CVE-2020-8824
Hitron CODA-4582U 7.1.1.30 devices allow XSS via a Managed Device name on the Wireless > Access Control > Add Managed Device screen.
Source: CVE-2020-8824
[월:] 2020년 02월
CVE-2020-8959
CVE-2020-8959
Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 allows DLL Hijacking.
Source: CVE-2020-8959
CVE-2020-8441
CVE-2020-8441
JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load() function. NOTE: this is a discontinued product.
Source: CVE-2020-8441
CVE-2019-12437
CVE-2019-12437
In SilverStripe through 4.3.3, the previous fix for SS-2018-007 does not completely mitigate the risk of CSRF in GraphQL mutations,
Source: CVE-2019-12437
CVE-2019-12246
CVE-2019-12246
SilverStripe through 4.3.3 allows a Denial of Service on flush and development URL tools.
Source: CVE-2019-12246
CVE-2020-4230
CVE-2020-4230
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 and 11.5 is vulnerable to an escalation of privilege when an authenticated local attacker with special permissions executes specially crafted Db2 commands. IBM X-Force ID: 175212.
Source: CVE-2020-4230
CVE-2019-4457
CVE-2019-4457
IBM Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 163654.
Source: CVE-2019-4457
CVE-2020-4135
CVE-2020-4135
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage.
Source: CVE-2020-4135
CVE-2019-4429
CVE-2019-4429
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162886.
Source: CVE-2019-4429
CVE-2019-4640
CVE-2019-4640
IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code. IBM X-Force ID: 170046.
Source: CVE-2019-4640