| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-7055 | Cri | 0.65 | 9.9 | 0.03 | Apr 22, 2020 | An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive. | ||
| CVE-2020-11011 | Cri | 0.00 | 9.9 | 0.02 | Apr 22, 2020 | In Phproject before version 1.7.8, there's a vulnerability which allows users with access to file uploads to execute arbitrary code. This is patched in version 1.7.8. | ||
| CVE-2019-20787 | Cri | 0.57 | 9.8 | 0.02 | Apr 22, 2020 | Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size. | ||
| CVE-2019-19106 | Cri | 0.59 | 9.1 | 0.01 | Apr 22, 2020 | Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or editing user profiles and application settings. | ||
| CVE-2019-19104 | Cri | 0.59 | 9.1 | 0.01 | Apr 22, 2020 | The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. This issue… | ||
| CVE-2020-11796 | Cri | 0.64 | 9.8 | 0.01 | Apr 22, 2020 | In JetBrains Space through 2020-04-22, the password authentication implementation was insecure. | ||
| CVE-2020-11690 | Cri | 0.64 | 9.8 | 0.02 | Apr 22, 2020 | In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases. | ||
| CVE-2020-10569 | Cri | 0.64 | 9.8 | 0.03 | Apr 21, 2020 | SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack. NOTE: This… | ||
| CVE-2020-11967 | Cri | 0.64 | 9.8 | 0.03 | Apr 21, 2020 | In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial… | ||
| CVE-2020-11966 | Cri | 0.64 | 9.8 | 0.03 | Apr 21, 2020 | In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial… | ||
| CVE-2020-11965 | Cri | 0.64 | 9.8 | 0.02 | Apr 21, 2020 | In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has… | ||
| CVE-2020-11963 | Cri | 0.64 | 9.8 | 0.03 | Apr 21, 2020 | IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced… | ||
| CVE-2020-9279 | Cri | 0.64 | 9.8 | 0.02 | Apr 20, 2020 | An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A hard-coded account allows management-interface login with high privileges. The logged-in user can perform critical tasks and take full control of the device. | ||
| CVE-2020-9278 | Cri | 0.59 | 9.1 | 0.02 | Apr 20, 2020 | An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The device can be reset to its default configuration by accessing an unauthenticated URL. | ||
| CVE-2020-9277 | Cri | 0.64 | 9.8 | 0.02 | Apr 20, 2020 | An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when accessing cgi modules. This allows one to perform administrative tasks (e.g., modify the admin password) with no authentication. | ||
| CVE-2020-9275 | Cri | 0.64 | 9.8 | 0.02 | Apr 20, 2020 | An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on port 65002 allows remote, unauthenticated exfiltration of administrative credentials. | ||
| CVE-2019-19108 | Cri | 0.61 | 9.4 | 0.02 | Apr 20, 2020 | An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration of B&R products via SNMP. | ||
| CVE-2020-11928 | Cri | 0.64 | 9.8 | 0.04 | Apr 20, 2020 | In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin. | ||
| CVE-2019-20786 | — | Cri | 0.57 | 9.8 | 0.03 | Apr 19, 2020 | handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion. | |
| CVE-2020-11895 | Cri | 0.59 | 9.1 | 0.02 | Apr 19, 2020 | Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c. | ||
| CVE-2020-11894 | Cri | 0.59 | 9.1 | 0.02 | Apr 19, 2020 | Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c. | ||
| CVE-2020-0073 | Cri | 0.64 | 9.8 | 0.01 | Apr 17, 2020 | In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2020-0072 | Cri | 0.64 | 9.8 | 0.01 | Apr 17, 2020 | In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2020-0071 | Cri | 0.64 | 9.8 | 0.01 | Apr 17, 2020 | In rw_t2t_extract_default_locks_info of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2020-0070 | Cri | 0.64 | 9.8 | 0.01 | Apr 17, 2020 | In rw_t2t_update_lock_attributes of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2019-6203 | Cri | 0.64 | 9.8 | 0.04 | Apr 17, 2020 | A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic. | ||
| CVE-2020-11878 | Cri | 0.64 | 9.8 | 0.01 | Apr 17, 2020 | The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (such as passw0rd) for system accounts. | ||
| CVE-2020-11873 | Cri | 0.64 | 9.8 | 0.00 | Apr 17, 2020 | An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 (April 2020). | ||
| CVE-2019-20783 | Cri | 0.59 | 9.1 | 0.00 | Apr 17, 2020 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (North America CDMA) software. The LTE protocol implementation allows a bypass of AKA (Authentication and Key Agreement). The LG ID is LVE-SMP-180014 (February 2019). | ||
| CVE-2019-20782 | Cri | 0.64 | 9.8 | 0.00 | Apr 17, 2020 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. LG Advanced Flash (LAF) has a buffer overflow. The LG ID is LVE-SMP-190001 (March 2019). | ||
| CVE-2019-20780 | Cri | 0.64 | 9.8 | 0.00 | Apr 17, 2020 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Certain security settings, related to whether packages are verified and accepted only from known sources, are mishandled. The LG ID is LVE-SMP-190002 (April 2019). | ||
| CVE-2019-20778 | Cri | 0.64 | 9.8 | 0.00 | Apr 17, 2020 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Backup subsystem does not properly restrict operations or validate their input. The LG ID is LVE-SMP-190004 (June 2019). | ||
| CVE-2019-20777 | Cri | 0.64 | 9.8 | 0.00 | Apr 17, 2020 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 (July 2019). | ||
| CVE-2019-20772 | Cri | 0.64 | 9.8 | 0.00 | Apr 17, 2020 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 (August 2019). | ||
| CVE-2019-12002 | Cri | 0.64 | 9.8 | 0.02 | Apr 17, 2020 | A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and… | ||
| CVE-2020-10377 | Cri | 0.64 | 9.8 | 0.01 | Apr 17, 2020 | A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an attacker to access the system with compromised user credentials. | ||
| CVE-2020-10211 | Cri | 0.64 | 9.8 | 0.03 | Apr 17, 2020 | A remote code execution vulnerability in UCB component of Mitel MiVoice Connect before 19.1 SP1 could allow an unauthenticated remote attacker to execute arbitrary scripts due to insufficient validation of URL parameters. A successful exploit could allow an attacker to gain… | ||
| CVE-2019-20730 | Cri | 0.64 | 9.8 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39,… | ||
| CVE-2020-7485 | Cri | 0.64 | 9.8 | 0.02 | Apr 16, 2020 | **VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1 | ||
| CVE-2020-7224 | Cri | 0.64 | 9.8 | 0.02 | Apr 16, 2020 | The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load. | ||
| CVE-2020-7114 | Cri | 0.64 | 9.8 | 0.01 | Apr 16, 2020 | A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. As a result of this attack, a possible complete cluster compromise might occur.… | ||
| CVE-2020-1964 | — | Cri | 0.64 | 9.8 | 0.05 | Apr 16, 2020 | It was noticed that Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, and Release v-0.20.0-incubating does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerabilities (CWE-502: Deserialization of… | |
| CVE-2020-11820 | Cri | 0.64 | 9.8 | 0.02 | Apr 16, 2020 | Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the entities_id parameter. | ||
| CVE-2020-11819 | Cri | 0.69 | 9.8 | 0.27 | Apr 16, 2020 | In Rukovoditel 2.5.2, an attacker may inject an arbitrary .php file location instead of a language file and thus achieve command execution. | ||
| CVE-2020-11816 | Cri | 0.64 | 9.8 | 0.02 | Apr 16, 2020 | Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the reports_id (POST) parameter. | ||
| CVE-2020-11815 | Cri | 0.64 | 9.8 | 0.02 | Apr 16, 2020 | In Rukovoditel 2.5.2, attackers can upload arbitrary file to the server by just changing the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs without the Maintenance Mode setting. | ||
| CVE-2020-11812 | Cri | 0.64 | 9.8 | 0.02 | Apr 16, 2020 | Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the filters[0][value] or filters[1][value] parameter. | ||
| CVE-2020-11811 | Cri | 0.64 | 9.8 | 0.03 | Apr 16, 2020 | In qdPM 9.1, an attacker can upload a malicious .php file to the server by exploiting the Add Profile Photo capability with a crafted content-type value. After that, the attacker can execute an arbitrary command on the server using this malicious file. | ||
| CVE-2019-20699 | Cri | 0.64 | 9.8 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, and GSS108EPP before 1.0.0.15. | ||
| CVE-2020-3653 | Cri | 0.59 | 9.1 | 0.01 | Apr 16, 2020 | Possible buffer over-read in windows wlan driver function due to lack of check of length of variable received from userspace in Snapdragon Compute, Snapdragon Connectivity in MSM8998, QCA6390, SC7180, SC8180X, SDM850 |
- risk 0.65cvss 9.9epss 0.03
An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive.
- risk 0.00cvss 9.9epss 0.02
In Phproject before version 1.7.8, there's a vulnerability which allows users with access to file uploads to execute arbitrary code. This is patched in version 1.7.8.
- risk 0.57cvss 9.8epss 0.02
Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size.
- risk 0.59cvss 9.1epss 0.01
Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or editing user profiles and application settings.
- risk 0.59cvss 9.1epss 0.01
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. This issue…
- risk 0.64cvss 9.8epss 0.01
In JetBrains Space through 2020-04-22, the password authentication implementation was insecure.
- risk 0.64cvss 9.8epss 0.02
In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases.
- risk 0.64cvss 9.8epss 0.03
SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack. NOTE: This…
- risk 0.64cvss 9.8epss 0.03
In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial…
- risk 0.64cvss 9.8epss 0.03
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial…
- risk 0.64cvss 9.8epss 0.02
In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has…
- risk 0.64cvss 9.8epss 0.03
IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A hard-coded account allows management-interface login with high privileges. The logged-in user can perform critical tasks and take full control of the device.
- risk 0.59cvss 9.1epss 0.02
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The device can be reset to its default configuration by accessing an unauthenticated URL.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when accessing cgi modules. This allows one to perform administrative tasks (e.g., modify the admin password) with no authentication.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on port 65002 allows remote, unauthenticated exfiltration of administrative credentials.
- risk 0.61cvss 9.4epss 0.02
An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration of B&R products via SNMP.
- risk 0.64cvss 9.8epss 0.04
In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin.
- risk 0.57cvss 9.8epss 0.03
handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion.
- risk 0.59cvss 9.1epss 0.02
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c.
- risk 0.59cvss 9.1epss 0.02
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c.
- risk 0.64cvss 9.8epss 0.01
In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.64cvss 9.8epss 0.01
In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.64cvss 9.8epss 0.01
In rw_t2t_extract_default_locks_info of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for…
- risk 0.64cvss 9.8epss 0.01
In rw_t2t_update_lock_attributes of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.64cvss 9.8epss 0.04
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic.
- risk 0.64cvss 9.8epss 0.01
The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (such as passw0rd) for system accounts.
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 (April 2020).
- risk 0.59cvss 9.1epss 0.00
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (North America CDMA) software. The LTE protocol implementation allows a bypass of AKA (Authentication and Key Agreement). The LG ID is LVE-SMP-180014 (February 2019).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. LG Advanced Flash (LAF) has a buffer overflow. The LG ID is LVE-SMP-190001 (March 2019).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Certain security settings, related to whether packages are verified and accepted only from known sources, are mishandled. The LG ID is LVE-SMP-190002 (April 2019).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Backup subsystem does not properly restrict operations or validate their input. The LG ID is LVE-SMP-190004 (June 2019).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 (July 2019).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 (August 2019).
- risk 0.64cvss 9.8epss 0.02
A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and…
- risk 0.64cvss 9.8epss 0.01
A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an attacker to access the system with compromised user credentials.
- risk 0.64cvss 9.8epss 0.03
A remote code execution vulnerability in UCB component of Mitel MiVoice Connect before 19.1 SP1 could allow an unauthenticated remote attacker to execute arbitrary scripts due to insufficient validation of URL parameters. A successful exploit could allow an attacker to gain…
- risk 0.64cvss 9.8epss 0.01
Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39,…
- risk 0.64cvss 9.8epss 0.02
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1
- risk 0.64cvss 9.8epss 0.02
The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load.
- risk 0.64cvss 9.8epss 0.01
A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. As a result of this attack, a possible complete cluster compromise might occur.…
- risk 0.64cvss 9.8epss 0.05
It was noticed that Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, and Release v-0.20.0-incubating does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerabilities (CWE-502: Deserialization of…
- risk 0.64cvss 9.8epss 0.02
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the entities_id parameter.
- risk 0.69cvss 9.8epss 0.27
In Rukovoditel 2.5.2, an attacker may inject an arbitrary .php file location instead of a language file and thus achieve command execution.
- risk 0.64cvss 9.8epss 0.02
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the reports_id (POST) parameter.
- risk 0.64cvss 9.8epss 0.02
In Rukovoditel 2.5.2, attackers can upload arbitrary file to the server by just changing the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs without the Maintenance Mode setting.
- risk 0.64cvss 9.8epss 0.02
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the filters[0][value] or filters[1][value] parameter.
- risk 0.64cvss 9.8epss 0.03
In qdPM 9.1, an attacker can upload a malicious .php file to the server by exploiting the Add Profile Photo capability with a crafted content-type value. After that, the attacker can execute an arbitrary command on the server using this malicious file.
- risk 0.64cvss 9.8epss 0.01
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, and GSS108EPP before 1.0.0.15.
- risk 0.59cvss 9.1epss 0.01
Possible buffer over-read in windows wlan driver function due to lack of check of length of variable received from userspace in Snapdragon Compute, Snapdragon Connectivity in MSM8998, QCA6390, SC7180, SC8180X, SDM850