| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-5648 | Cri | 0.64 | 9.8 | 0.03 | Nov 6, 2020 | Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and… | ||
| CVE-2020-5647 | Cri | 0.64 | 9.8 | 0.04 | Nov 6, 2020 | Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QMBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QLBDE CoreOS version ’05.65.00.BD’… | ||
| CVE-2020-5644 | Cri | 0.64 | 9.8 | 0.04 | Nov 6, 2020 | Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier,… | ||
| CVE-2020-15708 | Cri | 0.60 | 9.3 | 0.00 | Nov 6, 2020 | Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code. | ||
| CVE-2020-17510 | — | Cri | 0.57 | 9.8 | 0.09 | Nov 5, 2020 | Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. | |
| CVE-2020-27955 | — | Cri | 0.73 | 9.8 | 0.83 | Nov 5, 2020 | Git LFS 2.12.0 allows Remote Code Execution. | |
| CVE-2020-15952 | Cri | 0.59 | 9.0 | 0.02 | Nov 5, 2020 | Immuta v2.8.2 is affected by stored XSS that allows a low-privileged user to escalate privileges to administrative permissions. Additionally, unauthenticated attackers can phish unauthenticated Immuta users to steal credentials or force actions on authenticated users through… | ||
| CVE-2020-7128 | Cri | 0.64 | 9.8 | 0.02 | Nov 4, 2020 | A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | ||
| CVE-2020-27689 | Cri | 0.64 | 9.8 | 0.02 | Nov 4, 2020 | The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. A remote attacker could exploit this vulnerability to login and execute commands on the device, as well as upgrade the… | ||
| CVE-2020-22274 | Cri | 0.64 | 9.8 | 0.02 | Nov 4, 2020 | JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile. | ||
| CVE-2020-26167 | Cri | 0.64 | 9.8 | 0.03 | Nov 4, 2020 | In FUEL CMS 11.4.12 and before, the page preview feature allows an anonymous user to take complete ownership of any account including an administrator one. | ||
| CVE-2020-22276 | Cri | 0.64 | 9.8 | 0.03 | Nov 4, 2020 | WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry. | ||
| CVE-2020-2301 | Cri | 0.57 | 9.8 | 0.02 | Nov 4, 2020 | Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful authentication of that user is still in the optional cache when using Windows/ADSI mode. | ||
| CVE-2020-2300 | Cri | 0.57 | 9.8 | 0.02 | Nov 4, 2020 | Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which allows attackers to log in to Jenkins as any user depending on the configuration of the Active Directory server. | ||
| CVE-2020-2299 | Cri | 0.57 | 9.8 | 0.01 | Nov 4, 2020 | Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user if a magic constant is used as the password. | ||
| CVE-2020-1909 | Cri | 0.64 | 9.8 | 0.02 | Nov 3, 2020 | A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory corruption, crashes and potentially code execution. This could have happened only if several events occurred together in… | ||
| CVE-2020-16011 | Cri | 0.63 | 9.6 | 0.02 | Nov 3, 2020 | Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2020-16010 | Cri | 0.75 | 9.6 | 0.06 | KEV | Nov 3, 2020 | Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-15999 | Cri | 0.71 | 9.6 | 0.51 | KEV | Nov 3, 2020 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-15993 | Cri | 0.64 | 9.8 | 0.01 | Nov 3, 2020 | Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-5656 | Cri | 0.64 | 9.8 | 0.03 | Nov 2, 2020 | Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are… | ||
| CVE-2020-5653 | Cri | 0.64 | 9.8 | 0.03 | Nov 2, 2020 | Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or… | ||
| CVE-2020-28039 | Cri | 0.00 | 9.1 | 0.04 | Nov 2, 2020 | is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected. | ||
| CVE-2020-28037 | Cri | 0.01 | 9.8 | 0.08 | Nov 2, 2020 | is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial of service for the old… | ||
| CVE-2020-28036 | Cri | 0.00 | 9.8 | 0.05 | Nov 2, 2020 | wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post. | ||
| CVE-2020-28035 | Cri | 0.64 | 9.8 | 0.04 | Nov 2, 2020 | WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC. | ||
| CVE-2020-28032 | Cri | 0.01 | 9.8 | 0.16 | Nov 2, 2020 | WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php. | ||
| CVE-2020-24881 | Cri | 0.73 | 9.8 | 0.73 | Nov 2, 2020 | SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning. | ||
| CVE-2020-23639 | Cri | 0.64 | 9.8 | 0.03 | Nov 2, 2020 | A command injection vulnerability exists in Moxa Inc VPort 461 Series Firmware Version 3.4 or lower that could allow a remote attacker to execute arbitrary commands in Moxa's VPort 461 Series Industrial Video Servers. | ||
| CVE-2020-14750 | Cri | 0.87 | 9.8 | 0.99 | KEV | Nov 2, 2020 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with… | |
| CVE-2018-19025 | Cri | 0.64 | 9.8 | 0.01 | Nov 2, 2020 | In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.). | ||
| CVE-2018-17932 | Cri | 0.64 | 9.8 | 0.01 | Nov 2, 2020 | JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable to a replay attack and command forgery, which could allow attackers to replay commands, control the device, view commands, or cause the device to stop running. | ||
| CVE-2018-19950 | Cri | 0.64 | 9.8 | 0.02 | Nov 2, 2020 | If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11. | ||
| CVE-2020-3703 | Cri | 0.64 | 9.8 | 0.01 | Nov 2, 2020 | u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow… | ||
| CVE-2020-3692 | Cri | 0.64 | 9.8 | 0.01 | Nov 2, 2020 | u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for parameters received from server' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in… | ||
| CVE-2020-3673 | Cri | 0.64 | 9.8 | 0.01 | Nov 2, 2020 | u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon… | ||
| CVE-2020-3670 | Cri | 0.59 | 9.1 | 0.01 | Nov 2, 2020 | u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,… | ||
| CVE-2020-3657 | Cri | 0.66 | 9.8 | 0.28 | Nov 2, 2020 | u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial… | ||
| CVE-2020-3654 | Cri | 0.64 | 9.8 | 0.01 | Nov 2, 2020 | u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon… | ||
| CVE-2020-11172 | Cri | 0.64 | 9.8 | 0.01 | Nov 2, 2020 | u'fscanf reads a string from a file and stores its contents on a statically allocated stack memory which leads to stack overflow' in Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA9531, QCA9980 | ||
| CVE-2020-11169 | Cri | 0.59 | 9.1 | 0.01 | Nov 2, 2020 | u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,… | ||
| CVE-2020-11153 | Cri | 0.64 | 9.8 | 0.02 | Nov 2, 2020 | u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,… | ||
| CVE-2020-7373 | Cri | 0.04 | 9.8 | 0.46 | Oct 30, 2020 | vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. ALSO NOTE: CVE-2020-7373 is a duplicate of… | ||
| CVE-2020-27886 | Cri | 0.64 | 9.8 | 0.02 | Oct 29, 2020 | An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the username_available function of the includes/functions.php file (which is called by login.php). | ||
| CVE-2020-27998 | — | Cri | 0.00 | 9.8 | 0.02 | Oct 29, 2020 | An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress. | |
| CVE-2020-27995 | Cri | 0.64 | 9.8 | 0.09 | Oct 29, 2020 | SQL Injection in Zoho ManageEngine Applications Manager 14 before 14560 allows an attacker to execute commands on the server via the MyPage.do template_resid parameter. | ||
| CVE-2020-27744 | Cri | 0.64 | 9.8 | 0.06 | Oct 29, 2020 | An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges. | ||
| CVE-2020-27654 | Cri | 0.64 | 9.8 | 0.05 | Oct 29, 2020 | Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp. | ||
| CVE-2020-11486 | Cri | 0.64 | 9.8 | 0.03 | Oct 29, 2020 | NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to… | ||
| CVE-2020-11483 | Cri | 0.64 | 9.8 | 0.01 | Oct 29, 2020 | NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges… |
- risk 0.64cvss 9.8epss 0.03
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and…
- risk 0.64cvss 9.8epss 0.04
Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QMBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QLBDE CoreOS version ’05.65.00.BD’…
- risk 0.64cvss 9.8epss 0.04
Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier,…
- risk 0.60cvss 9.3epss 0.00
Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.
- risk 0.57cvss 9.8epss 0.09
Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.
- risk 0.73cvss 9.8epss 0.83
Git LFS 2.12.0 allows Remote Code Execution.
- risk 0.59cvss 9.0epss 0.02
Immuta v2.8.2 is affected by stored XSS that allows a low-privileged user to escalate privileges to administrative permissions. Additionally, unauthenticated attackers can phish unauthenticated Immuta users to steal credentials or force actions on authenticated users through…
- risk 0.64cvss 9.8epss 0.02
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
- risk 0.64cvss 9.8epss 0.02
The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. A remote attacker could exploit this vulnerability to login and execute commands on the device, as well as upgrade the…
- risk 0.64cvss 9.8epss 0.02
JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.
- risk 0.64cvss 9.8epss 0.03
In FUEL CMS 11.4.12 and before, the page preview feature allows an anonymous user to take complete ownership of any account including an administrator one.
- risk 0.64cvss 9.8epss 0.03
WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry.
- risk 0.57cvss 9.8epss 0.02
Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful authentication of that user is still in the optional cache when using Windows/ADSI mode.
- risk 0.57cvss 9.8epss 0.02
Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which allows attackers to log in to Jenkins as any user depending on the configuration of the Active Directory server.
- risk 0.57cvss 9.8epss 0.01
Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user if a magic constant is used as the password.
- risk 0.64cvss 9.8epss 0.02
A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory corruption, crashes and potentially code execution. This could have happened only if several events occurred together in…
- risk 0.63cvss 9.6epss 0.02
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.75cvss 9.6epss 0.06
Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.71cvss 9.6epss 0.51
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.64cvss 9.8epss 0.01
Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.64cvss 9.8epss 0.03
Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are…
- risk 0.64cvss 9.8epss 0.03
Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or…
- risk 0.00cvss 9.1epss 0.04
is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected.
- risk 0.01cvss 9.8epss 0.08
is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial of service for the old…
- risk 0.00cvss 9.8epss 0.05
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.
- risk 0.64cvss 9.8epss 0.04
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.
- risk 0.01cvss 9.8epss 0.16
WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php.
- risk 0.73cvss 9.8epss 0.73
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.
- risk 0.64cvss 9.8epss 0.03
A command injection vulnerability exists in Moxa Inc VPort 461 Series Firmware Version 3.4 or lower that could allow a remote attacker to execute arbitrary commands in Moxa's VPort 461 Series Industrial Video Servers.
- risk 0.87cvss 9.8epss 0.99
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with…
- risk 0.64cvss 9.8epss 0.01
In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.).
- risk 0.64cvss 9.8epss 0.01
JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable to a replay attack and command forgery, which could allow attackers to replay commands, control the device, view commands, or cause the device to stop running.
- risk 0.64cvss 9.8epss 0.02
If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.
- risk 0.64cvss 9.8epss 0.01
u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow…
- risk 0.64cvss 9.8epss 0.01
u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for parameters received from server' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in…
- risk 0.64cvss 9.8epss 0.01
u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…
- risk 0.59cvss 9.1epss 0.01
u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…
- risk 0.66cvss 9.8epss 0.28
u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial…
- risk 0.64cvss 9.8epss 0.01
u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon…
- risk 0.64cvss 9.8epss 0.01
u'fscanf reads a string from a file and stores its contents on a statically allocated stack memory which leads to stack overflow' in Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA9531, QCA9980
- risk 0.59cvss 9.1epss 0.01
u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…
- risk 0.64cvss 9.8epss 0.02
u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…
- risk 0.04cvss 9.8epss 0.46
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. ALSO NOTE: CVE-2020-7373 is a duplicate of…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the username_available function of the includes/functions.php file (which is called by login.php).
- risk 0.00cvss 9.8epss 0.02
An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress.
- risk 0.64cvss 9.8epss 0.09
SQL Injection in Zoho ManageEngine Applications Manager 14 before 14560 allows an attacker to execute commands on the server via the MyPage.do template_resid parameter.
- risk 0.64cvss 9.8epss 0.06
An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges.
- risk 0.64cvss 9.8epss 0.05
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
- risk 0.64cvss 9.8epss 0.03
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to…
- risk 0.64cvss 9.8epss 0.01
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges…