Last 20 Scored Vulnerability IDs & Summaries
CVSS Severity
-
CVE-2011-2878 —
Google Chrome before 14.0.835.202 does not properly restrict access to the window prototype, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
Published: October 04, 2011; 04:55:01 PM -04:00
-
CVE-2011-2877 —
Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font."
Published: October 04, 2011; 04:55:01 PM -04:00
-
CVE-2020-2186 —
A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.50.1 and earlier allows attackers to provision instances.
Published: May 06, 2020; 09:15:14 AM -04:00
-
CVE-2020-4446 —
IBM Business Process Manager 8.0, 8.5, and 8.6 and IBM Business Automation Workflow 18.0 and 19.0 could allow a remote attacker to bypass security restrictions, caused by the failure to perform insufficient authorization checks. IBM X-Force ID: 18112... read CVE-2020-4446
Published: May 06, 2020; 10:15:11 AM -04:00
-
CVE-2020-3313 —
A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the FMC Software.... read CVE-2020-3313
Published: May 06, 2020; 01:15:13 PM -04:00
-
CVE-2020-3318 —
Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about t... read CVE-2020-3318
Published: May 06, 2020; 01:15:13 PM -04:00
-
CVE-2020-8792 —
The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has an information-exposure issue. In the mobile app, an attempt to add an already-bound lock by its barcode reveals the email address of the account to which the loc... read CVE-2020-8792
Published: May 04, 2020; 10:15:13 AM -04:00
-
CVE-2020-8790 —
The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak password requirements combined with improper restriction of excessive authentication attempts, which could allow a remote attacker to discover user credentia... read CVE-2020-8790
Published: May 04, 2020; 10:15:13 AM -04:00
-
CVE-2011-2876 —
Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a text line box.
Published: October 04, 2011; 04:55:01 PM -04:00
-
CVE-2020-3301 —
Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about t... read CVE-2020-3301
Published: May 06, 2020; 01:15:13 PM -04:00
-
CVE-2020-12138 —
AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privil... read CVE-2020-12138
Published: April 27, 2020; 11:15:12 AM -04:00
-
CVE-2019-4266 —
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does not have device jailbreak detection which could result in an attacker gaining sensitive information about the device. IBM X-Force ID: 160199.
Published: May 06, 2020; 10:15:10 AM -04:00
-
CVE-2020-1959 —
A Server-Side Template Injection was identified in Apache Syncope prior to 2.1.6 enabling attackers to inject arbitrary Java EL expressions, leading to an unauthenticated Remote Code Execution (RCE) vulnerability. Apache Syncope uses Java Bean Valida... read CVE-2020-1959
Published: May 04, 2020; 09:15:13 AM -04:00
-
CVE-2018-21233 —
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decode_bmp_op.cc.
Published: May 04, 2020; 11:15:13 AM -04:00
-
CVE-2020-11051 —
In Wiki.js before 2.3.81, there is a stored XSS in the Markdown editor. An editor with write access to a page, using the Markdown editor, could inject an XSS payload into the content. If another editor (with write access as well) load the same page i... read CVE-2020-11051
Published: May 05, 2020; 05:15:11 PM -04:00
-
CVE-2017-18864 —
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7000P before 1.0.0.56, R6900P... read CVE-2017-18864
Published: May 05, 2020; 10:15:12 AM -04:00
-
CVE-2020-12669 —
core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter.
Published: May 06, 2020; 03:15:12 PM -04:00
-
CVE-2011-3234 —
Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Published: September 19, 2011; 08:02:56 AM -04:00
-
CVE-2011-2861 —
Google Chrome before 14.0.835.163 does not properly handle strings in PDF documents, which allows remote attackers to have an unspecified impact via a crafted document that triggers an incorrect read operation.
Published: September 19, 2011; 08:02:56 AM -04:00
-
CVE-2011-2860 —
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.
Published: September 19, 2011; 08:02:56 AM -04:00
