CVE-2020-19038 (halo)
File Deletion vulnerability in Halo 0.4.3 via delBackup. Devamını Oku
Devamını oku
CVE-2020-18544
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php". Devamını Oku
CVE-2020-19907
A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service. Devamını Oku
CVE-2020-18544 (wms)
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php". Devamını Oku
CVE-2020-19907 (caldera)
A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service. Devamını Oku
CVE-2020-11307
Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Devamını Oku
CVE-2020-11307 (apq8009w_firmware, apq8017_firmware, apq8053_firmware, apq8064au_firmware, apq8096au_firmware, aqt1000_firmware, msm8909w_firmware, msm8917_firmware, msm8937_firmware, msm8953_firmware, msm8996au_firmware, pm8937_firmware, qca6320_firmware, qca6390_firmware, qca6391_firmware, qca6420_firmware, qca6421_firmware, qca6426_firmware, qca6430_firmware, qca6431_firmware, qca6436_firmware, qca6564_firmware, qca6564a_firmware, qca6564au_firmware, qca6574_firmware, qca6574a_firmware, qca6574au_firmware, qca6595_firmware, qca6595au_firmware, qca6696_firmware, qcm2290_firmware, qcm4290_firmware, qcm6125_firmware, qcs2290_firmware, qcs4290_firmware, qcs603_firmware, qcs605_firmware, qcs610_firmware, qcs6125_firmware, qualcomm215_firmware, sa6145p_firmware, sa6150p_firmware, sa6155_firmware, sa6155p_firmware, sa8145p_firmware, sa8150p_firmware, sa8155_firmware, sa8155p_firmware, sa8195p_firmware, sd_455_firmware, sd_636_firmware, sd_675_firmware, sd205_firmware, sd210_firmware, sd429_firmware, sd439_firmware, sd450_firmware, sd460_firmware, sd480_firmware, sd632_firmware, sd660_firmware, sd662_firmware, sd665_firmware, sd670_firmware, sd675_firmware, sd678_firmware, sd690_5g_firmware, sd720g_firmware, sd730_firmware, sd750g_firmware, sd765_firmware, sd765g_firmware, sd768g_firmware, sd778g_firmware, sd780g_firmware, sd835_firmware, sd855_firmware, sd865_5g_firmware, sd870_firmware, sd888_5g_firmware, sd888_firmware, sdm429w_firmware, sdm630_firmware, sdm830_firmware, sdw2500_firmware, sdx50m_firmware, sdx55_firmware, sdx55m_firmware, sdxr1_firmware, sdxr2_5g_firmware, sm4125_firmware, sm6250_firmware, sm6250p_firmware, sm7250p_firmware, sm7315_firmware, sm7325p_firmware, wcd9335_firmware, wcd9370_firmware, wcd9371_firmware, wcd9375_firmware, wcd9380_firmware, wcd9385_firmware, wcn3610_firmware, wcn3615_firmware, wcn3620_firmware, wcn3660_firmware, wcn3660b_firmware, wcn3680_firmware, wcn3680b_firmware, wcn3910_firmware, wcn3950_firmware, wcn3988_firmware, wcn3991_firmware, wcn3998_firmware, wcn6740_firmware, wcn6750_firmware, wcn6850_firmware, wcn6851_firmware, wcn6856_firmware, wsa8830_firmware, wsa8835_firmware)
Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Devamını Oku
CVE-2020-26153
A cross-site scripting (XSS) vulnerability in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php in the Event Espresso Core plugin before 4.10.7.p for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. Devamını Oku
CVE-2020-28400
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions), RUGGEDCOM RM1224 (All Versions < 6.4), SCALANCE M-800 (All Versions < 6.4), SCALANCE S615 (All Versions < 6.4), SCALANCE W1700…
CVE-2020-26153 (event_espresso)
A cross-site scripting (XSS) vulnerability in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php in the Event Espresso Core plugin before 4.10.7.p for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. Devamını Oku
CVE-2020-20250
Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference. Devamını Oku
CVE-2020-20250 (routeros)
Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference. Devamını Oku