CVE-2019-20524
ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner parameter.
Source: CVE-2019-20524
[월:] 2020년 03월
CVE-2020-10675
CVE-2020-10675
The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call.
Source: CVE-2020-10675
CVE-2020-10648
CVE-2020-10648
Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration.
Source: CVE-2020-10648
CVE-2020-4205
CVE-2020-4205
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could allow an authenticated user to bypass security restrictions, and continue to access the server even after authentication certificates have been revolked. IBM X-Force ID: 174961.
Source: CVE-2020-4205
CVE-2019-12129
CVE-2019-12129
In ONAP MSB through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.
Source: CVE-2019-12129
CVE-2019-20522
CVE-2019-20522
ilchCMS 2.1.23 allows XSS via the index.php/partner/index Link parameter.
Source: CVE-2019-20522
CVE-2019-12128
CVE-2019-12128
In ONAP SO through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.
Source: CVE-2019-12128
CVE-2019-20523
CVE-2019-20523
ilchCMS 2.1.23 allows XSS via the index.php/partner/index Name parameter.
Source: CVE-2019-20523
CVE-2019-19336
CVE-2019-19336
A cross-site scripting vulnerability was reported in the oVirt-engine’s OAuth authorization endpoint before version 4.3.8. URL parameters were included in the HTML response without escaping. This flaw would allow an attacker to craft malicious HTML pages that can run scripts in the context of the user’s oVirt session.
Source: CVE-2019-19336
CVE-2019-12130
CVE-2019-12130
In ONAP CLI through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.
Source: CVE-2019-12130