| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-25787 | Cri | 0.68 | 9.8 | 0.18 | Sep 19, 2020 | An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all URLs before requesting them. | ||
| CVE-2020-8158 | — | Cri | 0.64 | 9.8 | 0.02 | Sep 18, 2020 | Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks. | |
| CVE-2020-15181 | Cri | 0.00 | 9.3 | 0.01 | Sep 18, 2020 | The Alfresco Reset Password add-on before version 1.2.0 relies on untrusted inputs in a security decision. Intruders can get admin's access to the system using the vulnerability in the project. Impacts all servers where this add-on is installed. The problem is fixed in version… | ||
| CVE-2020-15188 | Cri | 0.00 | 10.0 | 0.05 | Sep 18, 2020 | SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any… | ||
| CVE-2020-0354 | Cri | 0.64 | 9.8 | 0.01 | Sep 18, 2020 | In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:… | ||
| CVE-2020-25756 | Cri | 0.64 | 9.8 | 0.02 | Sep 18, 2020 | A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice. | ||
| CVE-2020-0333 | Cri | 0.64 | 9.8 | 0.01 | Sep 17, 2020 | In UrlQuerySanitizer, there is a possible improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-73822755 | ||
| CVE-2020-25216 | Cri | 0.64 | 9.8 | 0.02 | Sep 17, 2020 | yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet. | ||
| CVE-2020-25215 | Cri | 0.64 | 9.8 | 0.01 | Sep 17, 2020 | yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document. | ||
| CVE-2020-25489 | — | Cri | 0.57 | 9.8 | 0.03 | Sep 17, 2020 | A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0.3.0 allows remote attackers to potentially exploit heap corruption. | |
| CVE-2020-24753 | Cri | 0.00 | 9.8 | 0.03 | Sep 17, 2020 | A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation (CBOR) input to the cbor2json decoder. An uncaught error while decoding CBOR Major… | ||
| CVE-2020-13169 | Cri | 0.59 | 9.0 | 0.02 | Sep 17, 2020 | Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account). | ||
| CVE-2020-11698 | Cri | 0.73 | 9.8 | 0.74 | Sep 17, 2020 | An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server. | ||
| CVE-2020-0380 | Cri | 0.64 | 9.8 | 0.03 | Sep 17, 2020 | In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2020-0342 | Cri | 0.64 | 9.8 | 0.01 | Sep 17, 2020 | There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812576 | ||
| CVE-2020-0278 | Cri | 0.64 | 9.8 | 0.01 | Sep 17, 2020 | There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574 | ||
| CVE-2020-0229 | Cri | 0.64 | 9.8 | 0.01 | Sep 17, 2020 | There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-156333725 | ||
| CVE-2020-0123 | Cri | 0.64 | 9.8 | 0.01 | Sep 17, 2020 | There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-149871374 | ||
| CVE-2020-8028 | Cri | 0.60 | 9.3 | 0.00 | Sep 17, 2020 | A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to… | ||
| CVE-2020-24377 | Cri | 0.62 | 9.6 | 0.01 | Sep 16, 2020 | A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3. | ||
| CVE-2020-24376 | Cri | 0.62 | 9.6 | 0.01 | Sep 16, 2020 | A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3. | ||
| CVE-2020-24374 | Cri | 0.62 | 9.6 | 0.01 | Sep 16, 2020 | A DNS rebinding vulnerability in Freebox v5 before 1.5.29. | ||
| CVE-2020-14517 | Cri | 0.64 | 9.8 | 0.01 | Sep 16, 2020 | Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) and the server accepts external connections, which may allow an attacker to remotely communicate with… | ||
| CVE-2020-14509 | Cri | 0.64 | 9.8 | 0.02 | Sep 16, 2020 | Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields. An attacker could send specially crafted packets to exploit these vulnerabilities. | ||
| CVE-2020-25614 | — | Cri | 0.57 | 9.8 | 0.02 | Sep 16, 2020 | xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerText or possibly have unspecified other impact. | |
| CVE-2020-25412 | Cri | 0.64 | 9.8 | 0.03 | Sep 16, 2020 | com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution. | ||
| CVE-2020-14315 | Cri | 0.64 | 9.8 | 0.03 | Sep 16, 2020 | A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries. | ||
| CVE-2020-7293 | Cri | 0.59 | 9.0 | 0.01 | Sep 15, 2020 | Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface. | ||
| CVE-2020-23833 | Cri | 0.64 | 9.8 | 0.04 | Sep 15, 2020 | Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POST request. | ||
| CVE-2020-23828 | Cri | 0.64 | 9.8 | 0.04 | Sep 15, 2020 | A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses… | ||
| CVE-2020-24561 | Cri | 0.60 | 9.1 | 0.05 | Sep 15, 2020 | A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerability. | ||
| CVE-2020-23512 | Cri | 0.64 | 9.8 | 0.02 | Sep 15, 2020 | VR CAM P1 Model P1 v1 has an incorrect access control vulnerability where an attacker can obtain complete access of the device from web (remote) without authentication. | ||
| CVE-2020-16098 | Cri | 0.64 | 9.8 | 0.01 | Sep 15, 2020 | It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166(MR3), versions of 8.10 prior to v8.10.1211(MR5), versions of 8.00 prior to v8.00.1228(MR6), all versions of 7.90… | ||
| CVE-2020-16096 | Cri | 0.64 | 9.9 | 0.01 | Sep 15, 2020 | In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to 7.80.960(MR2), 7.70 and earlier, any operator account has access to all data that would be replicated if the system were to be (or is)… | ||
| CVE-2020-25576 | — | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2020 | An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints. | |
| CVE-2020-25575 | — | Cri | 0.00 | 9.8 | 0.03 | Sep 14, 2020 | An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.… | |
| CVE-2020-25573 | — | Cri | 0.00 | 9.8 | 0.02 | Sep 14, 2020 | An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint. | |
| CVE-2019-0230 | — | Cri | 0.74 | 9.8 | 0.97 | Sep 14, 2020 | Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. | |
| CVE-2020-11684 | Cri | 0.00 | 9.1 | 0.01 | Sep 14, 2020 | AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. This can be exploited to disclose these keys and subsequently encrypt and sign the next boot stage (such as the… | ||
| CVE-2018-20432 | Cri | 0.64 | 9.8 | 0.04 | Sep 14, 2020 | D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration. | ||
| CVE-2020-24660 | — | Cri | 0.57 | 9.8 | 0.02 | Sep 14, 2020 | An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also affects versions before 0.5.2 of the "Lemonldap::NG handler for Node.js" package. | |
| CVE-2020-25283 | Cri | 0.64 | 9.8 | 0.00 | Sep 11, 2020 | An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. BT manager allows attackers to bypass intended access restrictions on a certain mode. The LG ID is LVE-SMP-200021 (September 2020). | ||
| CVE-2020-25282 | Cri | 0.64 | 9.8 | 0.00 | Sep 11, 2020 | An issue was discovered on LG mobile devices with Android OS 10 software. The lguicc software (for the LG Universal Integrated Circuit Card) allows attackers to bypass intended access restrictions on property values. The LG ID is LVE-SMP-200020 (September 2020). | ||
| CVE-2020-25279 | Cri | 0.64 | 9.8 | 0.01 | Sep 11, 2020 | An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 (September 2020). | ||
| CVE-2020-25278 | Cri | 0.64 | 9.8 | 0.01 | Sep 11, 2020 | An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung IDs are… | ||
| CVE-2020-1595 | Cri | 0.65 | 9.9 | 0.02 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the… | ||
| CVE-2020-1210 | Cri | 0.64 | 9.9 | 0.02 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application… | ||
| CVE-2020-14100 | Cri | 0.64 | 9.8 | 0.05 | Sep 11, 2020 | In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability. | ||
| CVE-2020-14096 | Cri | 0.64 | 9.8 | 0.01 | Sep 11, 2020 | Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a malicious firmware during OTA process. | ||
| CVE-2020-25260 | Cri | 0.64 | 9.8 | 0.03 | Sep 11, 2020 | An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization. |
- risk 0.68cvss 9.8epss 0.18
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all URLs before requesting them.
- risk 0.64cvss 9.8epss 0.02
Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.
- risk 0.00cvss 9.3epss 0.01
The Alfresco Reset Password add-on before version 1.2.0 relies on untrusted inputs in a security decision. Intruders can get admin's access to the system using the vulnerability in the project. Impacts all servers where this add-on is installed. The problem is fixed in version…
- risk 0.00cvss 10.0epss 0.05
SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any…
- risk 0.64cvss 9.8epss 0.01
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…
- risk 0.64cvss 9.8epss 0.02
A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice.
- risk 0.64cvss 9.8epss 0.01
In UrlQuerySanitizer, there is a possible improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-73822755
- risk 0.64cvss 9.8epss 0.02
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet.
- risk 0.64cvss 9.8epss 0.01
yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document.
- risk 0.57cvss 9.8epss 0.03
A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0.3.0 allows remote attackers to potentially exploit heap corruption.
- risk 0.00cvss 9.8epss 0.03
A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation (CBOR) input to the cbor2json decoder. An uncaught error while decoding CBOR Major…
- risk 0.59cvss 9.0epss 0.02
Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account).
- risk 0.73cvss 9.8epss 0.74
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server.
- risk 0.64cvss 9.8epss 0.03
In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.64cvss 9.8epss 0.01
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812576
- risk 0.64cvss 9.8epss 0.01
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574
- risk 0.64cvss 9.8epss 0.01
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-156333725
- risk 0.64cvss 9.8epss 0.01
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-149871374
- risk 0.60cvss 9.3epss 0.00
A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to…
- risk 0.62cvss 9.6epss 0.01
A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3.
- risk 0.62cvss 9.6epss 0.01
A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3.
- risk 0.62cvss 9.6epss 0.01
A DNS rebinding vulnerability in Freebox v5 before 1.5.29.
- risk 0.64cvss 9.8epss 0.01
Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) and the server accepts external connections, which may allow an attacker to remotely communicate with…
- risk 0.64cvss 9.8epss 0.02
Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields. An attacker could send specially crafted packets to exploit these vulnerabilities.
- risk 0.57cvss 9.8epss 0.02
xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerText or possibly have unspecified other impact.
- risk 0.64cvss 9.8epss 0.03
com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.
- risk 0.64cvss 9.8epss 0.03
A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries.
- risk 0.59cvss 9.0epss 0.01
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface.
- risk 0.64cvss 9.8epss 0.04
Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POST request.
- risk 0.64cvss 9.8epss 0.04
A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses…
- risk 0.60cvss 9.1epss 0.05
A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerability.
- risk 0.64cvss 9.8epss 0.02
VR CAM P1 Model P1 v1 has an incorrect access control vulnerability where an attacker can obtain complete access of the device from web (remote) without authentication.
- risk 0.64cvss 9.8epss 0.01
It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166(MR3), versions of 8.10 prior to v8.10.1211(MR5), versions of 8.00 prior to v8.00.1228(MR6), all versions of 7.90…
- risk 0.64cvss 9.9epss 0.01
In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to 7.80.960(MR2), 7.70 and earlier, any operator account has access to all data that would be replicated if the system were to be (or is)…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.
- risk 0.00cvss 9.8epss 0.03
An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.…
- risk 0.00cvss 9.8epss 0.02
An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint.
- risk 0.74cvss 9.8epss 0.97
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
- risk 0.00cvss 9.1epss 0.01
AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. This can be exploited to disclose these keys and subsequently encrypt and sign the next boot stage (such as the…
- risk 0.64cvss 9.8epss 0.04
D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration.
- risk 0.57cvss 9.8epss 0.02
An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also affects versions before 0.5.2 of the "Lemonldap::NG handler for Node.js" package.
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. BT manager allows attackers to bypass intended access restrictions on a certain mode. The LG ID is LVE-SMP-200021 (September 2020).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 10 software. The lguicc software (for the LG Universal Integrated Circuit Card) allows attackers to bypass intended access restrictions on property values. The LG ID is LVE-SMP-200020 (September 2020).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 (September 2020).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung IDs are…
- risk 0.65cvss 9.9epss 0.02
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the…
- risk 0.64cvss 9.9epss 0.02
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application…
- risk 0.64cvss 9.8epss 0.05
In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability.
- risk 0.64cvss 9.8epss 0.01
Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a malicious firmware during OTA process.
- risk 0.64cvss 9.8epss 0.03
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization.