| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-10396 | Hig | 0.49 | 7.5 | 0.03 | Sep 20, 2019 | The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php. | ||
| CVE-2019-16645 | Hig | 0.60 | 8.6 | 0.08 | Sep 20, 2019 | An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages (such as goform/login and config/log_off_page.htm) create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack. | ||
| CVE-2019-14816 | Hig | 0.00 | 7.8 | 0.01 | Sep 20, 2019 | There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||
| CVE-2019-14814 | Hig | 0.00 | 7.8 | 0.01 | Sep 20, 2019 | There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||
| CVE-2019-11326 | Hig | 0.57 | 8.8 | 0.01 | Sep 20, 2019 | An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product is protected by a login. A guest is allowed to login. Once logged in as a guest, an attacker can browse a URL to read the password of the… | ||
| CVE-2019-11280 | Hig | 0.57 | 8.8 | 0.01 | Sep 20, 2019 | Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.18, 2.4.x prior to 2.4.14, 2.5.x prior to 2.5.10, and 2.6.x prior to 2.6.5, contains an invitations microservice which allows users to invite others to their organizations. A remote… | ||
| CVE-2019-4565 | Hig | 0.49 | 7.5 | 0.01 | Sep 20, 2019 | IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 166626. | ||
| CVE-2015-9402 | Hig | 0.57 | 8.8 | 0.02 | Sep 20, 2019 | The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload. | ||
| CVE-2015-9400 | Hig | 0.57 | 8.8 | 0.02 | Sep 20, 2019 | The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL injection. | ||
| CVE-2015-9399 | Hig | 0.47 | 7.2 | 0.02 | Sep 20, 2019 | The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection. | ||
| CVE-2015-9398 | Hig | 0.57 | 8.8 | 0.02 | Sep 20, 2019 | The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection. | ||
| CVE-2015-9395 | Hig | 0.57 | 8.8 | 0.02 | Sep 20, 2019 | The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action. | ||
| CVE-2015-9394 | Hig | 0.57 | 8.8 | 0.01 | Sep 20, 2019 | The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php. | ||
| CVE-2016-11004 | Hig | 0.57 | 8.8 | 0.02 | Sep 20, 2019 | The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation. | ||
| CVE-2016-11003 | Hig | 0.57 | 8.8 | 0.02 | Sep 20, 2019 | The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation. | ||
| CVE-2016-11002 | Hig | 0.57 | 8.8 | 0.02 | Sep 20, 2019 | The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation. | ||
| CVE-2019-15089 | Hig | 0.57 | 8.8 | 0.01 | Sep 20, 2019 | An issue was discovered in PRiSE adAS 1.7.0. Forms have no CSRF protection, letting an attacker execute actions as the administrator. | ||
| CVE-2019-15087 | Hig | 0.47 | 7.2 | 0.03 | Sep 20, 2019 | An issue was discovered in PRiSE adAS 1.7.0. An authenticated user can change the function used to hash passwords to any function, leading to remote code execution. | ||
| CVE-2019-15085 | Hig | 0.49 | 7.5 | 0.01 | Sep 20, 2019 | An issue was discovered in PRiSE adAS 1.7.0. The current database password is embedded in the change password form. | ||
| CVE-2019-16531 | Hig | 0.53 | 8.8 | 0.03 | Sep 20, 2019 | LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php. | ||
| CVE-2019-9719 | Hig | 0.57 | 8.8 | 0.02 | Sep 19, 2019 | A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because… | ||
| CVE-2019-14821 | Hig | 0.57 | 8.8 | 0.01 | Sep 19, 2019 | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices… | ||
| CVE-2019-15033 | Hig | 0.50 | 7.7 | 0.01 | Sep 19, 2019 | Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download. An attacker can specify an intranet address in the file parameter to index.php, when sending a file to a remote server, as demonstrated by the file=http%3A%2F%2F192.168.1.2 substring. | ||
| CVE-2019-16510 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2019 | libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose. | ||
| CVE-2019-16412 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2019 | In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.) | ||
| CVE-2019-15001 | Hig | 0.48 | 7.2 | 0.11 | Sep 19, 2019 | The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator… | ||
| CVE-2019-14994 | Hig | 0.49 | 7.5 | 0.06 | Sep 19, 2019 | The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before… | ||
| CVE-2019-6010 | Hig | 0.51 | 7.8 | 0.02 | Sep 19, 2019 | Integer overflow vulnerability in LINE(Android) from 4.4.0 to the version before 9.15.1 allows remote attackers to cause a denial of service (DoS) condition or execute arbitrary code via a specially crafted image. | ||
| CVE-2019-15943 | Hig | 0.61 | 8.8 | 0.09 | Sep 19, 2019 | vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a memset call. | ||
| CVE-2019-16413 | Hig | 0.00 | 7.5 | 0.03 | Sep 19, 2019 | An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems. | ||
| CVE-2019-13556 | Hig | 0.57 | 8.8 | 0.02 | Sep 18, 2019 | In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. | ||
| CVE-2019-11661 | Hig | 0.54 | 8.3 | 0.01 | Sep 18, 2019 | Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data. | ||
| CVE-2019-5534 | Hig | 0.50 | 7.7 | 0.02 | Sep 18, 2019 | VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties. A malicious… | ||
| CVE-2019-5532 | Hig | 0.50 | 7.7 | 0.02 | Sep 18, 2019 | VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files… | ||
| CVE-2019-5042 | Hig | 0.57 | 8.8 | 0.02 | Sep 18, 2019 | An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this… | ||
| CVE-2019-13552 | Hig | 0.57 | 8.8 | 0.03 | Sep 18, 2019 | In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution. | ||
| CVE-2019-9679 | Hig | 0.57 | 8.8 | 0.01 | Sep 18, 2019 | Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use the Debug function after logging in. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for… | ||
| CVE-2019-9678 | Hig | 0.49 | 7.5 | 0.01 | Sep 18, 2019 | Some Dahua products have the problem of denial of service during the login process. An attacker can cause a device crashed by constructing a malicious packet. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X… | ||
| CVE-2019-14458 | Hig | 0.49 | 7.5 | 0.02 | Sep 18, 2019 | VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header. | ||
| CVE-2019-14252 | Hig | 0.47 | 7.2 | 0.01 | Sep 18, 2019 | An issue was discovered in the secure portal in Publisure 2.1.2. Once successfully authenticated as an administrator, one is able to inject arbitrary PHP code by using the adminCons.php form. The code is then stored in the E:\PUBLISURE\webservice\webpages\AdminDir\Templates\… | ||
| CVE-2019-15843 | Hig | 0.48 | 7.4 | 0.01 | Sep 18, 2019 | A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing. | ||
| CVE-2019-16403 | — | Hig | 0.57 | 8.8 | 0.01 | Sep 18, 2019 | In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers. | |
| CVE-2019-16396 | Hig | 0.51 | 7.8 | 0.01 | Sep 17, 2019 | GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code. | ||
| CVE-2019-16395 | Hig | 0.51 | 7.8 | 0.01 | Sep 17, 2019 | GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code. | ||
| CVE-2019-6839 | Hig | 0.57 | 8.8 | 0.01 | Sep 17, 2019 | A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15),… | ||
| CVE-2019-6836 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2019 | A CWE-863: Incorrect Authorization vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow the… | ||
| CVE-2019-6832 | Hig | 0.54 | 8.3 | 0.01 | Sep 17, 2019 | A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 2.4.0) and Wiser for KNX (all versions before 2.4.0 - formerly known as homeLYnk), which could cause loss of control when an attacker bypasses the authentication. | ||
| CVE-2019-6831 | Hig | 0.56 | 8.6 | 0.01 | Sep 17, 2019 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received… | ||
| CVE-2019-6829 | Hig | 0.49 | 7.5 | 0.02 | Sep 17, 2019 | A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware version prior to V2.90) and Modicon M340 (firmware version prior to V3.10), which could cause a possible denial of service when writing to specific memory addresses in the controller over Modbus. | ||
| CVE-2019-6828 | Hig | 0.49 | 7.5 | 0.02 | Sep 17, 2019 | A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading… |
- risk 0.49cvss 7.5epss 0.03
The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php.
- risk 0.60cvss 8.6epss 0.08
An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages (such as goform/login and config/log_off_page.htm) create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack.
- risk 0.00cvss 7.8epss 0.01
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
- risk 0.00cvss 7.8epss 0.01
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product is protected by a login. A guest is allowed to login. Once logged in as a guest, an attacker can browse a URL to read the password of the…
- risk 0.57cvss 8.8epss 0.01
Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.18, 2.4.x prior to 2.4.14, 2.5.x prior to 2.5.10, and 2.6.x prior to 2.6.5, contains an invitations microservice which allows users to invite others to their organizations. A remote…
- risk 0.49cvss 7.5epss 0.01
IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 166626.
- risk 0.57cvss 8.8epss 0.02
The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload.
- risk 0.57cvss 8.8epss 0.02
The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL injection.
- risk 0.47cvss 7.2epss 0.02
The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection.
- risk 0.57cvss 8.8epss 0.02
The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection.
- risk 0.57cvss 8.8epss 0.02
The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action.
- risk 0.57cvss 8.8epss 0.01
The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php.
- risk 0.57cvss 8.8epss 0.02
The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation.
- risk 0.57cvss 8.8epss 0.02
The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation.
- risk 0.57cvss 8.8epss 0.02
The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in PRiSE adAS 1.7.0. Forms have no CSRF protection, letting an attacker execute actions as the administrator.
- risk 0.47cvss 7.2epss 0.03
An issue was discovered in PRiSE adAS 1.7.0. An authenticated user can change the function used to hash passwords to any function, leading to remote code execution.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in PRiSE adAS 1.7.0. The current database password is embedded in the change password form.
- risk 0.53cvss 8.8epss 0.03
LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.
- risk 0.57cvss 8.8epss 0.02
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because…
- risk 0.57cvss 8.8epss 0.01
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices…
- risk 0.50cvss 7.7epss 0.01
Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download. An attacker can specify an intranet address in the file parameter to index.php, when sending a file to a remote server, as demonstrated by the file=http%3A%2F%2F192.168.1.2 substring.
- risk 0.49cvss 7.5epss 0.01
libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.
- risk 0.49cvss 7.5epss 0.01
In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.)
- risk 0.48cvss 7.2epss 0.11
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator…
- risk 0.49cvss 7.5epss 0.06
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before…
- risk 0.51cvss 7.8epss 0.02
Integer overflow vulnerability in LINE(Android) from 4.4.0 to the version before 9.15.1 allows remote attackers to cause a denial of service (DoS) condition or execute arbitrary code via a specially crafted image.
- risk 0.61cvss 8.8epss 0.09
vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a memset call.
- risk 0.00cvss 7.5epss 0.03
An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
- risk 0.57cvss 8.8epss 0.02
In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.
- risk 0.54cvss 8.3epss 0.01
Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data.
- risk 0.50cvss 7.7epss 0.02
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties. A malicious…
- risk 0.50cvss 7.7epss 0.02
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files…
- risk 0.57cvss 8.8epss 0.02
An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this…
- risk 0.57cvss 8.8epss 0.03
In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution.
- risk 0.57cvss 8.8epss 0.01
Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use the Debug function after logging in. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for…
- risk 0.49cvss 7.5epss 0.01
Some Dahua products have the problem of denial of service during the login process. An attacker can cause a device crashed by constructing a malicious packet. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X…
- risk 0.49cvss 7.5epss 0.02
VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header.
- risk 0.47cvss 7.2epss 0.01
An issue was discovered in the secure portal in Publisure 2.1.2. Once successfully authenticated as an administrator, one is able to inject arbitrary PHP code by using the adminCons.php form. The code is then stored in the E:\PUBLISURE\webservice\webpages\AdminDir\Templates\…
- risk 0.48cvss 7.4epss 0.01
A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing.
- risk 0.57cvss 8.8epss 0.01
In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.
- risk 0.51cvss 7.8epss 0.01
GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code.
- risk 0.51cvss 7.8epss 0.01
GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code.
- risk 0.57cvss 8.8epss 0.01
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15),…
- risk 0.49cvss 7.5epss 0.01
A CWE-863: Incorrect Authorization vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow the…
- risk 0.54cvss 8.3epss 0.01
A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 2.4.0) and Wiser for KNX (all versions before 2.4.0 - formerly known as homeLYnk), which could cause loss of control when an attacker bypasses the authentication.
- risk 0.56cvss 8.6epss 0.01
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received…
- risk 0.49cvss 7.5epss 0.02
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware version prior to V2.90) and Modicon M340 (firmware version prior to V3.10), which could cause a possible denial of service when writing to specific memory addresses in the controller over Modbus.
- risk 0.49cvss 7.5epss 0.02
A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading…