Vulnerabilities > Marvell > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-01-08 CVE-2020-5805 Cleartext Storage of Sensitive Information vulnerability in Marvell Qconvergeconslole GUI 5.5.0.74
In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users.xml.
network
low complexity
marvell CWE-312
critical
9.0
2020-08-25 CVE-2020-17389 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
critical
9.0
2020-08-25 CVE-2020-17388 Exposed Dangerous Method or Function vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-749
critical
9.0
2020-08-25 CVE-2020-17387 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
critical
9.0
2020-08-25 CVE-2020-15644 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
critical
9.0
2020-08-25 CVE-2020-15642 OS Command Injection vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-78
critical
9.0
2020-08-25 CVE-2020-15639 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
critical
10.0
2008-10-17 CVE-2008-4594 Unspecified vulnerability in Linksys Wap400N 1.2.14
Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote.
network
low complexity
linksys marvell
critical
10.0