Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2017-18706 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6100 before 1.0.1.20, R7500 before 1.0.0.118, WNDR3700v4 before 1.0.2.88, WNDR4300 before 1.0.2.90, ... | 6.5 | MEDIUM | β | 0 |
| CVE-2017-18707 Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R8300 before 1.0.2.106 and R8500 before 1.0.2.106. | 6.8 | MEDIUM | β | 0 |
| CVE-2017-18708 Certain NETGEAR devices are affected by CSRF. This affects R8300 before 1.0.2.94 and R8500 before 1.0.2.94. | 8.8 | HIGH | β | 0 |
| CVE-2017-18709 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R8300 before 1.0.2.94 and R8500 before 1.0.2.94. | 7.8 | HIGH | β | 0 |
| CVE-2017-18710 Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R8300 before 1.0.2.106 and R8500 before 1.0.2.106. | 4.3 | MEDIUM | β | 0 |
| CVE-2017-18713 Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D7800 before 1.0.1.28, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7500v2 before 1.0.3.20, R7800 ... | 6.5 | MEDIUM | β | 0 |
| CVE-2017-18714 NETGEAR WNDR4500v3 devices before 1.0.0.48 are affected by denial of service. | 6.5 | MEDIUM | β | 0 |
| CVE-2017-18715 Certain NETGEAR devices are affected by reflected XSS. This affects EX3700 before 1.0.0.66, EX3800 before 1.0.0.66, EX6100 before 1.0.2.20, EX6120 before 1.0.0.34, EX6150 before 1.0.0.36, EX6200 befor... | 6.1 | MEDIUM | β | 0 |
| CVE-2017-18716 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 b... | 8.8 | HIGH | β | 0 |
| CVE-2017-18699 Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52. | 6.8 | MEDIUM | β | 0 |
| CVE-2017-18717 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 b... | 8.8 | HIGH | β | 0 |
| CVE-2017-18718 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 b... | 8.8 | HIGH | β | 0 |
| CVE-2017-18719 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6020 before 1.1.00.26, R6080 before 1.1.00.26; R6700v2 befor... | 8.8 | HIGH | β | 0 |
| CVE-2017-18720 Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | 8.8 | HIGH | β | 0 |
| CVE-2017-18721 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 b... | 8.8 | HIGH | β | 0 |
| CVE-2017-18722 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 b... | 8.8 | HIGH | β | 0 |
| CVE-2017-18723 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 b... | 8.8 | HIGH | β | 0 |
| CVE-2017-18724 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 b... | 8.8 | HIGH | β | 0 |
| CVE-2017-18725 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24. R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 b... | 8.8 | HIGH | β | 0 |
| CVE-2017-18726 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6020 before 1.0.0.30, R6080 before 1.0.0.30, R6700v2 before 1.1.0.42, R6800 before 1... | 8.8 | HIGH | β | 0 |
| CVE-2017-18727 Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 b... | 8.8 | HIGH | β | 0 |
| CVE-2020-5869 In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-path attackers to read / modify confidential data in transit. | 9.1 | CRITICAL | β | 0 |
| CVE-2020-5870 In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization mechanisms do not use any form of authentication for connecting to the peer. | 8.1 | HIGH | β | 0 |
| CVE-2017-18697 Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52. | 6.8 | MEDIUM | β | 0 |
| CVE-2017-18698 Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6100 before 1.0.1.20, R7800 before 1.0.2.40, and R9000 before 1.0.2.52. | 6.8 | MEDIUM | β | 0 |
| CVE-2017-18700 Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4... | 6.1 | MEDIUM | β | 0 |
| CVE-2017-18701 Certain NETGEAR devices are affected by reflected XSS. This affects R6700 before 1.0.1.36 and R6900 before 1.0.1.34. | 6.1 | MEDIUM | β | 0 |
| CVE-2017-18702 NETGEAR R6220 devices before 1.1.0.60 are affected by incorrect configuration of security settings. | 5.4 | MEDIUM | β | 0 |
| CVE-2017-18703 Certain NETGEAR devices are affected by CSRF. This affects D1500 before 1.0.0.25, D500 before 1.0.0.25, D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, EX6100v2 before 1.0.1.60, E... | 8.8 | HIGH | β | 0 |
| CVE-2017-18704 Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 ... | 6.5 | MEDIUM | β | 0 |
| CVE-2018-21228 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, EX6100v2 before 1.0.1.50, EX6150v2 before 1.0.1.50, EX6200v2 before 1.0.1.44, EX... | 6.8 | MEDIUM | β | 0 |
| CVE-2018-21229 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R7500v2 before 1.0.3.20, R7800 before 1.0.2.38, WN3000RPv3 before 1.0.2.50, WNDR4300v2 before 1.0.0.5... | 6.5 | MEDIUM | β | 0 |
| CVE-2018-21230 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 befo... | 5.4 | MEDIUM | β | 0 |
| CVE-2018-21231 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 befo... | 5.4 | MEDIUM | β | 0 |
| CVE-2019-4750 IBM Cloud App Management 2019.3.0 and 2019.4.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the ... | 8.8 | HIGH | β | 0 |
| CVE-2019-4751 IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. IBM X-Force ID: 1... | 5.3 | MEDIUM | β | 0 |
| CVE-2020-4267 IBM MQ and MQ Appliance 8.0, 9.1 LTS, and 9.1 CD could allow an authenticated user cause a denial of service due to a memory leak. IBM X-Force ID: 175840. | 6.5 | MEDIUM | β | 0 |
| CVE-2020-6821 When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory... | 7.5 | HIGH | β | 0 |
| CVE-2020-6822 On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code>. It is possible that with enough effort this could have been exploi... | 8.8 | HIGH | β | 0 |
| CVE-2020-6823 A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the use... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-12254 Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink. | 7.8 | HIGH | β | 0 |
| CVE-2020-6824 Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Priva... | 2.8 | LOW | β | 0 |
| CVE-2020-6825 Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruptio... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-6826 Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enou... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-6827 When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. <br> *Note: This issue only affec... | 4.7 | MEDIUM | β | 0 |
| CVE-2020-6828 A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user's profile directory. One exploitation... | 7.5 | HIGH | β | 0 |
| CVE-2020-10664 The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference. | 7.5 | HIGH | β | 0 |
| CVE-2020-7131 This document describes a security vulnerability in Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity products. All J/H-series NonStop systems have a security vulnerabilit... | 9.0 | CRITICAL | β | 0 |
| CVE-2020-1741 A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middl... | 5.9 | MEDIUM | β | 0 |
| CVE-2020-7133 A unauthorized remote access vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.