Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-22 | CVE-2020-8789 | Cross-site Scripting vulnerability in Ocproducts Composr 10.0.30 Composr 10.0.30 allows Persistent XSS via a Usergroup name under the Security configuration. | 3.5 |
2020-05-22 | CVE-2020-7813 | Download of Code Without Integrity Check vulnerability in Kaoni Ezhttptrans 1.0.0.70 Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download and execute arbitrary file by setting the arguments to the activex method. | 7.5 |
2020-05-22 | CVE-2020-6091 | Improper Authentication vulnerability in Epson Eb-1470Ui Firmware An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. | 6.4 |
2020-05-22 | CVE-2020-1956 | OS Command Injection vulnerability in Apache Kylin Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation. | 8.8 |
2020-05-22 | CVE-2020-3344 | Classic Buffer Overflow vulnerability in Cisco Advanced Malware Protection FOR Endpoints A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. | 2.1 |
2020-05-22 | CVE-2020-3343 | Classic Buffer Overflow vulnerability in Cisco Advanced Malware Protection FOR Endpoints A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. | 2.1 |
2020-05-22 | CVE-2020-3314 | Improper Input Validation vulnerability in Cisco Advanced Malware Protection for Endpoints A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints service. | 5.8 |
2020-05-22 | CVE-2020-3280 | Deserialization of Untrusted Data vulnerability in Cisco Unified Contact Center Express 12.0/12.0(1) A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 10.0 |
2020-05-22 | CVE-2020-3272 | Improper Input Validation vulnerability in Cisco Prime Network Registrar A vulnerability in the DHCP server of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |
2020-05-22 | CVE-2020-3184 | SQL Injection vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 6.5 |