Vulnerabilities > Microchip > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-14 | CVE-2020-12788 | Information Exposure Through Discrepancy vulnerability in Microchip products CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks. | 5.0 |
| 2020-09-14 | CVE-2020-12787 | Unspecified vulnerability in Microchip products Microchip Atmel ATSAMA5 products in Secure Mode allow an attacker to bypass existing security mechanisms related to applet handling. network microchip | 4.3 |
| 2020-02-17 | CVE-2020-9033 | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to authlog.php. | 6.4 |
| 2020-02-17 | CVE-2020-9032 | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to kernlog.php. | 6.4 |
| 2020-02-17 | CVE-2020-9031 | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php. | 6.4 |
| 2020-02-17 | CVE-2020-9030 | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to the syslog.php. | 6.4 |
| 2020-02-17 | CVE-2020-9029 | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php. | 6.4 |
| 2020-02-17 | CVE-2020-9028 | Cross-site Scripting vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenance" screen (when creating a new user). | 4.3 |
| 2020-02-17 | CVE-2020-9034 | Improper Input Validation vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices mishandle session validation, leading to unauthenticated creation, modification, or elimination of users. | 5.0 |
| 2020-02-10 | CVE-2019-19195 | Unspecified vulnerability in Microchip Atmsamb11 Blusdk Smart 6.2 The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet. low complexity microchip | 6.1 |