| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-14399 | Hig | 0.00 | 7.5 | 0.03 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed. | ||
| CVE-2020-14398 | Hig | 0.00 | 7.5 | 0.03 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c. | ||
| CVE-2020-14397 | Hig | 0.00 | 7.5 | 0.03 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. | ||
| CVE-2020-14396 | Hig | 0.00 | 7.5 | 0.03 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference. | ||
| CVE-2019-20840 | Hig | 0.00 | 7.5 | 0.03 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode. | ||
| CVE-2019-20839 | Hig | 0.00 | 7.5 | 0.04 | Jun 17, 2020 | libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. | ||
| CVE-2018-21247 | Hig | 0.49 | 7.5 | 0.02 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function. | ||
| CVE-2020-14295 | Hig | 0.57 | 7.2 | 0.86 | Jun 17, 2020 | A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries. | ||
| CVE-2020-12827 | — | Hig | 0.40 | 7.2 | 0.03 | Jun 17, 2020 | MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document. | |
| CVE-2020-13224 | Hig | 0.57 | 8.8 | 0.02 | Jun 17, 2020 | TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices… | ||
| CVE-2020-11904 | Hig | 0.48 | 7.3 | 0.03 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write. | ||
| CVE-2020-11902 | Hig | 0.48 | 7.3 | 0.09 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read. | ||
| CVE-2020-11900 | Hig | 0.54 | 8.2 | 0.13 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free. | ||
| CVE-2020-4054 | Hig | 0.41 | 7.3 | 0.02 | Jun 16, 2020 | In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom config that allows certain elements, some content in a math or svg element may… | ||
| CVE-2020-14212 | Hig | 0.57 | 8.8 | 0.02 | Jun 16, 2020 | FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load_model_native and a certain index check is omitted. | ||
| CVE-2020-9289 | Hig | 0.49 | 7.5 | 0.02 | Jun 16, 2020 | Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of… | ||
| CVE-2020-7513 | Hig | 0.49 | 7.5 | 0.01 | Jun 16, 2020 | A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to intercept traffic and read configuration data. | ||
| CVE-2020-7511 | Hig | 0.49 | 7.5 | 0.01 | Jun 16, 2020 | A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to acquire a password by brute force. | ||
| CVE-2020-7510 | Hig | 0.49 | 7.5 | 0.01 | Jun 16, 2020 | A CWE-200: Information Exposure vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow attacker to obtain private keys. | ||
| CVE-2020-7509 | Hig | 0.47 | 7.2 | 0.01 | Jun 16, 2020 | A CWE-269: Improper privilege management (write) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to elevate their privileges and delete files. | ||
| CVE-2020-7507 | Hig | 0.49 | 7.5 | 0.01 | Jun 16, 2020 | A CWE-400: Uncontrolled Resource Consumption vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to login multiple times resulting in a denial of service. | ||
| CVE-2020-7506 | Hig | 0.49 | 7.5 | 0.01 | Jun 16, 2020 | A CWE-200: Information Exposure vulnerability exists in Easergy T300, Firmware V1.5.2 and prior, which could allow an attacker to pack or unpack the archive with the firmware for the controller and modules using the usual tar archiver resulting in an information exposure. | ||
| CVE-2020-7505 | Hig | 0.47 | 7.2 | 0.01 | Jun 16, 2020 | A CWE-494 Download of Code Without Integrity Check vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to inject data with dangerous content into the firmware and execute arbitrary code on the system. | ||
| CVE-2020-7503 | Hig | 0.57 | 8.8 | 0.01 | Jun 16, 2020 | A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted. | ||
| CVE-2020-7502 | Hig | 0.49 | 7.5 | 0.02 | Jun 16, 2020 | A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller. | ||
| CVE-2020-7501 | Hig | 0.57 | 8.8 | 0.01 | Jun 16, 2020 | A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and… | ||
| CVE-2020-7496 | Hig | 0.51 | 7.8 | 0.01 | Jun 16, 2020 | A CWE-88: Argument Injection or Modification vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause unauthorized write access when opening the project file. | ||
| CVE-2020-7494 | Hig | 0.51 | 7.8 | 0.01 | Jun 16, 2020 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project… | ||
| CVE-2020-7493 | Hig | 0.51 | 7.8 | 0.01 | Jun 16, 2020 | A CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the… | ||
| CVE-2020-13162 | Hig | 0.46 | 7.0 | 0.01 | Jun 16, 2020 | A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges. | ||
| CVE-2020-14195 | — | Hig | 0.46 | 8.1 | 0.05 | Jun 16, 2020 | FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). | |
| CVE-2020-8543 | Hig | 0.49 | 7.5 | 0.02 | Jun 16, 2020 | OX App Suite through 7.10.3 has Improper Input Validation. | ||
| CVE-2020-4310 | Hig | 0.49 | 7.5 | 0.02 | Jun 16, 2020 | IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081. | ||
| CVE-2020-0234 | Hig | 0.51 | 7.8 | 0.00 | Jun 16, 2020 | In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2019-18614 | Hig | 0.51 | 7.8 | 0.00 | Jun 16, 2020 | On the Cypress CYW20735 evaluation board, any data that exceeds 384 bytes is copied and causes an overflow. This is because the maximum BLOC buffer size for sending and receiving data is set to 384 bytes, but everything else is still configured to the usual size of 1092 (which… | ||
| CVE-2020-13431 | — | Hig | 0.51 | 7.8 | 0.00 | Jun 16, 2020 | I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file because of weak permissions on a certain %PROGRAMFILES% subdirectory. | |
| CVE-2020-14163 | Hig | 0.00 | 7.5 | 0.01 | Jun 15, 2020 | An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read… | ||
| CVE-2020-5755 | Hig | 0.51 | 7.8 | 0.00 | Jun 15, 2020 | Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation. | ||
| CVE-2020-5742 | Hig | 0.57 | 8.8 | 0.01 | Jun 15, 2020 | Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute cross-origin application requests. | ||
| CVE-2020-12005 | Hig | 0.49 | 7.5 | 0.02 | Jun 15, 2020 | FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx… | ||
| CVE-2020-12003 | Hig | 0.49 | 7.5 | 0.05 | Jun 15, 2020 | FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx… | ||
| CVE-2020-11999 | Hig | 0.53 | 8.1 | 0.03 | Jun 15, 2020 | FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx… | ||
| CVE-2020-14159 | Hig | 0.57 | 8.8 | 0.02 | Jun 15, 2020 | By using an Automate API in ConnectWise Automate before 2020.5.178, a remote authenticated user could execute commands and/or modifications within an individual Automate instance by triggering an SQL injection vulnerability in /LabTech/agent.aspx. This affects versions before… | ||
| CVE-2020-13651 | Hig | 0.51 | 7.8 | 0.01 | Jun 15, 2020 | An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200421, and 2019R2 before p20200430. It allows a user to provide data that will be used to generate the JNLP file used by a client to obtain the right Java application. By providing an… | ||
| CVE-2020-13650 | Hig | 0.49 | 7.5 | 0.01 | Jun 15, 2020 | An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery (SSRF) that allows use of the application as a proxy. Sent to an external server, a forged request discloses application… | ||
| CVE-2020-14156 | Hig | 0.00 | 8.8 | 0.02 | Jun 15, 2020 | user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions. | ||
| CVE-2020-14149 | Hig | 0.49 | 7.5 | 0.02 | Jun 15, 2020 | In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command. | ||
| CVE-2020-14148 | Hig | 0.00 | 7.5 | 0.03 | Jun 15, 2020 | The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function. | ||
| CVE-2020-14147 | Hig | 0.00 | 7.7 | 0.03 | Jun 15, 2020 | An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox… | ||
| CVE-2020-14153 | Hig | 0.46 | 7.1 | 0.01 | Jun 15, 2020 | In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers. |
- risk 0.00cvss 7.5epss 0.03
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
- risk 0.00cvss 7.5epss 0.03
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.
- risk 0.00cvss 7.5epss 0.03
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
- risk 0.00cvss 7.5epss 0.03
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
- risk 0.00cvss 7.5epss 0.03
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
- risk 0.00cvss 7.5epss 0.04
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
- risk 0.57cvss 7.2epss 0.86
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.
- risk 0.40cvss 7.2epss 0.03
MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document.
- risk 0.57cvss 8.8epss 0.02
TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices…
- risk 0.48cvss 7.3epss 0.03
The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write.
- risk 0.48cvss 7.3epss 0.09
The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.
- risk 0.54cvss 8.2epss 0.13
The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.
- risk 0.41cvss 7.3epss 0.02
In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom config that allows certain elements, some content in a math or svg element may…
- risk 0.57cvss 8.8epss 0.02
FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load_model_native and a certain index check is omitted.
- risk 0.49cvss 7.5epss 0.02
Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of…
- risk 0.49cvss 7.5epss 0.01
A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to intercept traffic and read configuration data.
- risk 0.49cvss 7.5epss 0.01
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to acquire a password by brute force.
- risk 0.49cvss 7.5epss 0.01
A CWE-200: Information Exposure vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow attacker to obtain private keys.
- risk 0.47cvss 7.2epss 0.01
A CWE-269: Improper privilege management (write) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to elevate their privileges and delete files.
- risk 0.49cvss 7.5epss 0.01
A CWE-400: Uncontrolled Resource Consumption vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to login multiple times resulting in a denial of service.
- risk 0.49cvss 7.5epss 0.01
A CWE-200: Information Exposure vulnerability exists in Easergy T300, Firmware V1.5.2 and prior, which could allow an attacker to pack or unpack the archive with the firmware for the controller and modules using the usual tar archiver resulting in an information exposure.
- risk 0.47cvss 7.2epss 0.01
A CWE-494 Download of Code Without Integrity Check vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to inject data with dangerous content into the firmware and execute arbitrary code on the system.
- risk 0.57cvss 8.8epss 0.01
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted.
- risk 0.49cvss 7.5epss 0.02
A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller.
- risk 0.57cvss 8.8epss 0.01
A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and…
- risk 0.51cvss 7.8epss 0.01
A CWE-88: Argument Injection or Modification vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause unauthorized write access when opening the project file.
- risk 0.51cvss 7.8epss 0.01
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project…
- risk 0.51cvss 7.8epss 0.01
A CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the…
- risk 0.46cvss 7.0epss 0.01
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.
- risk 0.46cvss 8.1epss 0.05
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).
- risk 0.49cvss 7.5epss 0.02
OX App Suite through 7.10.3 has Improper Input Validation.
- risk 0.49cvss 7.5epss 0.02
IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081.
- risk 0.51cvss 7.8epss 0.00
In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.51cvss 7.8epss 0.00
On the Cypress CYW20735 evaluation board, any data that exceeds 384 bytes is copied and causes an overflow. This is because the maximum BLOC buffer size for sending and receiving data is set to 384 bytes, but everything else is still configured to the usual size of 1092 (which…
- risk 0.51cvss 7.8epss 0.00
I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file because of weak permissions on a certain %PROGRAMFILES% subdirectory.
- risk 0.00cvss 7.5epss 0.01
An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read…
- risk 0.51cvss 7.8epss 0.00
Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation.
- risk 0.57cvss 8.8epss 0.01
Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute cross-origin application requests.
- risk 0.49cvss 7.5epss 0.02
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…
- risk 0.49cvss 7.5epss 0.05
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…
- risk 0.53cvss 8.1epss 0.03
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…
- risk 0.57cvss 8.8epss 0.02
By using an Automate API in ConnectWise Automate before 2020.5.178, a remote authenticated user could execute commands and/or modifications within an individual Automate instance by triggering an SQL injection vulnerability in /LabTech/agent.aspx. This affects versions before…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200421, and 2019R2 before p20200430. It allows a user to provide data that will be used to generate the JNLP file used by a client to obtain the right Java application. By providing an…
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery (SSRF) that allows use of the application as a proxy. Sent to an external server, a forged request discloses application…
- risk 0.00cvss 8.8epss 0.02
user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions.
- risk 0.49cvss 7.5epss 0.02
In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command.
- risk 0.00cvss 7.5epss 0.03
The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
- risk 0.00cvss 7.7epss 0.03
An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox…
- risk 0.46cvss 7.1epss 0.01
In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers.