| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-21524 | Cri | 0.59 | 9.1 | 0.02 | Sep 30, 2020 | There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xml file, but it is not used for security defense, This vulnerability can detect the intranet, read… | ||
| CVE-2020-21523 | Cri | 0.64 | 9.8 | 0.03 | Sep 30, 2020 | A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the background. exp: <#assign… | ||
| CVE-2020-21522 | Cri | 0.64 | 9.8 | 0.02 | Sep 30, 2020 | An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite some files, such as ftl files, .bashrc files in the user directory, and finally get the permissions of the operating system. | ||
| CVE-2020-20800 | Cri | 0.64 | 9.8 | 0.02 | Sep 30, 2020 | An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI. | ||
| CVE-2020-19672 | Cri | 0.64 | 9.8 | 0.01 | Sep 30, 2020 | Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell. | ||
| CVE-2020-15487 | Cri | 0.64 | 9.8 | 0.04 | Sep 30, 2020 | Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerability in the getBaseCriteria() function in the protected/models/Ticket.php file. By modifying the folder GET parameter, it is possible to execute arbitrary SQL statements via a crafted URL. Unauthenticated remote… | ||
| CVE-2018-5353 | Cri | 0.65 | 9.8 | 0.11 | Sep 30, 2020 | The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable… | ||
| CVE-2020-12506 | Cri | 0.59 | 9.1 | 0.01 | Sep 30, 2020 | Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO… | ||
| CVE-2020-15206 | Cri | 0.52 | 9.0 | 0.01 | Sep 25, 2020 | In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products… | ||
| CVE-2020-15205 | Cri | 0.52 | 9.0 | 0.01 | Sep 25, 2020 | In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all… | ||
| CVE-2020-15202 | Cri | 0.52 | 9.0 | 0.01 | Sep 25, 2020 | In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However, there are several places in TensorFlow where a lambda taking `int` or `int32`… | ||
| CVE-2020-25147 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2020 | An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. This can occur via username[0] to the default URI, because… | ||
| CVE-2020-25132 | Cri | 0.64 | 9.8 | 0.02 | Sep 25, 2020 | An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. Sending the improper variable type Array allows a bypass… | ||
| CVE-2020-15374 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2020 | Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input. | ||
| CVE-2020-15373 | Cri | 0.64 | 9.8 | 0.02 | Sep 25, 2020 | Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks. | ||
| CVE-2020-15371 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2020 | Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability. | ||
| CVE-2019-16211 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2020 | Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability. | ||
| CVE-2020-13995 | Cri | 0.64 | 9.8 | 0.03 | Sep 25, 2020 | U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable (sBuffer) leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as… | ||
| CVE-2020-15394 | Cri | 0.64 | 9.8 | 0.08 | Sep 25, 2020 | The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution. | ||
| CVE-2020-26108 | Cri | 0.64 | 9.8 | 0.02 | Sep 25, 2020 | cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488). | ||
| CVE-2020-26105 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2020 | In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554). | ||
| CVE-2020-26101 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2020 | In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549). | ||
| CVE-2020-26100 | Cri | 0.64 | 9.8 | 0.02 | Sep 25, 2020 | chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497). | ||
| CVE-2020-26098 | Cri | 0.64 | 9.8 | 0.03 | Sep 25, 2020 | cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485). | ||
| CVE-2020-25749 | Cri | 0.64 | 9.8 | 0.03 | Sep 25, 2020 | The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static… | ||
| CVE-2020-25747 | Cri | 0.61 | 9.4 | 0.02 | Sep 25, 2020 | The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the camera, rotate the camera, change… | ||
| CVE-2020-25223 | Cri | 0.86 | 9.8 | 0.97 | KEV | Sep 25, 2020 | A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11 | |
| CVE-2020-24594 | Cri | 0.63 | 9.6 | 0.02 | Sep 25, 2020 | Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session. | ||
| CVE-2020-11805 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2020 | Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN. | ||
| CVE-2020-15160 | Cri | 0.61 | 9.8 | 0.11 | Sep 24, 2020 | PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8 | ||
| CVE-2020-15851 | Cri | 0.64 | 9.8 | 0.02 | Sep 24, 2020 | Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete… | ||
| CVE-2020-12843 | Cri | 0.64 | 9.8 | 0.01 | Sep 24, 2020 | ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used. | ||
| CVE-2020-12842 | Cri | 0.64 | 9.8 | 0.02 | Sep 24, 2020 | ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php. | ||
| CVE-2020-12839 | Cri | 0.64 | 9.8 | 0.02 | Sep 24, 2020 | ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php. | ||
| CVE-2020-12838 | Cri | 0.64 | 9.8 | 0.02 | Sep 24, 2020 | ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php. | ||
| CVE-2020-13505 | Cri | 0.64 | 9.8 | 0.01 | Sep 24, 2020 | Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability. | ||
| CVE-2020-13504 | Cri | 0.64 | 9.8 | 0.01 | Sep 24, 2020 | Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability. | ||
| CVE-2020-13501 | Cri | 0.64 | 9.8 | 0.03 | Sep 24, 2020 | An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable… | ||
| CVE-2020-13500 | Cri | 0.64 | 9.8 | 0.03 | Sep 24, 2020 | SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to… | ||
| CVE-2020-13499 | Cri | 0.64 | 9.8 | 0.03 | Sep 24, 2020 | An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable… | ||
| CVE-2020-16147 | Cri | 0.64 | 9.8 | 0.02 | Sep 24, 2020 | The login page in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell access via Unauthenticated code injection over the network. | ||
| CVE-2015-4719 | Cri | 0.64 | 9.8 | 0.01 | Sep 24, 2020 | The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request. | ||
| CVE-2020-2279 | Cri | 0.58 | 9.9 | 0.02 | Sep 23, 2020 | A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM. | ||
| CVE-2020-24626 | Cri | 0.64 | 9.8 | 0.03 | Sep 23, 2020 | Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. | ||
| CVE-2019-16028 | Cri | 0.64 | 9.8 | 0.03 | Sep 23, 2020 | A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due… | ||
| CVE-2020-11856 | Cri | 0.64 | 9.8 | 0.05 | Sep 22, 2020 | Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of OBR. | ||
| CVE-2020-11857 | Cri | 0.68 | 9.8 | 0.16 | Sep 22, 2020 | An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user | ||
| CVE-2020-6573 | Cri | 0.63 | 9.6 | 0.02 | Sep 21, 2020 | Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2020-15963 | Cri | 0.63 | 9.6 | 0.01 | Sep 21, 2020 | Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | ||
| CVE-2020-15961 | Cri | 0.63 | 9.6 | 0.01 | Sep 21, 2020 | Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. |
- risk 0.59cvss 9.1epss 0.02
There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xml file, but it is not used for security defense, This vulnerability can detect the intranet, read…
- risk 0.64cvss 9.8epss 0.03
A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the background. exp: <#assign…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite some files, such as ftl files, .bashrc files in the user directory, and finally get the permissions of the operating system.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI.
- risk 0.64cvss 9.8epss 0.01
Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell.
- risk 0.64cvss 9.8epss 0.04
Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerability in the getBaseCriteria() function in the protected/models/Ticket.php file. By modifying the folder GET parameter, it is possible to execute arbitrary SQL statements via a crafted URL. Unauthenticated remote…
- risk 0.65cvss 9.8epss 0.11
The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable…
- risk 0.59cvss 9.1epss 0.01
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO…
- risk 0.52cvss 9.0epss 0.01
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products…
- risk 0.52cvss 9.0epss 0.01
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all…
- risk 0.52cvss 9.0epss 0.01
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However, there are several places in TensorFlow where a lambda taking `int` or `int32`…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. This can occur via username[0] to the default URI, because…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. Sending the improper variable type Array allows a bypass…
- risk 0.64cvss 9.8epss 0.01
Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input.
- risk 0.64cvss 9.8epss 0.02
Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks.
- risk 0.64cvss 9.8epss 0.01
Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability.
- risk 0.64cvss 9.8epss 0.01
Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability.
- risk 0.64cvss 9.8epss 0.03
U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable (sBuffer) leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as…
- risk 0.64cvss 9.8epss 0.08
The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution.
- risk 0.64cvss 9.8epss 0.02
cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).
- risk 0.64cvss 9.8epss 0.01
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).
- risk 0.64cvss 9.8epss 0.01
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
- risk 0.64cvss 9.8epss 0.02
chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).
- risk 0.64cvss 9.8epss 0.03
cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
- risk 0.64cvss 9.8epss 0.03
The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static…
- risk 0.61cvss 9.4epss 0.02
The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the camera, rotate the camera, change…
- risk 0.86cvss 9.8epss 0.97
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11
- risk 0.63cvss 9.6epss 0.02
Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session.
- risk 0.64cvss 9.8epss 0.01
Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN.
- risk 0.61cvss 9.8epss 0.11
PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8
- risk 0.64cvss 9.8epss 0.02
Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete…
- risk 0.64cvss 9.8epss 0.01
ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used.
- risk 0.64cvss 9.8epss 0.02
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php.
- risk 0.64cvss 9.8epss 0.02
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php.
- risk 0.64cvss 9.8epss 0.02
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php.
- risk 0.64cvss 9.8epss 0.01
Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
- risk 0.64cvss 9.8epss 0.01
Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
- risk 0.64cvss 9.8epss 0.03
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable…
- risk 0.64cvss 9.8epss 0.03
SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to…
- risk 0.64cvss 9.8epss 0.03
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable…
- risk 0.64cvss 9.8epss 0.02
The login page in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell access via Unauthenticated code injection over the network.
- risk 0.64cvss 9.8epss 0.01
The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request.
- risk 0.58cvss 9.9epss 0.02
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM.
- risk 0.64cvss 9.8epss 0.03
Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.
- risk 0.64cvss 9.8epss 0.03
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due…
- risk 0.64cvss 9.8epss 0.05
Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of OBR.
- risk 0.68cvss 9.8epss 0.16
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user
- risk 0.63cvss 9.6epss 0.02
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.63cvss 9.6epss 0.01
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
- risk 0.63cvss 9.6epss 0.01
Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.