Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-04 | CVE-2020-27690 | Classic Buffer Overflow vulnerability in Imomobile Verve Connect Vh510 Firmware The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains a buffer overflow within its web management portal. | 4.9 |
| 2020-11-04 | CVE-2020-7129 | Command Injection vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 9.0 |
| 2020-11-04 | CVE-2020-7128 | Command Injection vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 10.0 |
| 2020-11-04 | CVE-2020-27689 | Use of Hard-coded Credentials vulnerability in Imomobile Verve Connect Vh510 Firmware The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. | 5.0 |
| 2020-11-04 | CVE-2019-7356 | Cross-site Scripting vulnerability in Intelliants Subrion 4.2.1 Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter. | 3.5 |
| 2020-11-04 | CVE-2020-28049 | Race Condition vulnerability in multiple products An issue was discovered in SDDM before 0.19.0. | 6.3 |
| 2020-11-04 | CVE-2020-8037 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. | 7.5 |
| 2020-11-04 | CVE-2020-8036 | Out-of-bounds Read vulnerability in Tcpdump 4.10.0 The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way. | 5.0 |
| 2020-11-04 | CVE-2020-22274 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Jomsocial 4.7.6 JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile. | 7.5 |
| 2020-11-04 | CVE-2020-22273 | Cross-Site Request Forgery (CSRF) vulnerability in Creativeitem Neoflex Video Subscription System 2.0 Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed (such as Payment Settings) | 4.3 |