Show filters
85 topics marked with the following tags:
Displaying 1-10 of 85
Sort by:
Attacker Value
Very High

CVE-2020-10977

Disclosure Date: April 08, 2020 (last updated October 06, 2023)
GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.
Attacker Value
Very Low

CVE-2020-6842

Disclosure Date: February 21, 2020 (last updated October 06, 2023)
D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name.
Attacker Value
Moderate

CVE-2017-6529

Disclosure Date: March 09, 2017 (last updated October 05, 2023)
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter.
Attacker Value
Moderate

CVE-2019-19194

Disclosure Date: February 12, 2020 (last updated October 06, 2023)
The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices installs a zero long term key (LTK) if an out-of-order link-layer encryption request is received during Secure Connections pairing. An attacker in radio range can have arbitrary read/write access to protected GATT service data, cause a device crash, or possibly control a device's function by establishing an encrypted session with the zero LTK.
Attacker Value
Very High

CVE-2020-9691

Disclosure Date: July 29, 2020 (last updated October 07, 2023)
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution.
Attacker Value
Very High

CVE-2020-14500

Last updated July 31, 2020
The discovered bug occurs due to improper handling of some of the HTTP request headers provided by the client. This could allow an attacker to remotely exploit GateManager to achieve remote code execution without any authentication required. If carried out successfully, such an attack could result in a complete security breach that grants full access to a customer’s internal network, along with the ability to decrypt all traffic that passes through the VPN.
0
Attacker Value
Moderate

CVE-2017-6527

Disclosure Date: March 09, 2017 (last updated October 05, 2023)
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).
Attacker Value
Moderate

Chrome Cookie Extraction

Last updated March 16, 2020
Extract cookies from Chrome using Chrome's Remote Debugging Protocol
0
Attacker Value
Moderate

CVE-2020-15612 — CentOS Web Panel Authentication Bypass/RCE

Disclosure Date: July 28, 2020 (last updated October 07, 2023)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_ftp_manager.php. When parsing the userLogin parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9737.
Attacker Value
Very High
Security researchers at Claroty [published details](https://www.claroty.com/2020/07/28/vpn-security-flaws/) on multiple pre-auth remote code execution vulnerabilities affecting virtual private network (VPN) implementations primarily used to provide remote access to operational technology (OT) networks. The vulnerabilities could allow unauthenticated attackers to execute arbitrary code. Individual CVEs referenced in Claroty's research include CVE-2020-14500, CVE-2020-14508, CVE-2020-14510, CVE-2020-14512, CVE-2020-14511, and CVE-2020-14498. Affected products include Secomea GateManager, Moxa EDR-G902/3 industrial VPN servers, and eWon by HMS Networks.
2