Published | VU# | Title |
|---|
2020-12-26 | 2020-12-26 | 2020-12-27 | VU#843464 | | SolarWinds Orion API authentication bypass allows remote command execution |
2020-12-23 | 2020-12-23 | 2020-12-23 | VU#429301 | | Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location |
2020-12-08 | 2020-12-08 | 2020-12-08 | VU#815128 | | Embedded TCP/IP stacks have memory corruption vulnerabilities |
2020-11-23 | 2020-11-23 | 2020-11-23 | VU#724367 | | VMware Workspace ONE Access and related components are vulnerable to command injection |
2020-11-10 | 2020-11-10 | 2020-11-10 | VU#231329 | | Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks |
2020-10-26 | 2020-10-26 | 2020-10-26 | VU#760767 | | Macrium Reflect is vulnerable to privilege escalation due to OPENSSLDIR location |
2020-10-22 | 2020-10-20 | 2020-10-22 | VU#208577 | | Chocolatey Boxstarter vulnerable to privilege escalation due to weak ACLs |
2020-10-12 | 2020-10-12 | 2020-10-12 | VU#114757 | | Acronis backup software contains multiple privilege escalation vulnerabilities |
2020-09-16 | 2020-09-16 | 2020-09-16 | VU#490028 | | Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector |
2020-09-15 | 2020-09-15 | 2020-09-15 | VU#896979 | | IPTV encoder devices contain multiple vulnerabilities |
2020-09-09 | 2020-09-09 | 2020-09-09 | VU#589825 | | Devices supporting Bluetooth BR/EDR and LE using CTKD are vulnerable to key overwrite |
2020-08-20 | 2020-08-20 | 2020-08-20 | VU#221785 | | Diebold Nixdorf ProCash 2100xe USB ATM does not adequately secure communications between CCDM and host |
2020-08-20 | 2020-08-20 | 2020-08-20 | VU#815655 | | NCR SelfServ ATM BNA contains multiple vulnerabilities |
2020-08-20 | 2020-08-20 | 2020-08-20 | VU#116713 | | NCR SelfServ ATM dispenser software contains multiple vulnerabilities |
2020-07-29 | 2020-07-29 | 2020-07-30 | VU#174059 | | GRUB2 bootloader is vulnerable to buffer overflow |
2020-07-08 | 2020-06-30 | 2020-07-08 | VU#290915 | | F5 BIG-IP contains multiple vulnerabilities including unauthenticated remote command execution |
2020-06-26 | | 2020-06-26 | VU#576779 | | Netgear httpd upgrade_check.cgi stack buffer overflow |
2020-06-16 | 2020-06-16 | 2020-07-03 | VU#257161 | | Treck IP stacks contain multiple vulnerabilities |
2020-06-08 | 2020-06-08 | 2020-07-02 | VU#339275 | | Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations |
2020-06-02 | 2020-06-01 | 2020-06-24 | VU#636397 | | IP-in-IP protocol routes arbitrary traffic by default |
2020-05-26 | 2020-05-23 | 2020-05-26 | VU#127371 | 6.8 | iOS contains an unspecified kernel vulnerability |
2020-05-18 | 2020-05-18 | 2020-05-18 | VU#534195 | 0 | Bluetooth devices supporting LE and specific BR/EDR implementations are vulnerable to method confusion attacks |
2020-05-18 | 2020-05-18 | 2020-05-18 | VU#647177 | 4.8 | Bluetooth devices supporting BR/EDR are vulnerable to impersonation attacks |
2020-05-14 | 2020-01-28 | 2020-05-14 | VU#366027 | 7.8 | Samsung Qmage codec for Android Skia library does not properly validate image files |
2020-04-06 | 2020-04-06 | 2020-04-06 | VU#660597 | 0.9 | Periscope BuySpeed is vulnerable to stored cross-site scripting |
2020-03-30 | 2020-03-30 | 2020-03-30 | VU#962085 | 0.9 | Versiant LYNX Customer Service Portal is vulnerable to stored cross-site scripting |
2020-03-30 | 2019-04-12 | 2020-03-30 | VU#944837 | 6.7 | Vertiv Avocent UMG-4000 vulnerable to command injection and cross-site scripting vulnerabilities |
2020-03-23 | 2020-03-23 | 2020-03-24 | VU#354840 | 9.0 | Microsoft Windows Type 1 font parsing remote code execution vulnerabilities |
2020-03-19 | 2020-03-19 | 2020-03-19 | VU#425163 | 0 | Machine learning classifiers trained via gradient descent are vulnerable to arbitrary misclassification attack |
2020-03-11 | 2020-03-10 | 2020-03-11 | VU#872016 | 8.1 | Microsoft SMBv3 compression remote code execution vulnerability |
2020-03-04 | 2020-02-02 | 2020-03-04 | VU#782301 | 7.7 | pppd vulnerable to buffer overflow due to a flaw in EAP packet processing |
2020-02-24 | 2020-02-12 | 2020-02-24 | VU#498544 | 7.1 | ZyXEL NAS pre-authentication command injection in weblogin.cgi |
2020-02-12 | 2019-11-06 | 2020-02-12 | VU#597809 | 9.3 | IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI) service |
2020-02-05 | 2020-02-05 | 2020-02-05 | VU#261385 | 8.3 | Cisco Discovery Protocol (CDP) enabled devices are vulnerable to denial-of-service and remote code execution |
2020-01-31 | 2020-01-28 | 2020-01-31 | VU#390745 | 10.0 | OpenSMTPD vulnerable to local privilege escalation and remote code execution |
2020-01-17 | 2020-01-17 | 2020-01-18 | VU#338824 | 7.1 | Microsoft Internet Explorer Scripting Engine memory corruption vulnerability |
2020-01-14 | 2020-01-14 | 2020-01-14 | VU#335217 | 4.9 | Multiple caching service providers are vulnerable to HTTP cache poisoning |
2020-01-14 | 2020-01-14 | 2020-01-14 | VU#491944 | 5.9 | Microsoft Windows Remote Desktop Gateway allows for unauthenticated remote code execution |
2020-01-14 | 2020-01-14 | 2020-01-15 | VU#849224 | 9.4 | Microsoft Windows CryptoAPI fails to properly validate ECC certificate chains |
2020-01-08 | 2019-12-17 | 2020-01-08 | VU#619785 | 7.1 | Citrix Application Delivery Controller and Citrix Gateway web server vulnerability |