Search Results (Refine Search)

Search Parameters:
There are 147,980 matching records.
Displaying matches 421 through 440.
Vuln ID Summary CVSS Severity
CVE-2020-27220

The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. The missing check involves verifying that the command target device is configured giving permission for the gateway device to act on its behalf. This means an authenticated device of a certain tenant, notably also a non-gateway device acting like a gateway, may receive command & control messages targeted at a different device of the same tenant without corresponding permissions getting checked.

Published: January 14, 2021; 6:15:13 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.0 HIGH
CVE-2020-27219

In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client.

Published: January 14, 2021; 6:15:12 PM -0500
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-6572

Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

Published: January 14, 2021; 4:15:13 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2020-29495

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high privileges. This vulnerability is considered critical as it can be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the earliest opportunity.

Published: January 14, 2021; 4:15:13 PM -0500
V3.1: 10.0 CRITICAL
V2.0: 10.0 HIGH
CVE-2020-29494

Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM. A remote user could potentially exploit this vulnerability, to gain unauthorized write access to the arbitrary files stored on the server filesystem, causing deletion of arbitrary files.

Published: January 14, 2021; 4:15:13 PM -0500
V3.1: 8.7 HIGH
V2.0: 5.5 MEDIUM
CVE-2020-29493

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database, causing unauthorized read and write access to application data. Exploitation may lead to leakage or deletion of sensitive backup data; hence the severity is Critical. Dell EMC recommends customers to upgrade at the earliest opportunity.

Published: January 14, 2021; 4:15:13 PM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-16046

Script injection in iOSWeb in Google Chrome on iOS prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

Published: January 14, 2021; 4:15:13 PM -0500
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-16045

Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Published: January 14, 2021; 4:15:13 PM -0500
V3.1: 9.6 CRITICAL
V2.0: 6.8 MEDIUM
CVE-2021-22132

Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. This issue is fixed in Elasticsearch 7.10.2

Published: January 14, 2021; 3:15:13 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2021-21261

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape). This sandbox-escape bug is present in versions from 0.11.4 and before fixed versions 1.8.5 and 1.10.0. The Flatpak portal D-Bus service (`flatpak-portal`, also known by its D-Bus service name `org.freedesktop.portal.Flatpak`) allows apps in a Flatpak sandbox to launch their own subprocesses in a new sandbox instance, either with the same security settings as the caller or with more restrictive security settings. For example, this is used in Flatpak-packaged web browsers such as Chromium to launch subprocesses that will process untrusted web content, and give those subprocesses a more restrictive sandbox than the browser itself. In vulnerable versions, the Flatpak portal service passes caller-specified environment variables to non-sandboxed processes on the host system, and in particular to the `flatpak run` command that is used to launch the new sandbox instance. A malicious or compromised Flatpak app could set environment variables that are trusted by the `flatpak run` command, and use them to execute arbitrary code that is not in a sandbox. As a workaround, this vulnerability can be mitigated by preventing the `flatpak-portal` service from starting, but that mitigation will prevent many Flatpak apps from working correctly. This is fixed in versions 1.8.5 and 1.10.0.

Published: January 14, 2021; 3:15:12 PM -0500
V3.1: 7.3 HIGH
V2.0: 7.2 HIGH
CVE-2021-21722

A ZTE Smart STB is impacted by an information leak vulnerability. The device did not fully verify the log, so attackers could use this vulnerability to obtain sensitive user information for further information detection and attacks. This affects: ZXV10 B860A V2.1-T_V0032.1.1.04_jiangsuTelecom.

Published: January 14, 2021; 11:15:19 AM -0500
V3.1: 4.4 MEDIUM
V2.0: 2.1 LOW
CVE-2020-6777

A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an authenticated remote attacker with admin privileges to mount a stored Cross-Site-Scripting (XSS) attack against another user. When the victim logs into the management interface, the stored script code is executed in the context of his browser. A successful exploit would allow an attacker to interact with the management interface with the privileges of the victim. However, as the attacker already needs admin privileges, there is no additional impact on the management interface itself.

Published: January 14, 2021; 11:15:18 AM -0500
V3.1: 4.8 MEDIUM
V2.0: 3.5 LOW
CVE-2020-6776

A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (Cross-Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or submitting a malicious form. A successful exploit allows the attacker to perform arbitrary actions with the privileges of the victim, e.g. creating and modifying user accounts, changing system configuration settings and cause DoS conditions. Note: For Bosch PRAESIDEO 4.31 and newer and Bosch PRAESENSA in all versions, the confidentiality impact is considered low because user credentials are not shown in the web interface.

Published: January 14, 2021; 11:15:18 AM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2020-29587

SimplCommerce 1.0.0-rc uses the Bootbox.js library, which allows creation of programmatic dialog boxes using Bootstrap modals. The Bootbox.js library intentionally does not perform any sanitization of user input, which results in a DOM XSS, because it uses the jQuery .html() function to directly append the payload to a dialog.

Published: January 14, 2021; 11:15:18 AM -0500
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2020-29019

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header.

Published: January 14, 2021; 11:15:18 AM -0500
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2020-29018

A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter.

Published: January 14, 2021; 11:15:18 AM -0500
V3.1: 8.8 HIGH
V2.0: 6.5 MEDIUM
CVE-2020-29017

An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.

Published: January 14, 2021; 11:15:18 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.0 HIGH
CVE-2020-29016

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname.

Published: January 14, 2021; 11:15:18 AM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-29015

A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement.

Published: January 14, 2021; 11:15:17 AM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-27368

Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter.

Published: January 14, 2021; 11:15:17 AM -0500
V3.x:(not available)
V2.0:(not available)