Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2020-20189 SQL Injection vulnerability in NewPK 1.1 via the title parameter to admin\newpost.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-25228 A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all servic... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-15357 Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or rou... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-0455 There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170372514 | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36178 oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for ... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36177 RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-26759 clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, due to a buffer overflow. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-11698 An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-10655 The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anon... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-10656 The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability al... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-10658 The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous ... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-24626 Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. | 9.8 | CRITICAL | β | 0 |
| CVE-2012-10001 The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a lockout, which might make it easier for remote attackers to conduct brute-force authentication attempts. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-26100 chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497). | 9.8 | CRITICAL | β | 0 |
| CVE-2020-25179 GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-29667 In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Se... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-5639 Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitra... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3668 u'Buffer overflow while parsing PMF enabled MCBC frames due to frame length being lesser than what is expected while parsing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrago... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3669 u'Buffer Overflow issue in WLAN tcp ip verification due to usage of out of range pointer offset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connec... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-27068 Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel | 9.8 | CRITICAL | β | 0 |
| CVE-2020-25175 GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35462 Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the CoScale agent container may allow a remote attacker to ach... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-24753 A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation (CBO... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-25489 A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0.3.0 allows remote attackers to potentially exploit heap corruption. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-7198 This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS h... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35463 Version 1.0.0 of the Instana Dynamic APM Docker image contains a blank password for the root user. Systems deployed using affected versions of the Instana Dynamic APM container may allow a remote atta... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35466 The Blackfire Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Blackfire container may allow a remote attacker to achieve ro... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35378 SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35467 The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Docker Docs container may allow a remote attacker to achiev... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-29659 A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attac... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35193 The official sonarqube docker images before alpine (Alpine specific) contain a blank password for a root user. System using the sonarqube docker container deployed by affected versions of the docker i... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35468 The Appbase streams Docker image 2.1.2 contains a blank password for the root user. Systems deployed using affected versions of the streams container may allow a remote attacker to achieve root access... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35469 The Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root user. Systems deployed using affected versions of the Terracotta Server OSS container may allow a remote... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-25215 yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-25216 yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35476 A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is ... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-17529 Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offse... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-1141 Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For m... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-14268 A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allo... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-29227 An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, to... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-14244 A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could all... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-14480 AdRem NetCrunch 10.6.0.4587 has an Improper Session Handling vulnerability in the NetCrunch web client, which can lead to an authentication bypass or escalation of privileges. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-14482 AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web client. The same hardcoded SSL private key is used across different customers' installations when no othe... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35185 The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password for a root user. System using the ghost docker container deployed by affected versions of the docker im... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-24640 There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation c... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-25112 An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution v... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-20184 GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-20136 QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-29016 A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-7781 This affects the package connection-tester before 0.2.1. The injection point is located in line 15 in index.js. The following PoC demonstrates the vulnerability: | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.