» 2020 » 6월

CVE-2020-9647

Posted on 2020년 6월 12일2020년 6월 13일 by admin

CVE-2020-9647

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (dom-based) vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser.

Source: CVE-2020-9647

CVE-2020-9644

Posted on 2020년 6월 12일2020년 6월 13일 by admin

CVE-2020-9644

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (stored) vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser.

Source: CVE-2020-9644

CVE-2020-9643

Posted on 2020년 6월 12일2020년 6월 13일 by admin

CVE-2020-9643

Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.

Source: CVE-2020-9643

CVE-2020-9645

Posted on 2020년 6월 12일2020년 6월 13일 by admin

CVE-2020-9645

Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.

Source: CVE-2020-9645

CVE-2020-10732

Posted on 2020년 6월 12일2020년 6월 13일 by admin

CVE-2020-10732

A flaw was found in the Linux kernel’s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

Source: CVE-2020-10732

CVE-2020-9634

Posted on 2020년 6월 12일2020년 6월 13일 by admin

CVE-2020-9634

Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

Source: CVE-2020-9634

CVE-2020-9636

Posted on 2020년 6월 12일2020년 6월 13일 by admin

CVE-2020-9636

Adobe Framemaker versions 2019.0.5 and below have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

Source: CVE-2020-9636

CVE-2020-4251

Posted on 2020년 6월 12일2020년 6월 12일 by admin

CVE-2020-4251

IBM API Connect 5.0.0.0 through 5.0.8.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 175489.

Source: CVE-2020-4251

CVE-2020-3929

Posted on 2020년 6월 12일2020년 6월 12일 by admin

CVE-2020-3929

GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages.

Source: CVE-2020-3929

CVE-2020-3928

Posted on 2020년 6월 12일2020년 6월 12일 by admin

CVE-2020-3928

GeoVision Door Access Control device family is hardcoded with a root password, which adopting an identical password in all devices.

Source: CVE-2020-3928