Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-04 | CVE-2020-10548 | SQL Injection vulnerability in Rconfig rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. | 7.5 |
2020-06-04 | CVE-2020-10547 | SQL Injection vulnerability in Rconfig rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. | 7.5 |
2020-06-04 | CVE-2020-10546 | SQL Injection vulnerability in Rconfig rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. | 7.5 |
2020-06-04 | CVE-2020-7030 | Information Exposure vulnerability in Avaya IP Office A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. | 2.1 |
2020-06-04 | CVE-2020-11094 | Information Exposure Through Log Files vulnerability in Octobercms Debugbar The October CMS debugbar plugin before version 3.1.0 contains a feature where it will log all requests (and all information pertaining to each request including session data) whenever it is enabled. | 6.8 |
2020-06-03 | CVE-2020-6504 | Incorrect Default Permissions vulnerability in Google Chrome Insufficient policy enforcement in notifications in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass notification restrictions via a crafted HTML page. | 4.3 |
2020-06-03 | CVE-2020-6503 | Information Exposure vulnerability in Google Chrome Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 4.3 |
2020-06-03 | CVE-2020-6502 | Incorrect Default Permissions vulnerability in Google Chrome Incorrect implementation in permissions in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page. | 4.3 |
2020-06-03 | CVE-2020-6501 | Incorrect Default Permissions vulnerability in Google Chrome Insufficient policy enforcement in CSP in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 4.3 |
2020-06-03 | CVE-2020-6500 | Unspecified vulnerability in Google Chrome Inappropriate implementation in interstitials in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network google | 4.3 |