Latest CVE Feed
-
10.0
HIGHCVE-2019-14004
Buffer overflow occurs while processing invalid MKV clip, which has invalid EBML size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice ... Read more
Affected Products : sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware qcs605_firmware apq8009_firmware msm8909w_firmware +82 more products- EPSS Score: %0.36
- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-14005
Buffer overflow occur while playing the clip which is nonstandard due to lack of check of size duration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,... Read more
Affected Products : sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware qcs605_firmware apq8009_firmware msm8909w_firmware +76 more products- EPSS Score: %0.36
- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-14006
Buffer overflow occur while playing the clip which is nonstandard due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Sn... Read more
Affected Products : sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware qcs605_firmware apq8009_firmware msm8909w_firmware +78 more products- EPSS Score: %0.36
- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-14013
While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read into the table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ... Read more
Affected Products : sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware qcs605_firmware apq8009_firmware msm8909w_firmware +84 more products- EPSS Score: %0.40
- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-14014
Possible buffer overflow when byte array receives incorrect input from reading source as array is not null terminated in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Nicobar, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR2... Read more
Affected Products : sm8150_firmware sm8250_firmware sxr2130_firmware sdm845_firmware sdm670_firmware sdm710_firmware sm6150_firmware nicobar_firmware nicobar sdm670 +6 more products- EPSS Score: %0.36
- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-14016
Integer overflow occurs while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago... Read more
Affected Products : sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware qcs605_firmware apq8009_firmware msm8909w_firmware +72 more products- EPSS Score: %0.33
- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-19841
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.... Read more
Affected Products : zonedirector_1200_firmware unleashed r310 zonedirector_1200 h320 h510 r710 r720 t610 r510 +7 more products- EPSS Score: %4.27
- Published: Jan. 22, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-19842
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.... Read more
Affected Products : zonedirector_1200_firmware unleashed r310 zonedirector_1200 h320 h510 r710 r720 t610 r510 +7 more products- EPSS Score: %6.70
- Published: Jan. 22, 2020
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2020-6966
In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilize a weak encryption scheme for ... Read more
Affected Products : apexpro_telemetry_server_firmware carescape_central_station_mai700_firmware carescape_central_station_mas700_firmware clinical_information_center_mp100d_firmware clinical_information_center_mp100r_firmware carescape_telemetry_server_mp100r_firmware apexpro_telemetry_server carescape_central_station_mai700 carescape_central_station_mas700 clinical_information_center_mp100d +2 more products- EPSS Score: %0.16
- Published: Jan. 24, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2020-7995
The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts.... Read more
Affected Products : dolibarr_erp\/crm- EPSS Score: %0.64
- Published: Jan. 26, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2020-8087
SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetD... Read more
- EPSS Score: %3.53
- Published: Jan. 27, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-2612
Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI.... Read more
- EPSS Score: %5.72
- Published: Jan. 27, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-2060
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.... Read more
Affected Products : openshift- EPSS Score: %22.01
- Published: Jan. 28, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-3073
A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34.... Read more
- EPSS Score: %6.69
- Published: Nov. 14, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-3317
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.... Read more
- EPSS Score: %0.23
- Published: Jan. 29, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2020-3716
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : magento- EPSS Score: %17.34
- Published: Jan. 29, 2020
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2020-5206
In Opencast before 7.6 and 8.1, using a remember-me cookie with an arbitrary username can cause Opencast to assume proper authentication for that user even if the remember-me cookie was incorrect given that the attacked endpoint also allows anonymous acce... Read more
Affected Products : opencast- EPSS Score: %0.30
- Published: Jan. 30, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2015-2909
Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote attackers to obtain access by leveraging situations in wh... Read more
Affected Products : dv-ip_express_firmware sd-advanced_-_sdhd_firmware sd-advanced_8\/12\/16_vga_firmware sd_advanced_closed_iptv_\(m3u\)_firmware sd_advanced_non_closed_iptv_\(m3u\)_firmware sd_advanced_nvr_firmware sd_32_\(m3g\)_firmware sd_32_\(m3h\)_firmware sd_4_\(m3s\)_firmware sd_4_\(m3t\)_firmware +30 more products- EPSS Score: %3.57
- Published: Feb. 06, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-10789
All versions of curling.js are vulnerable to Command Injection via the run function. The command argument can be controlled by users without any sanitization.... Read more
Affected Products : curling- EPSS Score: %8.28
- Published: Feb. 06, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-10590
Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mo... Read more
Affected Products : sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware qcs605_firmware apq8009_firmware msm8909w_firmware +84 more products- EPSS Score: %0.40
- Published: Feb. 07, 2020
- Modified: Nov. 21, 2024