CVE-2020-25151
The affected product does not properly validate input, which may allow an attacker to execute a denial-of-service attack on the NIO 50 (all versions).
Source: CVE-2020-25151
[월:] 2020년 11월
CVE-2020-21667
CVE-2020-21667
In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the ‘table’ parameter passed is not filtered so a malicious parameter can be passed for SQL injection.
Source: CVE-2020-21667
CVE-2020-9127
CVE-2020-9127
Some Huawei products have a command injection vulnerability. Due to insufficient input validation, an attacker with high privilege may inject some malicious codes in some files of the affected products. Successful exploit may cause command injection.Affected product versions include:NIP6300 versions V500R001C30,V500R001C60;NIP6600 versions V500R001C30,V500R001C60;Secospace USG6300 versions V500R001C30,V500R001C60;Secospace USG6500 versions V500R001C30,V500R001C60;Secospace USG6600 versions V500R001C30,V500R001C60;USG9500 versions V500R001C30,V500R001C60.
Source: CVE-2020-9127
CVE-2020-6155
CVE-2020-6155
A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.
Source: CVE-2020-6155
CVE-2020-9129
CVE-2020-9129
HUAWEI Mate 30 versions earlier than 10.1.0.159(C00E159R7P2) have a vulnerability of improper buffer operation. Due to improper restrictions, local attackers with high privileges can exploit the vulnerability to cause system heap overflow.
Source: CVE-2020-9129
CVE-2020-6156
CVE-2020-6156
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance USDC file format path element token index.
Source: CVE-2020-6156
CVE-2020-6149
CVE-2020-6149
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section.
Source: CVE-2020-6149
CVE-2020-6147
CVE-2020-6147
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow.
Source: CVE-2020-6147
CVE-2020-6150
CVE-2020-6150
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow.
Source: CVE-2020-6150
CVE-2020-4886
CVE-2020-4886
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser’s history that could be obtained by a user who has access to the same system. IBM X-Force ID: 190910.
Source: CVE-2020-4886