| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-11616 | Hig | 0.49 | 7.5 | 0.01 | Oct 29, 2020 | NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead… | ||
| CVE-2020-11615 | Hig | 0.49 | 7.5 | 0.01 | Oct 29, 2020 | NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure. | ||
| CVE-2020-11489 | Hig | 0.49 | 7.5 | 0.01 | Oct 29, 2020 | NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure. | ||
| CVE-2020-11487 | Hig | 0.49 | 7.5 | 0.01 | Oct 29, 2020 | NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with… | ||
| CVE-2020-11485 | Hig | 0.57 | 8.8 | 0.01 | Oct 29, 2020 | NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was… | ||
| CVE-2020-27986 | Hig | 0.50 | 7.5 | 0.16 | Oct 28, 2020 | SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it. | ||
| CVE-2020-24713 | Hig | 0.49 | 7.5 | 0.01 | Oct 28, 2020 | Gophish through 0.10.1 does not invalidate the gophish cookie upon logout. | ||
| CVE-2020-24707 | Hig | 0.00 | 7.8 | 0.01 | Oct 28, 2020 | Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content. | ||
| CVE-2020-24990 | Hig | 0.49 | 7.5 | 0.04 | Oct 28, 2020 | An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version. | ||
| CVE-2020-26133 | Hig | 0.51 | 7.8 | 0.00 | Oct 28, 2020 | An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary. | ||
| CVE-2020-26132 | Hig | 0.51 | 7.8 | 0.00 | Oct 28, 2020 | An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary. | ||
| CVE-2020-26131 | Hig | 0.51 | 7.8 | 0.00 | Oct 28, 2020 | Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the… | ||
| CVE-2020-26130 | Hig | 0.51 | 7.8 | 0.00 | Oct 28, 2020 | Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the… | ||
| CVE-2020-25966 | Hig | 0.49 | 7.5 | 0.01 | Oct 28, 2020 | Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID… | ||
| CVE-2020-16262 | Hig | 0.51 | 7.8 | 0.00 | Oct 28, 2020 | Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation. | ||
| CVE-2020-16260 | Hig | 0.49 | 7.5 | 0.01 | Oct 28, 2020 | Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation. | ||
| CVE-2020-16258 | Hig | 0.46 | 7.1 | 0.00 | Oct 28, 2020 | Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default credentials. | ||
| CVE-2020-16256 | Hig | 0.57 | 8.8 | 0.01 | Oct 28, 2020 | The API on Winston 1.5.4 devices is vulnerable to CSRF. | ||
| CVE-2018-19943 | Hig | 0.71 | 8.0 | 0.18 | KEV | Oct 28, 2020 | If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build… | |
| CVE-2020-4767 | Hig | 0.49 | 7.5 | 0.02 | Oct 28, 2020 | IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906. | ||
| CVE-2020-15278 | Hig | 0.43 | 7.7 | 0.01 | Oct 28, 2020 | Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that… | ||
| CVE-2020-27978 | Hig | 0.49 | 7.5 | 0.02 | Oct 28, 2020 | Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session. | ||
| CVE-2020-27975 | Hig | 0.57 | 8.8 | 0.01 | Oct 28, 2020 | osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF. | ||
| CVE-2020-22552 | Hig | 0.49 | 7.5 | 0.02 | Oct 28, 2020 | The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed. | ||
| CVE-2020-8260 | Hig | 0.70 | 7.2 | 0.96 | KEV | Oct 28, 2020 | A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction. | |
| CVE-2020-8254 | Hig | 0.57 | 8.8 | 0.02 | Oct 28, 2020 | A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect… | ||
| CVE-2020-8250 | Hig | 0.51 | 7.8 | 0.00 | Oct 28, 2020 | A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. | ||
| CVE-2020-8249 | Hig | 0.51 | 7.8 | 0.01 | Oct 28, 2020 | A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to perform buffer overflow. | ||
| CVE-2020-8248 | Hig | 0.51 | 7.8 | 0.00 | Oct 28, 2020 | A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. | ||
| CVE-2020-8241 | Hig | 0.49 | 7.5 | 0.02 | Oct 28, 2020 | A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server. | ||
| CVE-2020-8240 | Hig | 0.51 | 7.8 | 0.00 | Oct 28, 2020 | A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is… | ||
| CVE-2020-5145 | Hig | 0.56 | 8.6 | 0.01 | Oct 28, 2020 | SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system. | ||
| CVE-2020-5144 | Hig | 0.51 | 7.8 | 0.01 | Oct 28, 2020 | SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability. | ||
| CVE-2020-9973 | Hig | 0.51 | 7.8 | 0.02 | Oct 27, 2020 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected… | ||
| CVE-2020-9961 | Hig | 0.51 | 7.8 | 0.02 | Oct 27, 2020 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | ||
| CVE-2020-9941 | Hig | 0.49 | 7.5 | 0.03 | Oct 27, 2020 | This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state. | ||
| CVE-2020-9932 | Hig | 0.57 | 8.8 | 0.01 | Oct 27, 2020 | A memory corruption issue was addressed with improved validation. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, tvOS 13. Processing maliciously crafted web content may lead to arbitrary code execution. | ||
| CVE-2020-9782 | Hig | 0.49 | 7.5 | 0.01 | Oct 27, 2020 | A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files. | ||
| CVE-2020-9774 | Hig | 0.49 | 7.5 | 0.01 | Oct 27, 2020 | An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting access to encrypted data. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Encrypted data may be inappropriately… | ||
| CVE-2020-3880 | Hig | 0.51 | 7.8 | 0.01 | Oct 27, 2020 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Processing a maliciously crafted… | ||
| CVE-2020-3864 | Hig | 0.51 | 7.8 | 0.00 | Oct 27, 2020 | A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. | ||
| CVE-2020-3863 | Hig | 0.51 | 7.8 | 0.01 | Oct 27, 2020 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to execute arbitrary code with system privileges. | ||
| CVE-2020-3855 | Hig | 0.46 | 7.1 | 0.01 | Oct 27, 2020 | An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. A malicious application may be able to overwrite arbitrary files. | ||
| CVE-2020-3851 | Hig | 0.51 | 7.8 | 0.01 | Oct 27, 2020 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High… | ||
| CVE-2020-27892 | Hig | 0.49 | 7.5 | 0.01 | Oct 27, 2020 | The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Discover Commands Received Response message or a ZCL Discover Commands Generated Response message. It crashes in zclParseInDiscCmdsRspCmd(). | ||
| CVE-2020-27891 | Hig | 0.49 | 7.5 | 0.01 | Oct 27, 2020 | The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Read Reporting Configuration Response message. It crashes in zclHandleExternal(). | ||
| CVE-2020-27890 | Hig | 0.53 | 8.2 | 0.01 | Oct 27, 2020 | The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. It crashes in zclParseInWriteCmd() and does not update the specific attribute's value. | ||
| CVE-2020-27888 | Hig | 0.49 | 7.5 | 0.01 | Oct 27, 2020 | An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access. | ||
| CVE-2019-8854 | Hig | 0.49 | 7.5 | 0.01 | Oct 27, 2020 | A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. A device may be passively tracked by its Wi-Fi MAC address. | ||
| CVE-2019-8852 | Hig | 0.51 | 7.8 | 0.03 | Oct 27, 2020 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges. |
- risk 0.49cvss 7.5epss 0.01
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead…
- risk 0.49cvss 7.5epss 0.01
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure.
- risk 0.49cvss 7.5epss 0.01
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure.
- risk 0.49cvss 7.5epss 0.01
NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with…
- risk 0.57cvss 8.8epss 0.01
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was…
- risk 0.50cvss 7.5epss 0.16
SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it.
- risk 0.49cvss 7.5epss 0.01
Gophish through 0.10.1 does not invalidate the gophish cookie upon logout.
- risk 0.00cvss 7.8epss 0.01
Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.
- risk 0.49cvss 7.5epss 0.04
An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version.
- risk 0.51cvss 7.8epss 0.00
An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary.
- risk 0.51cvss 7.8epss 0.00
An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary.
- risk 0.51cvss 7.8epss 0.00
Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the…
- risk 0.51cvss 7.8epss 0.00
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the…
- risk 0.49cvss 7.5epss 0.01
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID…
- risk 0.51cvss 7.8epss 0.00
Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation.
- risk 0.49cvss 7.5epss 0.01
Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation.
- risk 0.46cvss 7.1epss 0.00
Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default credentials.
- risk 0.57cvss 8.8epss 0.01
The API on Winston 1.5.4 devices is vulnerable to CSRF.
- risk 0.71cvss 8.0epss 0.18
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build…
- risk 0.49cvss 7.5epss 0.02
IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906.
- risk 0.43cvss 7.7epss 0.01
Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that…
- risk 0.49cvss 7.5epss 0.02
Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session.
- risk 0.57cvss 8.8epss 0.01
osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF.
- risk 0.49cvss 7.5epss 0.02
The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed.
- risk 0.70cvss 7.2epss 0.96
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction.
- risk 0.57cvss 8.8epss 0.02
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect…
- risk 0.51cvss 7.8epss 0.00
A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.
- risk 0.51cvss 7.8epss 0.01
A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to perform buffer overflow.
- risk 0.51cvss 7.8epss 0.00
A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.
- risk 0.49cvss 7.5epss 0.02
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server.
- risk 0.51cvss 7.8epss 0.00
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is…
- risk 0.56cvss 8.6epss 0.01
SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.
- risk 0.51cvss 7.8epss 0.01
SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability.
- risk 0.51cvss 7.8epss 0.02
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected…
- risk 0.51cvss 7.8epss 0.02
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.
- risk 0.49cvss 7.5epss 0.03
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state.
- risk 0.57cvss 8.8epss 0.01
A memory corruption issue was addressed with improved validation. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, tvOS 13. Processing maliciously crafted web content may lead to arbitrary code execution.
- risk 0.49cvss 7.5epss 0.01
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files.
- risk 0.49cvss 7.5epss 0.01
An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting access to encrypted data. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Encrypted data may be inappropriately…
- risk 0.51cvss 7.8epss 0.01
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Processing a maliciously crafted…
- risk 0.51cvss 7.8epss 0.00
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.
- risk 0.51cvss 7.8epss 0.01
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to execute arbitrary code with system privileges.
- risk 0.46cvss 7.1epss 0.01
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. A malicious application may be able to overwrite arbitrary files.
- risk 0.51cvss 7.8epss 0.01
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High…
- risk 0.49cvss 7.5epss 0.01
The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Discover Commands Received Response message or a ZCL Discover Commands Generated Response message. It crashes in zclParseInDiscCmdsRspCmd().
- risk 0.49cvss 7.5epss 0.01
The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Read Reporting Configuration Response message. It crashes in zclHandleExternal().
- risk 0.53cvss 8.2epss 0.01
The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. It crashes in zclParseInWriteCmd() and does not update the specific attribute's value.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access.
- risk 0.49cvss 7.5epss 0.01
A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. A device may be passively tracked by its Wi-Fi MAC address.
- risk 0.51cvss 7.8epss 0.03
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges.