| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-6967 | Cri | 0.64 | 9.8 | 0.05 | Mar 23, 2020 | In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data. | ||
| CVE-2020-7480 | Cri | 0.64 | 9.8 | 0.01 | Mar 23, 2020 | A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data. | ||
| CVE-2020-5722 | Cri | 0.85 | 9.8 | 0.84 | KEV | Mar 23, 2020 | The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery… | |
| CVE-2019-6560 | Cri | 0.59 | 9.1 | 0.01 | Mar 23, 2020 | In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak. | ||
| CVE-2020-7475 | Cri | 0.64 | 9.8 | 0.02 | Mar 23, 2020 | A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to… | ||
| CVE-2019-20627 | — | Cri | 0.57 | 9.8 | 0.02 | Mar 23, 2020 | AutoUpdater.cs in AutoUpdater.NET before 1.5.8 allows XXE. | |
| CVE-2020-9760 | Cri | 0.00 | 9.8 | 0.02 | Mar 23, 2020 | An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick. | ||
| CVE-2020-10661 | — | Cri | 0.52 | 9.1 | 0.01 | Mar 23, 2020 | HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4. | |
| CVE-2020-9752 | Cri | 0.64 | 9.8 | 0.01 | Mar 23, 2020 | Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe. | ||
| CVE-2020-10806 | — | Cri | 0.64 | 9.8 | 0.02 | Mar 22, 2020 | eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration… | |
| CVE-2019-12767 | Cri | 0.64 | 9.8 | 0.02 | Mar 21, 2020 | An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands. | ||
| CVE-2013-7487 | Cri | 0.64 | 9.8 | 0.03 | Mar 21, 2020 | On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote attackers to execute arbitrary code via TCP port 9000. | ||
| CVE-2020-10799 | — | Cri | 0.57 | 9.8 | 0.01 | Mar 20, 2020 | The svglib package through 0.9.3 for Python allows XXE attacks via an svg2rlg call. | |
| CVE-2019-11574 | Cri | 0.64 | 9.8 | 0.01 | Mar 20, 2020 | An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls. | ||
| CVE-2019-18641 | Cri | 0.57 | 9.8 | 0.03 | Mar 20, 2020 | Rock RMS before 1.8.6 mishandles vCard access control within the People/GetVCard/REST controller. | ||
| CVE-2019-15522 | Cri | 0.00 | 9.8 | 0.02 | Mar 20, 2020 | An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL. | ||
| CVE-2020-8137 | — | Cri | 0.64 | 9.8 | 0.04 | Mar 20, 2020 | Code injection vulnerability in blamer 1.0.0 and earlier may result in remote code execution when the input can be controlled by an attacker. | |
| CVE-2020-8135 | Cri | 0.64 | 9.8 | 0.01 | Mar 20, 2020 | The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems. | ||
| CVE-2020-7961 | — | Cri | 0.87 | 9.8 | 1.00 | KEV | Mar 20, 2020 | Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS). |
| CVE-2019-12498 | Cri | 0.64 | 9.8 | 0.02 | Mar 20, 2020 | The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism. | ||
| CVE-2019-19148 | Cri | 0.64 | 9.8 | 0.08 | Mar 20, 2020 | Tellabs Optical Line Terminal (OLT) 1150 devices allow Remote Command Execution via the -l option to TELNET or SSH. Tellabs has addressed this issue in the SR30.1 and SR31.1 release on February 18, 2020. | ||
| CVE-2018-20334 | Cri | 0.64 | 9.8 | 0.04 | Mar 20, 2020 | An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell. | ||
| CVE-2019-16072 | Cri | 0.69 | 9.8 | 0.25 | Mar 20, 2020 | An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ip_address variable within an snmp_browser action. | ||
| CVE-2019-16064 | Cri | 0.63 | 9.6 | 0.01 | Mar 19, 2020 | NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possible for an attacker to list… | ||
| CVE-2019-12127 | Cri | 0.64 | 9.8 | 0.01 | Mar 19, 2020 | In ONAP OOM through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected. | ||
| CVE-2019-12126 | Cri | 0.64 | 9.8 | 0.01 | Mar 19, 2020 | In ONAP DCAE through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected. | ||
| CVE-2019-12125 | Cri | 0.64 | 9.8 | 0.01 | Mar 19, 2020 | In ONAP Logging through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected. | ||
| CVE-2019-16382 | Cri | 0.64 | 9.8 | 0.03 | Mar 19, 2020 | An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the WMTemp work folder used by PowerGrid. A malicious PowerGrid XML file can then be created, after which the folder is renamed back to its… | ||
| CVE-2019-12130 | Cri | 0.64 | 9.8 | 0.02 | Mar 19, 2020 | In ONAP CLI through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected. | ||
| CVE-2019-12129 | Cri | 0.64 | 9.8 | 0.02 | Mar 19, 2020 | In ONAP MSB through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected. | ||
| CVE-2019-12128 | Cri | 0.64 | 9.8 | 0.02 | Mar 19, 2020 | In ONAP SO through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected. | ||
| CVE-2020-9423 | Cri | 0.64 | 9.8 | 0.05 | Mar 18, 2020 | LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, such as version control,… | ||
| CVE-2020-10674 | Cri | 0.64 | 9.8 | 0.01 | Mar 18, 2020 | PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open. | ||
| CVE-2019-19676 | Cri | 0.63 | 9.6 | 0.01 | Mar 18, 2020 | A CSV injection in arxes-tolina 3.0.0 allows malicious users to gain remote control of other computers. By entering formula code in the following columns: Kundennummer, Firma, Street, PLZ, Ort, Zahlziel, and Bemerkung, an attacker can create a user with a name that contains… | ||
| CVE-2019-12132 | Cri | 0.64 | 9.8 | 0.01 | Mar 18, 2020 | An issue was discovered in ONAP SDNC before Dublin. By executing sla/dgUpload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected. | ||
| CVE-2019-12131 | Cri | 0.59 | 9.1 | 0.01 | Mar 18, 2020 | An issue was detected in ONAP APPC through Dublin and SDC through Dublin. By setting a USER_ID parameter in an HTTP header, an attacker may impersonate an arbitrary existing user without any authentication. All APPC and SDC setups are affected. | ||
| CVE-2019-12124 | Cri | 0.59 | 9.1 | 0.01 | Mar 18, 2020 | An issue was discovered in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected. | ||
| CVE-2019-12120 | Cri | 0.64 | 9.8 | 0.02 | Mar 18, 2020 | An issue was discovered in ONAP VNFSDK through Dublin. By accessing port 8000 of demo-vnfsdk-vnfsdk, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected. | ||
| CVE-2019-12119 | Cri | 0.64 | 9.8 | 0.02 | Mar 18, 2020 | An issue was discovered in ONAP SDC through Dublin. By accessing port 7000 of demo-sdc-sdc-wfd-fe pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are… | ||
| CVE-2019-12118 | Cri | 0.64 | 9.8 | 0.02 | Mar 18, 2020 | An issue was discovered in ONAP SDC through Dublin. By accessing port 7001 of demo-sdc-sdc-wfd-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are… | ||
| CVE-2019-12117 | Cri | 0.64 | 9.8 | 0.02 | Mar 18, 2020 | An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are… | ||
| CVE-2019-12116 | Cri | 0.64 | 9.8 | 0.02 | Mar 18, 2020 | An issue was discovered in ONAP SDC through Dublin. By accessing port 6000 of demo-sdc-sdc-fe pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected. | ||
| CVE-2019-12115 | Cri | 0.64 | 9.8 | 0.02 | Mar 18, 2020 | An issue was discovered in ONAP SDC through Dublin. By accessing port 4000 of demo-sdc-sdc-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected. | ||
| CVE-2019-12114 | Cri | 0.64 | 9.8 | 0.02 | Mar 18, 2020 | An issue was discovered in ONAP HOLMES before Dublin. By accessing port 9202 of dep-holmes-engine-mgmt pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are… | ||
| CVE-2019-12112 | Cri | 0.64 | 9.8 | 0.01 | Mar 18, 2020 | An issue was discovered in ONAP SDNC before Dublin. By executing sla/upload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected. | ||
| CVE-2020-3922 | Cri | 0.64 | 9.8 | 0.01 | Mar 18, 2020 | LisoMail, by ArmorX, allows SQL Injections, attackers can access the database without authentication via a URL parameter manipulation. | ||
| CVE-2020-8600 | Cri | 0.64 | 9.8 | 0.04 | Mar 18, 2020 | Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected by a directory traversal vulnerability that could allow an attacker to manipulate a key file to bypass authentication. | ||
| CVE-2020-8599 | Cri | 0.77 | 9.8 | 0.12 | KEV | Mar 18, 2020 | Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability. | |
| CVE-2020-8598 | Cri | 0.65 | 9.8 | 0.13 | Mar 18, 2020 | Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not… | ||
| CVE-2020-10121 | Cri | 0.64 | 9.8 | 0.02 | Mar 17, 2020 | cPanel before 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-546). |
- risk 0.64cvss 9.8epss 0.05
In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.
- risk 0.64cvss 9.8epss 0.01
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data.
- risk 0.85cvss 9.8epss 0.84
The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery…
- risk 0.59cvss 9.1epss 0.01
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.
- risk 0.64cvss 9.8epss 0.02
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to…
- risk 0.57cvss 9.8epss 0.02
AutoUpdater.cs in AutoUpdater.NET before 1.5.8 allows XXE.
- risk 0.00cvss 9.8epss 0.02
An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick.
- risk 0.52cvss 9.1epss 0.01
HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4.
- risk 0.64cvss 9.8epss 0.01
Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe.
- risk 0.64cvss 9.8epss 0.02
eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.
- risk 0.64cvss 9.8epss 0.03
On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote attackers to execute arbitrary code via TCP port 9000.
- risk 0.57cvss 9.8epss 0.01
The svglib package through 0.9.3 for Python allows XXE attacks via an svg2rlg call.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls.
- risk 0.57cvss 9.8epss 0.03
Rock RMS before 1.8.6 mishandles vCard access control within the People/GetVCard/REST controller.
- risk 0.00cvss 9.8epss 0.02
An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL.
- risk 0.64cvss 9.8epss 0.04
Code injection vulnerability in blamer 1.0.0 and earlier may result in remote code execution when the input can be controlled by an attacker.
- risk 0.64cvss 9.8epss 0.01
The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems.
- risk 0.87cvss 9.8epss 1.00
Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).
- risk 0.64cvss 9.8epss 0.02
The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism.
- risk 0.64cvss 9.8epss 0.08
Tellabs Optical Line Terminal (OLT) 1150 devices allow Remote Command Execution via the -l option to TELNET or SSH. Tellabs has addressed this issue in the SR30.1 and SR31.1 release on February 18, 2020.
- risk 0.64cvss 9.8epss 0.04
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
- risk 0.69cvss 9.8epss 0.25
An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ip_address variable within an snmp_browser action.
- risk 0.63cvss 9.6epss 0.01
NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possible for an attacker to list…
- risk 0.64cvss 9.8epss 0.01
In ONAP OOM through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.
- risk 0.64cvss 9.8epss 0.01
In ONAP DCAE through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.
- risk 0.64cvss 9.8epss 0.01
In ONAP Logging through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.
- risk 0.64cvss 9.8epss 0.03
An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the WMTemp work folder used by PowerGrid. A malicious PowerGrid XML file can then be created, after which the folder is renamed back to its…
- risk 0.64cvss 9.8epss 0.02
In ONAP CLI through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.
- risk 0.64cvss 9.8epss 0.02
In ONAP MSB through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.
- risk 0.64cvss 9.8epss 0.02
In ONAP SO through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.
- risk 0.64cvss 9.8epss 0.05
LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, such as version control,…
- risk 0.64cvss 9.8epss 0.01
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open.
- risk 0.63cvss 9.6epss 0.01
A CSV injection in arxes-tolina 3.0.0 allows malicious users to gain remote control of other computers. By entering formula code in the following columns: Kundennummer, Firma, Street, PLZ, Ort, Zahlziel, and Bemerkung, an attacker can create a user with a name that contains…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in ONAP SDNC before Dublin. By executing sla/dgUpload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected.
- risk 0.59cvss 9.1epss 0.01
An issue was detected in ONAP APPC through Dublin and SDC through Dublin. By setting a USER_ID parameter in an HTTP header, an attacker may impersonate an arbitrary existing user without any authentication. All APPC and SDC setups are affected.
- risk 0.59cvss 9.1epss 0.01
An issue was discovered in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in ONAP VNFSDK through Dublin. By accessing port 8000 of demo-vnfsdk-vnfsdk, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in ONAP SDC through Dublin. By accessing port 7000 of demo-sdc-sdc-wfd-fe pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in ONAP SDC through Dublin. By accessing port 7001 of demo-sdc-sdc-wfd-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in ONAP SDC through Dublin. By accessing port 6000 of demo-sdc-sdc-fe pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in ONAP SDC through Dublin. By accessing port 4000 of demo-sdc-sdc-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in ONAP HOLMES before Dublin. By accessing port 9202 of dep-holmes-engine-mgmt pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in ONAP SDNC before Dublin. By executing sla/upload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected.
- risk 0.64cvss 9.8epss 0.01
LisoMail, by ArmorX, allows SQL Injections, attackers can access the database without authentication via a URL parameter manipulation.
- risk 0.64cvss 9.8epss 0.04
Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected by a directory traversal vulnerability that could allow an attacker to manipulate a key file to bypass authentication.
- risk 0.77cvss 9.8epss 0.12
Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability.
- risk 0.65cvss 9.8epss 0.13
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not…
- risk 0.64cvss 9.8epss 0.02
cPanel before 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-546).