Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-30 | CVE-2020-7759 | SQL Injection vulnerability in Pimcore The package pimcore/pimcore from 6.7.2 and before 6.8.3 are vulnerable to SQL Injection in data classification functionality in ClassificationstoreController. | 6.5 |
| 2020-10-30 | CVE-2020-27015 | Information Exposure Through an Error Message vulnerability in Trendmicro Antivirus 2020 Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. | 2.1 |
| 2020-10-30 | CVE-2020-27014 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Trendmicro Antivirus 2020 Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. | 6.9 |
| 2020-10-29 | CVE-2020-27885 | Cross-site Scripting vulnerability in Wso2 API Manager 3.1.0 Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. | 4.3 |
| 2020-10-29 | CVE-2020-26205 | Cross-site Scripting vulnerability in SAL Project SAL Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. | 3.5 |
| 2020-10-29 | CVE-2020-25646 | Improper Encoding or Escaping of Output vulnerability in Ansible Collections Project Community.Crypto A flaw was found in Ansible Collection community.crypto. | 7.5 |
| 2020-10-29 | CVE-2020-14323 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. | 5.5 |
| 2020-10-29 | CVE-2020-27887 | OS Command Injection vulnerability in Eyesofnetwork Eonweb An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. | 9.0 |
| 2020-10-29 | CVE-2020-27886 | SQL Injection vulnerability in Eyesofnetwork Eonweb 5.37/5.38 An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. | 7.5 |
| 2020-10-29 | CVE-2020-27998 | Inadequate Encryption Strength vulnerability in Fast-Report Fastreport An issue was discovered in FastReport before 2020.4.0. | 7.5 |