Vulnerabilities > Microchip
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-22 | CVE-2019-16127 | Integer Overflow or Wraparound vulnerability in Microchip Advanced Software Framework 4 Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow. | 6.4 |
| 2020-09-14 | CVE-2020-12789 | Use of Hard-coded Credentials vulnerability in Microchip products The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets. | 4.3 |
| 2020-09-14 | CVE-2020-12788 | Information Exposure Through Discrepancy vulnerability in Microchip products CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks. | 5.0 |
| 2020-09-14 | CVE-2020-12787 | Unspecified vulnerability in Microchip products Microchip Atmel ATSAMA5 products in Secure Mode allow an attacker to bypass existing security mechanisms related to applet handling. network microchip | 4.3 |
| 2020-02-17 | CVE-2020-9033 | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to authlog.php. | 6.4 |
| 2020-02-17 | CVE-2020-9032 | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to kernlog.php. | 6.4 |
| 2020-02-17 | CVE-2020-9031 | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php. | 6.4 |
| 2020-02-17 | CVE-2020-9030 | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to the syslog.php. | 6.4 |
| 2020-02-17 | CVE-2020-9029 | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php. | 6.4 |
| 2020-02-17 | CVE-2020-9028 | Cross-site Scripting vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenance" screen (when creating a new user). | 4.3 |