Last 20 Scored Vulnerability IDs & Summaries
CVSS Severity
-
CVE-2020-11985 —
IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in... read CVE-2020-11985
Published: August 07, 2020; 12:15:11 PM -04:00
-
CVE-2020-11993 —
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLev... read CVE-2020-11993
Published: August 07, 2020; 12:15:11 PM -04:00
-
CVE-2020-11984 —
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
Published: August 07, 2020; 12:15:11 PM -04:00
-
CVE-2020-15114 —
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the e... read CVE-2020-15114
Published: August 06, 2020; 07:15:11 PM -04:00
-
CVE-2020-15115 —
etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computa... read CVE-2020-15115
Published: August 06, 2020; 06:15:12 PM -04:00
-
CVE-2020-8575 —
Active IQ Unified Manager for VMware vSphere and Windows versions prior to 9.5 are susceptible to a vulnerability which allows administrative users to cause Denial of Service (DoS).
Published: August 03, 2020; 01:15:12 PM -04:00
-
CVE-2014-1422 —
In Ubuntu's trust-store, if a user revokes location access from an application, the location is still available to the application because the application will honour incorrect, cached permissions. This is because the cache was not ordered by creatio... read CVE-2014-1422
Published: July 22, 2020; 02:15:11 PM -04:00
-
CVE-2020-16227 —
Delta Electronics TPEditor Versions 1.97 and prior. An improper input validation may be exploited by processing a specially crafted project file not validated when the data is entered by a user. Successful exploitation of this vulnerability may allow... read CVE-2020-16227
Published: August 06, 2020; 08:15:11 PM -04:00
-
CVE-2020-16225 —
Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute... read CVE-2020-16225
Published: August 06, 2020; 08:15:11 PM -04:00
-
CVE-2020-16223 —
Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute... read CVE-2020-16223
Published: August 06, 2020; 08:15:11 PM -04:00
-
CVE-2020-16221 —
Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute... read CVE-2020-16221
Published: August 06, 2020; 08:15:11 PM -04:00
-
CVE-2020-16219 —
Delta Electronics TPEditor Versions 1.97 and prior. An out-of-bounds read may be exploited by processing specially crafted project files. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrar... read CVE-2020-16219
Published: August 06, 2020; 08:15:11 PM -04:00
-
CVE-2020-15057 —
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values.
Published: August 07, 2020; 06:15:12 PM -04:00
-
CVE-2020-15056 —
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
Published: August 07, 2020; 06:15:12 PM -04:00
-
CVE-2020-15055 —
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
Published: August 07, 2020; 06:15:12 PM -04:00
-
CVE-2020-15054 —
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
Published: August 07, 2020; 06:15:12 PM -04:00
-
CVE-2020-15061 —
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.
Published: August 07, 2020; 06:15:13 PM -04:00
-
CVE-2020-15060 —
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
Published: August 07, 2020; 06:15:13 PM -04:00
-
CVE-2020-15059 —
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
Published: August 07, 2020; 06:15:13 PM -04:00
-
CVE-2020-15058 —
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
Published: August 07, 2020; 06:15:13 PM -04:00