CVE-2020-35151
The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection.
Source: CVE-2020-35151
[월:] 2020년 12월
CVE-2020-11717
CVE-2020-11717
An issue was discovered in Programi 014 31.01.2020. It has multiple SQL injection vulnerabilities.
Source: CVE-2020-11717
CVE-2018-7580
CVE-2018-7580
Philips Hue is vulnerable to a Denial of Service attack. Sending a SYN flood on port tcp/80 will freeze Philips Hue’s hub and it will stop responding. The "hub" will stop operating and be frozen until the flood stops. During the flood, the user won’t be able to turn on/off the lights, and all of the hub’s functionality will be unresponsive. The cloud service also won’t work with the hub.
Source: CVE-2018-7580
CVE-2020-35606
CVE-2020-35606
Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840.
Source: CVE-2020-35606
CVE-2020-35605
CVE-2020-35605
The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message.
Source: CVE-2020-35605
CVE-2020-21377
CVE-2020-21377
SQL injection vulnerability in yunyecms V2.0.1 via the selcart parameter.
Source: CVE-2020-21377
CVE-2020-21378
CVE-2020-21378
SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to admin_members_group.php.
Source: CVE-2020-21378
CVE-2020-35604
CVE-2020-35604
An XXE attack can occur in Kronos WebTA 5.0.4 when SAML is used.
Source: CVE-2020-35604
CVE-2020-4988
CVE-2020-4988
Loopback 8.0.0 contains a vulnerability that could allow an attacker to manipulate or pollute Javascript values and cause a denial of service or possibly execute code. IBM X-Force ID: 192706.
Source: CVE-2020-4988
CVE-2020-5808
CVE-2020-5808
In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user’s defined scan zone without a particular zone being specified within the Automatic Distribution configuration.
Source: CVE-2020-5808