National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 139,784 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2020-15065

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to denial-of-service the device via long input values.

Published: August 07, 2020; 06:15:13 PM -04:00
(not available)
CVE-2020-15064

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.

Published: August 07, 2020; 06:15:13 PM -04:00
(not available)
CVE-2020-15063

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.

Published: August 07, 2020; 06:15:13 PM -04:00
(not available)
CVE-2020-15062

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.

Published: August 07, 2020; 06:15:13 PM -04:00
(not available)
CVE-2020-15061

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.

Published: August 07, 2020; 06:15:13 PM -04:00
(not available)
CVE-2020-15060

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.

Published: August 07, 2020; 06:15:13 PM -04:00
(not available)
CVE-2020-15059

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.

Published: August 07, 2020; 06:15:13 PM -04:00
(not available)
CVE-2020-15058

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.

Published: August 07, 2020; 06:15:13 PM -04:00
(not available)
CVE-2020-15057

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values.

Published: August 07, 2020; 06:15:12 PM -04:00
(not available)
CVE-2020-15056

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.

Published: August 07, 2020; 06:15:12 PM -04:00
(not available)
CVE-2020-15055

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.

Published: August 07, 2020; 06:15:12 PM -04:00
(not available)
CVE-2020-15054

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.

Published: August 07, 2020; 06:15:12 PM -04:00
(not available)
CVE-2019-7005

A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 through 11.0.4.2.

Published: August 07, 2020; 06:15:12 PM -04:00
(not available)
CVE-2020-5412

Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x prior to 2.1.6, and older unsupported versions allow applications to use the Hystrix Dashboard proxy.stream endpoint to make requests to any server reachable by the server hosting the dashboard. A malicious user, or attacker, can send a request to other servers that should not be exposed publicly.

Published: August 07, 2020; 05:15:10 PM -04:00
(not available)
CVE-2020-15480

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling process. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys.

Published: August 07, 2020; 05:15:10 PM -04:00
(not available)
CVE-2020-15479

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver's IOCTL request handler attempts to copy the input buffer onto the stack without checking its size and can cause a buffer overflow. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys.

Published: August 07, 2020; 05:15:10 PM -04:00
(not available)
CVE-2020-17352

Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code.

Published: August 07, 2020; 04:15:12 PM -04:00
(not available)
CVE-2020-16169

Temi Robox OS 117.21 through 119.24 allows Authentication Bypass via an Alternate Path or Channel.

Published: August 07, 2020; 04:15:12 PM -04:00
(not available)
CVE-2020-16167

Temi Launcher OS 11969 through 13146 has Missing Authentication for a Critical Function.

Published: August 07, 2020; 04:15:12 PM -04:00
(not available)
CVE-2020-15907

In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before 20.04.1, certain places could execute file or folder names containing JavaScript.

Published: August 07, 2020; 04:15:12 PM -04:00
(not available)