvss 7.5epss 0.01
Immuta v2.8.2 is affected by one instance of insecure permissions that can lead to user account takeover.
- risk 0.42cvss 7.5epss 0.02
This affects the package phantom-html-to-pdf before 0.6.1.
- risk 0.04cvss 8.8epss 0.18
An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker (with access to the FileManager) to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to provide the…
- risk 0.00cvss 7.5epss 0.03
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5.
- risk 0.00cvss 8.0epss 0.02
DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted `.dbschema` file. The patch was released in v2.7.4.3. As a workaround, ensure `.dbschema` files from untrusted sources are not opened.
- risk 0.57cvss 8.8epss 0.01
The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings (responsible for managing devices remotely).…
- risk 0.47cvss 7.2epss 0.03
A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
- risk 0.00cvss 7.5epss 0.03
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
- risk 0.00cvss 7.5epss 0.01
The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.
- risk 0.57cvss 8.8epss 0.02
phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents.
- risk 0.52cvss 8.0epss 0.02
Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile.