CVE-2020-6975
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application.
Source: CVE-2020-6975
CVE-2020-8955
irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode).
Source: CVE-2020-8955
CVE-2013-4602
A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine.
Source: CVE-2013-4602
CVE-2013-5106
A Code Execution vulnerability exists in select.py when using python-mode 2012-12-19.
Source: CVE-2013-5106
CVE-2011-4908
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.
Source: CVE-2011-4908
CVE-2013-6022
A Cross-Site Scripting (XSS) vulnerability exists in Tiki Wiki CMG Groupware 11.0 via the id paraZeroClipboard.swf, which could let a remote malicious user execute arbitrary code.
Source: CVE-2013-6022
CVE-2020-5399
Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. A malicious user with access to the network between CredHub and its MySQL database may eavesdrop on database connections and thereby gain unauthorized access to CredHub and other components.
Source: CVE-2020-5399
CVE-2011-4906
Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution.
Source: CVE-2011-4906
CVE-2020-8950
The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%AMDPPCupload and then creating a symbolic link in %PROGRAMDATA%AMDPPCtemp that points to an arbitrary folder with an arbitrary file name.
Source: CVE-2020-8950
CVE-2020-6189
Certain settings page(s) in SAP Business Objects Business Intelligence Platform (CMC), version 4.2, generates error messages that can give enterprise private-network related information which would otherwise be restricted leading to Information Disclosure.
Source: CVE-2020-6189