| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-26802 | Hig | 0.57 | 8.8 | 0.01 | Oct 8, 2020 | forma.lms 2.3.0.2 is affected by Cross Site Request Forgery (CSRF) in formalms/appCore/index.php?r=lms/profile/show&ap=saveinfo via a GET request to change the admin email address in order to accomplish an account takeover. | ||
| CVE-2020-10816 | Hig | 0.49 | 7.5 | 0.05 | Oct 8, 2020 | Zoho ManageEngine Applications Manager 14780 and before allows a remote unauthenticated attacker to register managed servers via AAMRequestProcessor servlet. | ||
| CVE-2020-4799 | Hig | 0.51 | 7.8 | 0.00 | Oct 8, 2020 | IBM Informix spatial 14.10 could allow a local user to execute commands as a privileged user due to an out of bounds write vulnerability. IBM X-Force ID: 189460. | ||
| CVE-2020-4280 | Hig | 0.63 | 8.8 | 0.73 | Oct 8, 2020 | IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this… | ||
| CVE-2020-13340 | Hig | 0.62 | 8.7 | 0.69 | Oct 8, 2020 | An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log | ||
| CVE-2019-4545 | Hig | 0.49 | 7.5 | 0.02 | Oct 8, 2020 | IBM QRadar SIEM 7.3 and 7.4 when configured to use Active Directory Authentication may be susceptible to spoofing attacks. IBM X-Force ID: 165877. | ||
| CVE-2020-2286 | Hig | 0.57 | 8.8 | 0.01 | Oct 8, 2020 | Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed, resulting in permissions being granted based on an outdated configuration. | ||
| CVE-2020-25263 | — | Hig | 0.46 | 7.1 | 0.01 | Oct 8, 2020 | PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/addons/uninstall/anomaly.module.blocks URI: an arbitrary plugin will be deleted. | |
| CVE-2020-3544 | Hig | 0.57 | 8.8 | 0.01 | Oct 8, 2020 | A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute arbitrary code on an affected device or cause the device to reload. This vulnerability is due to… | ||
| CVE-2020-3535 | Hig | 0.51 | 7.8 | 0.01 | Oct 8, 2020 | A vulnerability in the loading mechanism of specific DLLs in the Cisco Webex Teams client for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. The… | ||
| CVE-2020-3467 | Hig | 0.50 | 7.7 | 0.01 | Oct 8, 2020 | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. The vulnerability is due to improper enforcement of role-based access control… | ||
| CVE-2020-15177 | Hig | 0.00 | 8.0 | 0.01 | Oct 7, 2020 | In GLPI before version 9.5.2, the `install/install.php` endpoint insecurely stores user input into the database as `url_base` and `url_base_api`. These settings are referenced throughout the application and allow for vulnerabilities like Cross-Site Scripting and Insecure… | ||
| CVE-2020-15176 | Hig | 0.00 | 8.7 | 0.01 | Oct 7, 2020 | In GLPI before version 9.5.2, when supplying a back tick in input that gets put into a SQL query,the application does not escape or sanitize allowing for SQL Injection to occur. Leveraging this vulnerability an attacker is able to exfiltrate sensitive information like passwords,… | ||
| CVE-2020-15175 | Hig | 0.06 | 7.4 | 0.71 | Oct 7, 2020 | In GLPI before version 9.5.2, the `pluginimage.send.php` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and… | ||
| CVE-2020-26880 | Hig | 0.51 | 7.8 | 0.00 | Oct 7, 2020 | Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable. | ||
| CVE-2020-26876 | Hig | 0.49 | 7.5 | 0.09 | Oct 7, 2020 | The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step (for course videos and materials) by using the /wp-json REST API, as exploited in the wild in September 2020. This occurs because show_in_rest is enabled for custom… | ||
| CVE-2020-26596 | Hig | 0.58 | 8.8 | 0.06 | Oct 7, 2020 | The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for WordPress allows remote authenticated users to execute arbitrary code because only the Editor role is needed to upload executable PHP code via the PHP Raw snippet. NOTE: this issue can be mitigated by removing… | ||
| CVE-2020-24246 | Hig | 0.49 | 7.5 | 0.01 | Oct 7, 2020 | Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin. | ||
| CVE-2019-16160 | Hig | 0.49 | 7.5 | 0.03 | Oct 7, 2020 | An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service. | ||
| CVE-2020-25985 | Hig | 0.53 | 8.1 | 0.02 | Oct 7, 2020 | MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver (php files can be unlinked and not deleted). | ||
| CVE-2020-7742 | — | Hig | 0.42 | 7.5 | 0.02 | Oct 7, 2020 | This affects the package simpl-schema before 1.10.2. | |
| CVE-2020-26606 | Hig | 0.49 | 7.5 | 0.00 | Oct 6, 2020 | An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 (October 2020). | ||
| CVE-2020-26605 | Hig | 0.49 | 7.5 | 0.00 | Oct 6, 2020 | An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. They allow attackers to obtain sensitive information by reading a log. The Samsung ID is SVE-2020-18596 (October 2020). | ||
| CVE-2020-26604 | Hig | 0.49 | 7.5 | 0.00 | Oct 6, 2020 | An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 (October 2020). | ||
| CVE-2020-26602 | Hig | 0.49 | 7.5 | 0.00 | Oct 6, 2020 | An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 (October 2020). | ||
| CVE-2020-26601 | Hig | 0.49 | 7.5 | 0.00 | Oct 6, 2020 | An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18034… | ||
| CVE-2020-26600 | Hig | 0.49 | 7.5 | 0.00 | Oct 6, 2020 | An issue was discovered on Samsung mobile devices with Q(10.0) software. Auto Hotspot allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 (October 2020). | ||
| CVE-2020-26598 | Hig | 0.49 | 7.5 | 0.00 | Oct 6, 2020 | An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, and 9.0 software. The Network Management component could allow an unauthorized actor to kill a TCP connection. The LG ID is LVE-SMP-200023 (October 2020). | ||
| CVE-2020-26597 | Hig | 0.49 | 7.5 | 0.00 | Oct 6, 2020 | An issue was discovered on LG mobile devices with Android OS 9.0 and 10 software. The Wi-Fi subsystem has incorrect input validation, leading to a crash. The LG ID is LVE-SMP-200022 (October 2020). | ||
| CVE-2020-16267 | Hig | 0.61 | 8.8 | 0.43 | Oct 6, 2020 | Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the RCA module. | ||
| CVE-2020-15927 | Hig | 0.60 | 8.8 | 0.40 | Oct 6, 2020 | Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the SAP module. | ||
| CVE-2020-13343 | Hig | 0.49 | 7.5 | 0.02 | Oct 6, 2020 | An issue has been discovered in GitLab affecting all versions starting from 11.2. Unauthorized Users Can View Custom Project Template | ||
| CVE-2020-7740 | — | Hig | 0.53 | 8.2 | 0.02 | Oct 6, 2020 | This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack. | |
| CVE-2020-24807 | — | Hig | 0.51 | 7.8 | 0.02 | Oct 6, 2020 | The socket.io-file package through 2.0.31 for Node.js relies on client-side validation of file types, which allows remote attackers to execute arbitrary code by uploading an executable file via a modified JSON name field. NOTE: This vulnerability only affects products that are… | |
| CVE-2020-1906 | Hig | 0.51 | 7.8 | 0.00 | Oct 6, 2020 | A buffer overflow in WhatsApp for Android prior to v2.20.130 and WhatsApp Business for Android prior to v2.20.46 could have allowed an out-of-bounds write when processing malformed local videos with E-AC-3 audio streams. | ||
| CVE-2020-1902 | Hig | 0.49 | 7.5 | 0.01 | Oct 6, 2020 | A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for Android from v2.20.35 to v2.20.49 could have been sent to the Google service over plain HTTP. | ||
| CVE-2020-15174 | Hig | 0.42 | 7.5 | 0.01 | Oct 6, 2020 | In Electron before versions 11.0.0-beta.1, 10.0.1, 9.3.0 or 8.5.1 the `will-navigate` event that apps use to prevent navigations to unexpected destinations as per our security recommendations can be bypassed when a sub-frame performs a top-frame navigation across sites. The… | ||
| CVE-2019-4326 | Hig | 0.49 | 7.5 | 0.01 | Oct 6, 2020 | "HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header." | ||
| CVE-2020-26582 | Hig | 0.58 | 8.8 | 0.05 | Oct 6, 2020 | D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the IP JSON value for ping (aka res_config_action=3&res_config_id=18). | ||
| CVE-2020-7739 | Hig | 0.53 | 8.2 | 0.01 | Oct 6, 2020 | This affects all versions of package phantomjs-seo. It is possible for an attacker to craft a url that will be passed to a PhantomJS instance allowing for an SSRF attack. | ||
| CVE-2020-26575 | Hig | 0.00 | 7.5 | 0.03 | Oct 6, 2020 | In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. | ||
| CVE-2020-25866 | Hig | 0.00 | 7.5 | 0.04 | Oct 6, 2020 | In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and… | ||
| CVE-2020-25863 | Hig | 0.00 | 7.5 | 0.05 | Oct 6, 2020 | In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts. | ||
| CVE-2020-25862 | Hig | 0.00 | 7.5 | 0.02 | Oct 6, 2020 | In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum. | ||
| CVE-2019-19200 | Hig | 0.57 | 8.8 | 0.02 | Oct 6, 2020 | REDDOXX MailDepot 2032 2.2.1242 allows authenticated users to access the mailboxes of other users. | ||
| CVE-2020-8782 | Hig | 0.49 | 7.5 | 0.02 | Oct 6, 2020 | Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution. | ||
| CVE-2020-8781 | Hig | 0.51 | 7.8 | 0.00 | Oct 6, 2020 | Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privilege process. | ||
| CVE-2020-7466 | Hig | 0.49 | 7.5 | 0.02 | Oct 6, 2020 | The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition. | ||
| CVE-2020-25644 | — | Hig | 0.42 | 7.5 | 0.02 | Oct 6, 2020 | A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability. | |
| CVE-2020-25643 | Hig | 0.00 | 7.2 | 0.03 | Oct 6, 2020 | A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest… |
- risk 0.57cvss 8.8epss 0.01
forma.lms 2.3.0.2 is affected by Cross Site Request Forgery (CSRF) in formalms/appCore/index.php?r=lms/profile/show&ap=saveinfo via a GET request to change the admin email address in order to accomplish an account takeover.
- risk 0.49cvss 7.5epss 0.05
Zoho ManageEngine Applications Manager 14780 and before allows a remote unauthenticated attacker to register managed servers via AAMRequestProcessor servlet.
- risk 0.51cvss 7.8epss 0.00
IBM Informix spatial 14.10 could allow a local user to execute commands as a privileged user due to an out of bounds write vulnerability. IBM X-Force ID: 189460.
- risk 0.63cvss 8.8epss 0.73
IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this…
- risk 0.62cvss 8.7epss 0.69
An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log
- risk 0.49cvss 7.5epss 0.02
IBM QRadar SIEM 7.3 and 7.4 when configured to use Active Directory Authentication may be susceptible to spoofing attacks. IBM X-Force ID: 165877.
- risk 0.57cvss 8.8epss 0.01
Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed, resulting in permissions being granted based on an outdated configuration.
- risk 0.46cvss 7.1epss 0.01
PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/addons/uninstall/anomaly.module.blocks URI: an arbitrary plugin will be deleted.
- risk 0.57cvss 8.8epss 0.01
A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute arbitrary code on an affected device or cause the device to reload. This vulnerability is due to…
- risk 0.51cvss 7.8epss 0.01
A vulnerability in the loading mechanism of specific DLLs in the Cisco Webex Teams client for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. The…
- risk 0.50cvss 7.7epss 0.01
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. The vulnerability is due to improper enforcement of role-based access control…
- risk 0.00cvss 8.0epss 0.01
In GLPI before version 9.5.2, the `install/install.php` endpoint insecurely stores user input into the database as `url_base` and `url_base_api`. These settings are referenced throughout the application and allow for vulnerabilities like Cross-Site Scripting and Insecure…
- risk 0.00cvss 8.7epss 0.01
In GLPI before version 9.5.2, when supplying a back tick in input that gets put into a SQL query,the application does not escape or sanitize allowing for SQL Injection to occur. Leveraging this vulnerability an attacker is able to exfiltrate sensitive information like passwords,…
- risk 0.06cvss 7.4epss 0.71
In GLPI before version 9.5.2, the `pluginimage.send.php` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and…
- risk 0.51cvss 7.8epss 0.00
Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable.
- risk 0.49cvss 7.5epss 0.09
The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step (for course videos and materials) by using the /wp-json REST API, as exploited in the wild in September 2020. This occurs because show_in_rest is enabled for custom…
- risk 0.58cvss 8.8epss 0.06
The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for WordPress allows remote authenticated users to execute arbitrary code because only the Editor role is needed to upload executable PHP code via the PHP Raw snippet. NOTE: this issue can be mitigated by removing…
- risk 0.49cvss 7.5epss 0.01
Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin.
- risk 0.49cvss 7.5epss 0.03
An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service.
- risk 0.53cvss 8.1epss 0.02
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver (php files can be unlinked and not deleted).
- risk 0.42cvss 7.5epss 0.02
This affects the package simpl-schema before 1.10.2.
- risk 0.49cvss 7.5epss 0.00
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 (October 2020).
- risk 0.49cvss 7.5epss 0.00
An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. They allow attackers to obtain sensitive information by reading a log. The Samsung ID is SVE-2020-18596 (October 2020).
- risk 0.49cvss 7.5epss 0.00
An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 (October 2020).
- risk 0.49cvss 7.5epss 0.00
An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 (October 2020).
- risk 0.49cvss 7.5epss 0.00
An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18034…
- risk 0.49cvss 7.5epss 0.00
An issue was discovered on Samsung mobile devices with Q(10.0) software. Auto Hotspot allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 (October 2020).
- risk 0.49cvss 7.5epss 0.00
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, and 9.0 software. The Network Management component could allow an unauthorized actor to kill a TCP connection. The LG ID is LVE-SMP-200023 (October 2020).
- risk 0.49cvss 7.5epss 0.00
An issue was discovered on LG mobile devices with Android OS 9.0 and 10 software. The Wi-Fi subsystem has incorrect input validation, leading to a crash. The LG ID is LVE-SMP-200022 (October 2020).
- risk 0.61cvss 8.8epss 0.43
Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the RCA module.
- risk 0.60cvss 8.8epss 0.40
Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the SAP module.
- risk 0.49cvss 7.5epss 0.02
An issue has been discovered in GitLab affecting all versions starting from 11.2. Unauthorized Users Can View Custom Project Template
- risk 0.53cvss 8.2epss 0.02
This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack.
- risk 0.51cvss 7.8epss 0.02
The socket.io-file package through 2.0.31 for Node.js relies on client-side validation of file types, which allows remote attackers to execute arbitrary code by uploading an executable file via a modified JSON name field. NOTE: This vulnerability only affects products that are…
- risk 0.51cvss 7.8epss 0.00
A buffer overflow in WhatsApp for Android prior to v2.20.130 and WhatsApp Business for Android prior to v2.20.46 could have allowed an out-of-bounds write when processing malformed local videos with E-AC-3 audio streams.
- risk 0.49cvss 7.5epss 0.01
A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for Android from v2.20.35 to v2.20.49 could have been sent to the Google service over plain HTTP.
- risk 0.42cvss 7.5epss 0.01
In Electron before versions 11.0.0-beta.1, 10.0.1, 9.3.0 or 8.5.1 the `will-navigate` event that apps use to prevent navigations to unexpected destinations as per our security recommendations can be bypassed when a sub-frame performs a top-frame navigation across sites. The…
- risk 0.49cvss 7.5epss 0.01
"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."
- risk 0.58cvss 8.8epss 0.05
D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the IP JSON value for ping (aka res_config_action=3&res_config_id=18).
- risk 0.53cvss 8.2epss 0.01
This affects all versions of package phantomjs-seo. It is possible for an attacker to craft a url that will be passed to a PhantomJS instance allowing for an SSRF attack.
- risk 0.00cvss 7.5epss 0.03
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
- risk 0.00cvss 7.5epss 0.04
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and…
- risk 0.00cvss 7.5epss 0.05
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.
- risk 0.00cvss 7.5epss 0.02
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
- risk 0.57cvss 8.8epss 0.02
REDDOXX MailDepot 2032 2.2.1242 allows authenticated users to access the mailboxes of other users.
- risk 0.49cvss 7.5epss 0.02
Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution.
- risk 0.51cvss 7.8epss 0.00
Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privilege process.
- risk 0.49cvss 7.5epss 0.02
The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition.
- risk 0.42cvss 7.5epss 0.02
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability.
- risk 0.00cvss 7.2epss 0.03
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest…