Show filters
70 topics marked with the following tags:
Displaying 1-10 of 70
Sort by:
Attacker Value
Very High

CVE-2020-10977

Disclosure Date: April 08, 2020 (last updated June 05, 2020)
GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.
Attacker Value
Very Low

CVE-2020-6842

Disclosure Date: February 21, 2020 (last updated June 05, 2020)
D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name.
Attacker Value
Moderate

CVE-2017-6529

Disclosure Date: March 09, 2017 (last updated June 05, 2020)
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter.
Attacker Value
Moderate

CVE-2019-19194

Disclosure Date: February 12, 2020 (last updated June 05, 2020)
The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices installs a zero long term key (LTK) if an out-of-order link-layer encryption request is received during Secure Connections pairing. An attacker in radio range can have arbitrary read/write access to protected GATT service data, cause a device crash, or possibly control a device's function by establishing an encrypted session with the zero LTK.
Attacker Value
Very High

CVE-2020-9691

Disclosure Date: July 29, 2020 (last updated July 30, 2020)
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution.
Attacker Value
Very High

CVE-2020-14500

Last updated July 31, 2020
The discovered bug occurs due to improper handling of some of the HTTP request headers provided by the client. This could allow an attacker to remotely exploit GateManager to achieve remote code execution without any authentication required. If carried out successfully, such an attack could result in a complete security breach that grants full access to a customer’s internal network, along with the ability to decrypt all traffic that passes through the VPN.
0
Attacker Value
Moderate

CVE-2020-15612 — CentOS Web Panel Authentication Bypass/RCE

Disclosure Date: July 28, 2020 (last updated July 29, 2020)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_ftp_manager.php. When parsing the userLogin parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9737.
Attacker Value
Very High
Security researchers at Claroty [published details](https://www.claroty.com/2020/07/28/vpn-security-flaws/) on multiple pre-auth remote code execution vulnerabilities affecting virtual private network (VPN) implementations primarily used to provide remote access to operational technology (OT) networks. The vulnerabilities could allow unauthenticated attackers to execute arbitrary code. Individual CVEs referenced in Claroty's research include CVE-2020-14500, CVE-2020-14508, CVE-2020-14510, CVE-2020-14512, CVE-2020-14511, and CVE-2020-14498. Affected products include Secomea GateManager, Moxa EDR-G902/3 industrial VPN servers, and eWon by HMS Networks.
1
Attacker Value
Moderate

CVE-2020-16152

Disclosure Date: November 14, 2021 (last updated November 15, 2021)
The Aerohive/Extreme Networks HiveOS administrative webinterface (NetConfig) is vulnerable to LFI because it uses an old version of PHP vulnerable to string truncation attacks. An attacker is able to use this in conjunction with log poisoning to gain root rights on a vulnerable access point.
0
Attacker Value
Moderate

CVE-2019-19193

Disclosure Date: February 10, 2020 (last updated June 05, 2020)
The Bluetooth Low Energy peripheral implementation on Texas Instruments SIMPLELINK-CC2640R2-SDK through 3.30.00.20 and BLE-STACK through 1.5.0 before Q4 2019 for CC2640R2 and CC2540/1 devices does not properly restrict the advertisement connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.