Show filters
71 topics marked with the following tags:
Displaying 11-20 of 71
Sort by:
Attacker Value
Very Low

CVE-2017-16249

Disclosure Date: November 10, 2017 (last updated July 30, 2020)
The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying (~300 seconds) with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web interface is inaccessible. An attacker can continuously send this malformed request to keep the device inaccessible to legitimate traffic.
Attacker Value
Very High

CVE-2020-0683

Disclosure Date: February 11, 2020 (last updated July 24, 2020)
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.
Attacker Value
Moderate

CVE-2017-6527

Disclosure Date: March 09, 2017 (last updated July 30, 2020)
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).
Attacker Value
Moderate

Chrome Cookie Extraction

Last updated March 16, 2020
Extract cookies from Chrome using Chrome's Remote Debugging Protocol
0
Attacker Value
Moderate

CVE-2020-16152

Disclosure Date: November 14, 2021 (last updated November 15, 2021)
The Aerohive/Extreme Networks HiveOS administrative webinterface (NetConfig) is vulnerable to LFI because it uses an old version of PHP vulnerable to string truncation attacks. An attacker is able to use this in conjunction with log poisoning to gain root rights on a vulnerable access point.
0
Attacker Value
Moderate

CVE-2019-19193

Disclosure Date: February 10, 2020 (last updated June 05, 2020)
The Bluetooth Low Energy peripheral implementation on Texas Instruments SIMPLELINK-CC2640R2-SDK through 3.30.00.20 and BLE-STACK through 1.5.0 before Q4 2019 for CC2640R2 and CC2540/1 devices does not properly restrict the advertisement connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.
Attacker Value
Low

CVE-2020-12695 "CallStranger"

Disclosure Date: June 08, 2020 (last updated July 20, 2020)
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
Attacker Value
Low

CVE-2020-6841

Disclosure Date: February 21, 2020 (last updated June 05, 2020)
D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.
Attacker Value
Low

CVE-2020-13386

Disclosure Date: May 27, 2020 (last updated June 05, 2020)
In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. Additionally, when the product is installed, two scheduled tasks are created on the machine, SDMsgUpdate (Local) and SDMsgUpdate (TE). The scheduled tasks run in the context of the user who installed the product. Both scheduled tasks attempt to run the same binary, C:\SmartDraw 2020\Messages\SDNotify.exe. The folder Messages doesn't exist by default and (by extension) neither does SDNotify.exe. Due to the weak folder permissions, these can be created by any user. A malicious actor can therefore create a malicious SDNotify.exe binary, and have it automatically run, whenever the user who installed the product logs on to the machine. The malicious SDNotify.exe could, for example, create a new local administrator account on the machine.
Attacker Value
Moderate

CVE-2019-17518

Disclosure Date: February 10, 2020 (last updated June 05, 2020)
The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 1.0.14.1081 for DA1468x devices responds to link layer packets with a payload length larger than expected, allowing attackers in radio range to cause a buffer overflow via a crafted packet. This affects, for example, August Smart Lock.