CVE-2020-7687
This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js.
Source: CVE-2020-7687
[월:] 2020년 07월
CVE-2020-7686
CVE-2020-7686
This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function.
Source: CVE-2020-7686
CVE-2020-7681
CVE-2020-7681
This affects all versions of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js.
Source: CVE-2020-7681
CVE-2020-7682
CVE-2020-7682
This affects all versions of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js.
Source: CVE-2020-7682
CVE-2020-7683
CVE-2020-7683
This affects all versions of package rollup-plugin-server. There is no path sanitization in readFile operation performed inside the readFileFromContentBase function.
Source: CVE-2020-7683
CVE-2020-10614
CVE-2020-10614
In OSIsoft PI System multiple products and versions, an authenticated remote attacker with write access to PI Vision databases could inject code into a display. Unauthorized information disclosure, deletion, or modification is possible if a victim views the infected display.
Source: CVE-2020-10614
CVE-2020-10604
CVE-2020-10604
In OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. This can result in blocking connections and queries to PI Data Archive.
Source: CVE-2020-10604
CVE-2020-12812
CVE-2020-12812
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
Source: CVE-2020-12812
CVE-2020-10600
CVE-2020-10600
In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive.
Source: CVE-2020-10600
CVE-2020-10602
CVE-2020-10602
In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive.
Source: CVE-2020-10602