CVE-2020-16135

libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.

Source: CVE-2020-16135

CVE-2017-18923

beroNet VoIP Gateways before 3.0.16 have a PHP script that allows downloading arbitrary files, including ones with credentials.

Source: CVE-2017-18923

CVE-2020-14308

In grub2 versions before 2.06 the grub memory allocator doesn’t check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.

Source: CVE-2020-14308

CVE-2020-5761

Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to CPU exhaustion due to an infinite loop in the TR-069 service. Unauthenticated remote attackers can trigger this case by sending a one character TCP message to the TR-069 service.

Source: CVE-2020-5761

CVE-2020-5763

Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service. An authenticated remote attacker can obtain a root shell by correctly answering a challenge prompt.

Source: CVE-2020-5763

CVE-2020-5762

Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to a denial of service attack against the TR-069 service. An unauthenticated remote attacker can stop the service due to a NULL pointer dereference in the TR-069 service. This condition is triggered due to mishandling of the HTTP Authentication field.

Source: CVE-2020-5762

CVE-2020-5760

Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to an OS command injection vulnerability. Unauthenticated remote attackers can execute arbitrary commands as root by crafting a special configuration file and sending a crafted SIP message.

Source: CVE-2020-5760

CVE-2020-14316

A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instances (VMIs) can be used to gain access to the host’s filesystem. Successful exploitation allows an attacker to assume the privileges of the VM process on the host system. In worst-case scenarios an attacker can read and modify any file on the system where the VMI is running. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Source: CVE-2020-14316

CVE-2020-16118

In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.

Source: CVE-2020-16118

CVE-2020-15588

An issue was discovered in the client side of Zoho ManageEngine Desktop Central before 10.0.533. An attacker-controlled server can trigger an integer overflow via a crafted header value.

Source: CVE-2020-15588