Latest CVE Feed
-
10.0
HIGHCVE-2019-17364
The processCommandUploadLog() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.... Read more
- Published: Dec. 13, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-18830
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. The... Read more
- Published: Dec. 16, 2019
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2019-4716
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.... Read more
Affected Products : planning_analytics- Actively Exploited
- Published: Dec. 18, 2019
- Modified: Feb. 07, 2025
-
10.0
HIGHCVE-2019-19495
The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker can then configure the cable modem to port forward the mo... Read more
- Published: Jan. 08, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2014-1598
centurystar 7.12 ActiveX Control has a Stack Buffer Overflow... Read more
Affected Products : centurystar- Published: Jan. 08, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2014-2651
Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface... Read more
- Published: Jan. 09, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2015-7874
Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and earlier allows remote attackers to execute arbitrary code via a long nickname.... Read more
Affected Products : kitty_portable- Published: Jan. 15, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2015-5952
Directory traversal vulnerability in Thomson Reuters for FATCA before 5.2 allows remote attackers to execute arbitrary files via the item parameter.... Read more
Affected Products : fatca- Published: Jan. 15, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-14004
Buffer overflow occurs while processing invalid MKV clip, which has invalid EBML size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice ... Read more
Affected Products : sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware qcs605_firmware apq8009_firmware msm8909w_firmware +82 more products- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-14013
While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read into the table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ... Read more
Affected Products : sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware qcs605_firmware apq8009_firmware msm8909w_firmware +84 more products- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-14014
Possible buffer overflow when byte array receives incorrect input from reading source as array is not null terminated in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Nicobar, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR2... Read more
Affected Products : sm8150_firmware sm8250_firmware sxr2130_firmware sdm845_firmware sdm670_firmware sdm710_firmware sm6150_firmware nicobar_firmware nicobar sdm670 +6 more products- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-14016
Integer overflow occurs while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago... Read more
Affected Products : sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware qcs605_firmware apq8009_firmware msm8909w_firmware +72 more products- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-19841
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.... Read more
Affected Products : zonedirector_1200_firmware unleashed r310 zonedirector_1200 h320 h510 r710 r720 t610 r510 +7 more products- Published: Jan. 22, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-19842
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.... Read more
Affected Products : zonedirector_1200_firmware unleashed r310 zonedirector_1200 h320 h510 r710 r720 t610 r510 +7 more products- Published: Jan. 22, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2020-7995
The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts.... Read more
Affected Products : dolibarr_erp\/crm- Published: Jan. 26, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2020-8087
SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetD... Read more
- Published: Jan. 27, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-2612
Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI.... Read more
- Published: Jan. 27, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-2060
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.... Read more
Affected Products : openshift- Published: Jan. 28, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-3073
A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34.... Read more
- Published: Nov. 14, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-3317
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.... Read more
- Published: Jan. 29, 2020
- Modified: Nov. 21, 2024