CVE-2020-22732
CMS Made Simple (CMSMS) 2.2.14 allows stored XSS via the Extensions > Fie Picker.. Devamını Oku
Devamını oku
CVE-2020-22724
A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1. Devamını Oku
CVE-2020-22719 (document)
Shimo Document v2.0.1 contains a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the table content text field. Devamını Oku
CVE-2020-22719
Shimo Document v2.0.1 contains a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the table content text field. Devamını Oku
CVE-2020-22679
Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. Devamını Oku
CVE-2020-22678
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. Devamını Oku
CVE-2020-22677
An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. Devamını Oku
CVE-2020-22675
An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. Devamını Oku
CVE-2020-22674
An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input. Devamını Oku
CVE-2020-22673
Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. Devamını Oku
CVE-2020-22669
Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass Modsecurity WAF protection and implement SQL injection attacks on Web applications. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
CVE-2020-22662
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows…