CVE-2021-26274
The Agent in NinjaRMM 5.0.909 has Insecure Permissions.
Source: CVE-2021-26274
[월:] 2021년 07월
CVE-2020-25925
CVE-2020-25925
Cross Site Scripting (XSS) in Webmail Calender in IceWarp WebClient 10.3.5 allows remote attackers to inject arbitrary web script or HTML via the "p4" field.
Source: CVE-2020-25925
CVE-2020-20211
CVE-2020-20211
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an assertion failure vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
Source: CVE-2020-20211
CVE-2020-25868
CVE-2020-25868
Pexip Infinity 22.x through 24.x before 24.2 has Improper Input Validation for call setup. An unauthenticated remote attacker can trigger a software abort (temporary loss of service).
Source: CVE-2020-25868
CVE-2020-20213
CVE-2020-20213
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the /nova/bin/net process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.
Source: CVE-2020-20213
CVE-2021-22233
CVE-2021-22233
An information disclosure vulnerability in GitLab EE versions 13.10 and later allowed a user to read project details
Source: CVE-2021-22233
CVE-2020-20215
CVE-2020-20215
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
Source: CVE-2020-20215
CVE-2020-24148
CVE-2020-24148
Server-side request forgery (SSRF) in the Import XML and RSS Feeds (import-xml-feed) plugin 2.0.1 for WordPress via the data parameter in a moove_read_xml action.
Source: CVE-2020-24148
CVE-2020-20216
CVE-2020-20216
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/graphing process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Source: CVE-2020-20216
CVE-2020-24146
CVE-2020-24146
Directory traversal in the CM Download Manager (aka cm-download-manager) plugin 2.7.0 for WordPress allows authorized users to delete arbitrary files and possibly cause a denial of service via the fileName parameter in a deletescreenshot action.
Source: CVE-2020-24146