The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login...
7.5CVSS
7.5AI Score
0.002EPSS
The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login...
7.5CVSS
7.4AI Score
0.002EPSS
The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login...
7.5CVSS
7.4AI Score
0.002EPSS
The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login...
7.5AI Score
0.002EPSS
Description of the security update for SharePoint Foundation 2013: August 11, 2020
Description of the security update for SharePoint Foundation 2013: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.5AI Score
0.014EPSS
Chinese APT group targets India and Hong Kong using new variant of MgBot malware
This blog post was authored by Hossein Jazi and Jérôme Segura On July 2, we found an archive file with an embedded document pretending to be from the government of India. This file used template injection to drop a malicious template which loaded a variant of Cobalt Strike. One day later, the...
-0.4AI Score
0.975EPSS
There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected...
3.3CVSS
0.0004EPSS
There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected...
3.3CVSS
3.8AI Score
0.0004EPSS
There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected...
3.3CVSS
3.7AI Score
0.0004EPSS
There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected...
3.6AI Score
0.0004EPSS
Security Advisory - Information Disclosure Vulnerability on some Huawei Products
There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. (Vulnerability.....
3.3CVSS
4.2AI Score
0.0004EPSS
Description of the security update for SharePoint Foundation 2013: July 14, 2020
Description of the security update for SharePoint Foundation 2013: July 14, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.5AI Score
0.013EPSS
[68.5.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [68.5.0-1] - Update to 68.5.0...
8.8CVSS
2AI Score
0.013EPSS
[68.5.0-2.0.1] - fix LD_LIBRARY_PATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one * Fri Feb 07 2020 Jan Horak - Update to 68.5.0 build2 * Wed Feb 05 2020 Jan Horak - Update to 68.5.0 build1 * Wed Jan 08 2020 Jan Horak - Update to 68.4.1esr build1 * Fri Jan 03...
9.8CVSS
-0.3AI Score
0.604EPSS
There is an out-of-bounds write vulnerability on several Huawei...
6.5CVSS
6.7AI Score
0.002EPSS
There is a weak algorithm vulnerability in some Huawei...
5.3CVSS
5.4AI Score
0.001EPSS
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected...
5.3CVSS
0.002EPSS
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected...
5.3CVSS
5.2AI Score
0.002EPSS
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected...
5.3CVSS
5.3AI Score
0.002EPSS
Cisco IP Phones Call Log Information Disclosure Vulnerability
A vulnerability in the Web Access feature of Cisco IP Phones could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could...
1.9AI Score
0.002EPSS
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected...
5.3CVSS
5.2AI Score
0.002EPSS
WordPress Drag And Drop Plugin Remote Code Execution (CVE-2020-12800)
A remote code execution vulnerability exists in WordPress Drag And Drop plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected...
9.8CVSS
5.3AI Score
0.975EPSS
WordPress Drag and Drop Multiple File Upload Plugin < 1.3.3.3 Unrestricted File Upload Vulnerability
The WordPress...
9.8CVSS
9.5AI Score
0.975EPSS
Description of the security update for SharePoint Foundation 2013: June 9, 2020
Description of the security update for SharePoint Foundation 2013: June 9, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.6AI Score
0.297EPSS
The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php%...
9.8CVSS
9.8AI Score
0.975EPSS
The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php%...
9.8CVSS
9.6AI Score
0.975EPSS
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger...
7.5CVSS
7.6AI Score
0.005EPSS
The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php%...
9.8CVSS
9.7AI Score
0.975EPSS
The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php%...
9.8AI Score
0.975EPSS
WordPress Drag And Drop Multi File Uploader Remote Code Execution Exploit
Exploit for php platform in category web...
0.1AI Score
0.975EPSS
WordPress Drag And Drop Multi File Uploader Remote Code Execution
This Metasploit module exploits a file upload feature of Drag and Drop Multi File Upload - Contact Form...
9.8CVSS
-0.4AI Score
0.975EPSS
Some Huawei products have a memory leak...
0.2AI Score
0.001EPSS
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments...
0.5AI Score
0.972EPSS
There is a weak algorithm vulnerability in some Huawei...
0.1AI Score
There is an improper authentication vulnerability in some Huawei CloudEngine products. This VT has been deprecated and is therefore no longer...
7.5CVSS
7.7AI Score
0.002EPSS
Some Huawei products have DoS...
7.4CVSS
7.7AI Score
0.001EPSS
There is a vulnerability in the IP Version 6 (IPv6) Neighbor Discovery packet process of multiple products. This VT has been deprecated and is therefore no longer...
7.5CVSS
7.6AI Score
0.015EPSS
0.3AI Score
0.975EPSS
Wordpress Drag and Drop Multi File Uploader RCE
This module exploits a file upload feature of Drag and Drop Multi File Upload - Contact Form 7 for versions prior to 1.3.4. The allowed file extension list can be bypassed by appending a %, allowing for php shells to be uploaded. No authentication is required for...
9.8CVSS
10AI Score
0.975EPSS
WordPress Drag And Drop File Upload Contact Form 1.3.3.2 Shell Upload
WordPress Drag and Drop File Upload Contact Form plugin version 1.3.3.2 suffers from a remote shell upload...
0.2AI Score
There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product...
7.5CVSS
7.4AI Score
0.001EPSS
There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product...
7.5CVSS
7.4AI Score
0.001EPSS
There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product...
7.5CVSS
7.3AI Score
0.001EPSS
There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product...
7.4AI Score
0.001EPSS
Some Huawei products have a weak cryptography...
9.8CVSS
9.7AI Score
0.004EPSS
0.1AI Score
NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0025)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This...
8.8CVSS
8.2AI Score
0.013EPSS
Unauthenticated File Upload vulnerability leading to Remote Code Execution (RCE) discovered by Austin Martin in WordPress Drag and Drop Multiple File Upload for Contact Form 7 plugin (versions <= 1.3.3.2). Solution Update the WordPress Drag and Drop Multiple File Upload for Contact Form...
9.8CVSS
3.4AI Score
0.975EPSS
NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2020-0026)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write....
8.8CVSS
-0.4AI Score
0.013EPSS
Security Advisory - Denial of Service Vulnerability in Some Huawei Products
There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. (Vulnerability ID:...
7.5CVSS
6.9AI Score
0.001EPSS