CVE-2012-1495
install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter.
Source: CVE-2012-1495
[월:] 2020년 01월
CVE-2015-4709
CVE-2015-4709
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Source: CVE-2015-4709
CVE-2011-4558
CVE-2011-4558
Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters.
Source: CVE-2011-4558
CVE-2006-7246
CVE-2006-7246
NetworkManager 0.9.x does not pin a certificate’s subject to an ESSID when 802.11X authentication is used.
Source: CVE-2006-7246
CVE-2020-8009
CVE-2020-8009
AVB MOTU devices through 2020-01-22 allow /.. Directory Traversal, as demonstrated by reading the /etc/passwd file.
Source: CVE-2020-8009
CVE-2019-17103
CVE-2019-17103
An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for Mac allows an attacker to elevate permissions to read protected directories.
This issue affects:
Bitdefender AV for Mac
versions prior to 8.0.0.
Source: CVE-2019-17103
CVE-2019-17100
CVE-2019-17100
An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. This issue does not affect: Bitdefender Total Security versions prior to 24.0.12.69.
Source: CVE-2019-17100
CVE-2019-17102
CVE-2019-17102
An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method `/api/update_setup` does not perform firmware signature checks atomically, leading to an exploitable race condition (TOCTTOU) that allows arbitrary execution of system commands.
This issue affects:
Bitdefender Bitdefender BOX 2
versions prior to 2.1.47.36.
Source: CVE-2019-17102
CVE-2017-16112
CVE-2017-16112
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs:CVE-2017-15010. Reason: This candidate is a reservation duplicate of CVE-2017-15010. Notes: All CVE users should reference CVE-2017-15010 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Source: CVE-2017-16112
CVE-2020-5522
CVE-2020-5522
The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Source: CVE-2020-5522