| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-35464 | Cri | 0.64 | 9.8 | 0.02 | Dec 15, 2020 | Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the Weave Cloud Agent container may allow a remote attacker to achieve root access with a blank password. | ||
| CVE-2020-35463 | Cri | 0.64 | 9.8 | 0.02 | Dec 15, 2020 | Version 1.0.0 of the Instana Dynamic APM Docker image contains a blank password for the root user. Systems deployed using affected versions of the Instana Dynamic APM container may allow a remote attacker to achieve root access with a blank password. | ||
| CVE-2020-35462 | Cri | 0.64 | 9.8 | 0.02 | Dec 15, 2020 | Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the CoScale agent container may allow a remote attacker to achieve root access with a blank password. | ||
| CVE-2020-29663 | Cri | 0.59 | 9.1 | 0.02 | Dec 15, 2020 | Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.3. | ||
| CVE-2020-27068 | Cri | 0.64 | 9.8 | 0.01 | Dec 15, 2020 | Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel | ||
| CVE-2020-4747 | Cri | 0.64 | 9.8 | 0.02 | Dec 15, 2020 | IBM Connect:Direct for UNIX 6.1.0, 6.0.0, 4.3.0, and 4.2.0 can allow a local or remote user to obtain an authenticated CLI session due to improper authentication methods. IBM X-Force ID: 188516. | ||
| CVE-2020-0456 | Cri | 0.64 | 9.8 | 0.01 | Dec 14, 2020 | There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170378843 | ||
| CVE-2020-0457 | Cri | 0.64 | 9.8 | 0.01 | Dec 14, 2020 | There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170367562 | ||
| CVE-2020-0455 | Cri | 0.64 | 9.8 | 0.01 | Dec 14, 2020 | There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170372514 | ||
| CVE-2020-25228 | Cri | 0.64 | 9.8 | 0.01 | Dec 14, 2020 | A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected… | ||
| CVE-2020-20189 | Cri | 0.64 | 9.8 | 0.01 | Dec 14, 2020 | SQL Injection vulnerability in NewPK 1.1 via the title parameter to admin\newpost.php. | ||
| CVE-2020-8257 | Cri | 0.64 | 9.8 | 0.02 | Dec 14, 2020 | Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, lead to privilege escalation attacks | ||
| CVE-2020-29511 | Cri | 0.64 | 9.8 | 0.02 | Dec 14, 2020 | The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected… | ||
| CVE-2020-29510 | Cri | 0.64 | 9.8 | 0.02 | Dec 14, 2020 | The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream… | ||
| CVE-2020-29509 | Cri | 0.57 | 9.8 | 0.02 | Dec 14, 2020 | The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected… | ||
| CVE-2020-20184 | Cri | 0.64 | 9.8 | 0.03 | Dec 14, 2020 | GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection. | ||
| CVE-2020-20136 | — | Cri | 0.64 | 9.8 | 0.02 | Dec 14, 2020 | QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library. | |
| CVE-2020-35338 | Cri | 0.65 | 9.8 | 0.12 | Dec 14, 2020 | The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and earlier has a default account with a password of "pokon." | ||
| CVE-2020-25179 | Cri | 0.64 | 9.8 | 0.01 | Dec 14, 2020 | GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network. | ||
| CVE-2020-25175 | Cri | 0.64 | 9.8 | 0.01 | Dec 14, 2020 | GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network. | ||
| CVE-2020-35378 | Cri | 0.64 | 9.8 | 0.02 | Dec 14, 2020 | SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields. | ||
| CVE-2020-14268 | Cri | 0.64 | 9.8 | 0.02 | Dec 14, 2020 | A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the client or inject code into the system which… | ||
| CVE-2020-14244 | Cri | 0.64 | 9.8 | 0.03 | Dec 14, 2020 | A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the server or inject code into the system which… | ||
| CVE-2020-29227 | Cri | 0.65 | 9.8 | 0.17 | Dec 14, 2020 | An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, to cause local file inclusion resulting in code execution. | ||
| CVE-2020-5639 | Cri | 0.64 | 9.8 | 0.05 | Dec 14, 2020 | Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed. | ||
| CVE-2020-29563 | Cri | 0.64 | 9.8 | 0.03 | Dec 12, 2020 | An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device. | ||
| CVE-2020-25112 | Cri | 0.66 | 9.8 | 0.27 | Dec 11, 2020 | An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet. | ||
| CVE-2020-25111 | Cri | 0.65 | 9.8 | 0.20 | Dec 11, 2020 | An issue was discovered in the IPv6 stack in Contiki through 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet. | ||
| CVE-2020-25110 | Cri | 0.68 | 9.8 | 0.52 | Dec 11, 2020 | An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The length byte of a domain name in a DNS query/response is not checked, and is used for internal memory operations. This may lead to successful Denial-of-Service, and possibly Remote Code Execution. | ||
| CVE-2020-25109 | Cri | 0.68 | 9.8 | 0.52 | Dec 11, 2020 | An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The number of DNS queries/responses (set in a DNS header) is not checked against the data present. This may lead to successful Denial-of-Service, and possibly Remote Code Execution. | ||
| CVE-2020-25108 | Cri | 0.68 | 9.8 | 0.52 | Dec 11, 2020 | An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The DNS response data length is not checked (it can be set to an arbitrary value from a packet). This may lead to successful Denial-of-Service, and possibly Remote Code Execution. | ||
| CVE-2020-25107 | Cri | 0.68 | 9.8 | 0.52 | Dec 11, 2020 | An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on whether a domain name has '\0' termination. This may lead to successful Denial-of-Service, and possibly Remote Code Execution. | ||
| CVE-2020-24383 | Cri | 0.60 | 9.1 | 0.05 | Dec 11, 2020 | An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service. | ||
| CVE-2020-24341 | Cri | 0.60 | 9.1 | 0.05 | Dec 11, 2020 | An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually… | ||
| CVE-2020-24338 | Cri | 0.67 | 9.8 | 0.36 | Dec 11, 2020 | An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet,… | ||
| CVE-2020-24336 | Cri | 0.68 | 9.8 | 0.59 | Dec 11, 2020 | An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer… | ||
| CVE-2020-17467 | Cri | 0.59 | 9.1 | 0.03 | Dec 11, 2020 | An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead to Information… | ||
| CVE-2020-17441 | Cri | 0.60 | 9.1 | 0.07 | Dec 11, 2020 | An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either… | ||
| CVE-2020-17438 | Cri | 0.65 | 9.8 | 0.19 | Dec 11, 2020 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP… | ||
| CVE-2020-27730 | Cri | 0.64 | 9.8 | 0.02 | Dec 11, 2020 | In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities. | ||
| CVE-2020-5948 | Cri | 0.62 | 9.6 | 0.01 | Dec 11, 2020 | On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user… | ||
| CVE-2020-19165 | Cri | 0.64 | 9.8 | 0.02 | Dec 11, 2020 | PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevel_id=1 userlevel_id[] parameter. | ||
| CVE-2020-29574 | Cri | 0.76 | 9.8 | 0.05 | KEV | Dec 11, 2020 | An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely. | |
| CVE-2020-28440 | Cri | 0.64 | 9.8 | 0.02 | Dec 11, 2020 | All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function. | ||
| CVE-2020-28439 | Cri | 0.64 | 9.8 | 0.02 | Dec 11, 2020 | This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC: | ||
| CVE-2020-27134 | Cri | 0.64 | 9.9 | 0.02 | Dec 11, 2020 | Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more… | ||
| CVE-2020-27133 | Cri | 0.64 | 9.9 | 0.01 | Dec 11, 2020 | Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more… | ||
| CVE-2020-27132 | Cri | 0.64 | 9.9 | 0.01 | Dec 11, 2020 | Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more… | ||
| CVE-2020-27127 | Cri | 0.64 | 9.9 | 0.01 | Dec 11, 2020 | Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more… | ||
| CVE-2020-15357 | Cri | 0.64 | 9.8 | 0.04 | Dec 11, 2020 | Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or route options. |
- risk 0.64cvss 9.8epss 0.02
Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the Weave Cloud Agent container may allow a remote attacker to achieve root access with a blank password.
- risk 0.64cvss 9.8epss 0.02
Version 1.0.0 of the Instana Dynamic APM Docker image contains a blank password for the root user. Systems deployed using affected versions of the Instana Dynamic APM container may allow a remote attacker to achieve root access with a blank password.
- risk 0.64cvss 9.8epss 0.02
Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the CoScale agent container may allow a remote attacker to achieve root access with a blank password.
- risk 0.59cvss 9.1epss 0.02
Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.3.
- risk 0.64cvss 9.8epss 0.01
Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel
- risk 0.64cvss 9.8epss 0.02
IBM Connect:Direct for UNIX 6.1.0, 6.0.0, 4.3.0, and 4.2.0 can allow a local or remote user to obtain an authenticated CLI session due to improper authentication methods. IBM X-Force ID: 188516.
- risk 0.64cvss 9.8epss 0.01
There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170378843
- risk 0.64cvss 9.8epss 0.01
There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170367562
- risk 0.64cvss 9.8epss 0.01
There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170372514
- risk 0.64cvss 9.8epss 0.01
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected…
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability in NewPK 1.1 via the title parameter to admin\newpost.php.
- risk 0.64cvss 9.8epss 0.02
Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, lead to privilege escalation attacks
- risk 0.64cvss 9.8epss 0.02
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected…
- risk 0.64cvss 9.8epss 0.02
The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream…
- risk 0.57cvss 9.8epss 0.02
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected…
- risk 0.64cvss 9.8epss 0.03
GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection.
- risk 0.64cvss 9.8epss 0.02
QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library.
- risk 0.65cvss 9.8epss 0.12
The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and earlier has a default account with a password of "pokon."
- risk 0.64cvss 9.8epss 0.01
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
- risk 0.64cvss 9.8epss 0.01
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
- risk 0.64cvss 9.8epss 0.02
SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields.
- risk 0.64cvss 9.8epss 0.02
A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the client or inject code into the system which…
- risk 0.64cvss 9.8epss 0.03
A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the server or inject code into the system which…
- risk 0.65cvss 9.8epss 0.17
An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, to cause local file inclusion resulting in code execution.
- risk 0.64cvss 9.8epss 0.05
Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed.
- risk 0.64cvss 9.8epss 0.03
An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device.
- risk 0.66cvss 9.8epss 0.27
An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.
- risk 0.65cvss 9.8epss 0.20
An issue was discovered in the IPv6 stack in Contiki through 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.
- risk 0.68cvss 9.8epss 0.52
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The length byte of a domain name in a DNS query/response is not checked, and is used for internal memory operations. This may lead to successful Denial-of-Service, and possibly Remote Code Execution.
- risk 0.68cvss 9.8epss 0.52
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The number of DNS queries/responses (set in a DNS header) is not checked against the data present. This may lead to successful Denial-of-Service, and possibly Remote Code Execution.
- risk 0.68cvss 9.8epss 0.52
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The DNS response data length is not checked (it can be set to an arbitrary value from a packet). This may lead to successful Denial-of-Service, and possibly Remote Code Execution.
- risk 0.68cvss 9.8epss 0.52
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on whether a domain name has '\0' termination. This may lead to successful Denial-of-Service, and possibly Remote Code Execution.
- risk 0.60cvss 9.1epss 0.05
An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service.
- risk 0.60cvss 9.1epss 0.05
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually…
- risk 0.67cvss 9.8epss 0.36
An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet,…
- risk 0.68cvss 9.8epss 0.59
An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer…
- risk 0.59cvss 9.1epss 0.03
An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead to Information…
- risk 0.60cvss 9.1epss 0.07
An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either…
- risk 0.65cvss 9.8epss 0.19
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP…
- risk 0.64cvss 9.8epss 0.02
In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities.
- risk 0.62cvss 9.6epss 0.01
On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user…
- risk 0.64cvss 9.8epss 0.02
PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevel_id=1 userlevel_id[] parameter.
- risk 0.76cvss 9.8epss 0.05
An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.
- risk 0.64cvss 9.8epss 0.02
All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function.
- risk 0.64cvss 9.8epss 0.02
This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC:
- risk 0.64cvss 9.9epss 0.02
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…
- risk 0.64cvss 9.9epss 0.01
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…
- risk 0.64cvss 9.9epss 0.01
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…
- risk 0.64cvss 9.9epss 0.01
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…
- risk 0.64cvss 9.8epss 0.04
Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or route options.