Last 20 Scored Vulnerability IDs & Summaries
CVSS Severity
-
CVE-2020-1711 —
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_s... read CVE-2020-1711
Published: February 11, 2020; 03:15:11 PM -05:00
-
CVE-2013-7098 —
OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.
Published: February 13, 2020; 06:15:11 PM -05:00
-
CVE-2020-1855 —
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to... read CVE-2020-1855
Published: February 17, 2020; 10:15:11 PM -05:00
-
CVE-2019-18791 —
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser.
Published: February 13, 2020; 11:15:11 AM -05:00
-
CVE-2013-6927 —
Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account.
Published: February 13, 2020; 06:15:11 PM -05:00
-
CVE-2020-7050 —
Codologic Codoforum through 4.8.4 allows a DOM-based XSS. While creating a new topic as a normal user, it is possible to add a poll that is automatically loaded in the DOM once the thread/topic is opened. Because session cookies lack the HttpOnly fla... read CVE-2020-7050
Published: February 15, 2020; 01:19:50 PM -05:00
-
CVE-2020-7597 —
codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js. This vulnerability exists due to an incomplete fix... read CVE-2020-7597
Published: February 17, 2020; 02:15:12 PM -05:00
-
CVE-2019-18998 —
Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource's URL can acces... read CVE-2019-18998
Published: February 17, 2020; 02:15:12 PM -05:00
-
CVE-2020-9021 —
Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system commands through timeconfig.py via shell metacharacters in the htmlNtpServer par... read CVE-2020-9021
Published: February 16, 2020; 11:15:10 PM -05:00
-
CVE-2020-8128 —
An unintended require and server-side request forgery vulnerabilities in jsreport version 2.5.0 and earlier allow attackers to execute arbitrary code.
Published: February 14, 2020; 05:15:10 PM -05:00
-
CVE-2019-19325 —
SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows Reflected XSS on the login form and custom forms. Silverstripe Forms allow malicious HTML or JavaScript to be inserted through non-scalar FormField attributes, which allows perform... read CVE-2019-19325
Published: February 17, 2020; 03:15:11 PM -05:00
-
CVE-2020-1693 —
A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of... read CVE-2020-1693
Published: February 17, 2020; 03:15:11 PM -05:00
-
CVE-2020-1828 —
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module... read CVE-2020-1828
Published: February 17, 2020; 03:15:11 PM -05:00
-
CVE-2013-7173 —
Belkin n750 routers have a buffer overflow.
Published: February 13, 2020; 06:15:11 PM -05:00
-
CVE-2020-1857 —
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. Due to... read CVE-2020-1857
Published: February 17, 2020; 03:15:11 PM -05:00
-
CVE-2020-1841 —
Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6500 versions V100R001C00, V500R002C00, and V500R002C00SPC900; and TE60 versions V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00, and V600R0... read CVE-2020-1841
Published: February 17, 2020; 04:15:12 PM -05:00
-
CVE-2020-1858 —
Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00... read CVE-2020-1858
Published: February 17, 2020; 03:15:11 PM -05:00
-
CVE-2013-5687 —
RiskNet Acquirer before hotfix 6.0 b7+ADHOC-443 ApplicationServiceBean contains a service information disclosure.
Published: February 13, 2020; 07:15:11 PM -05:00
-
CVE-2020-1815 —
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficien... read CVE-2020-1815
Published: February 17, 2020; 07:15:11 PM -05:00
-
CVE-2020-8991 —
vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs.
Published: February 14, 2020; 12:15:13 AM -05:00