Exploit for Improper Input Validation in Microsoft

cve-2020-1350 Bash Proof-of-Concept PoC script to exploit SI...

The vulnerability of microprogramming software for managing video cards (motherboards) in hypervisors such as VMware ESXi, VMware Workstation, and VMware Fusion allows attackers to cause partial service interruptions.

The vulnerability of microprogramming software for managing video cards controllers in VMware ESXi, VMware Workstation, and VMware Fusion lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a partial service...

Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers DoS (cisco-sa-iosxe-ewlc-dos-TkuPVmZN)

According to its self-reported version, Cisco IOS XE Software is affected by a DoS vulnerability. Please see the included Cisco BID and Cisco Security Advisory for more information. TRUSTED...

EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2020-1746)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U MS-SFU Kerbero...

CVE-2020-8573

NetApp HCI BMCs (H610C, H615C, H610S) ship with a documented default account/password. During upgrades to Element 11.8/12.0 or Compute Firmware Bundle 12.2.92, the BMC password is reset to the default, which could allow remote attackers to cause a Denial of Service (DoS). This cobalt of informati...

ENTTEC Lighting Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: ENTTEC Equipment: Datagate Mk2, Storm 24, Pixelator, E-Streamer Mk2 Vulnerabilities: Use of Hard-coded Cryptographic Key, Cross-site Scripting, Improper Access Control...

CVE-2020-10279

MiR robot controllers central computation unit makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots. These insecurities include a way for users to escalate their access beyond what they were granted via file creatio...

CVE-2020-10279

MiR robot controllers central computation unit makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots. These insecurities include a way for users to escalate their access beyond what they were granted via file creatio...

Race condition

MiR robot controllers central computation unit makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots. These insecurities include a way for users to escalate their access beyond what they were granted via file creatio...

CVE-2020-10279

CVE-2020-10279 is mapped to MiR robot software with insecure default permissions (Incorrect Default Permissions CWE-276) in MiR robots shipped prior to v2.8.3. The vulnerability description notes that an authorized local attacker with access to the robot operating system could perform privilege e...

CVE-2020-10273

MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way the intellectual property artifacts installed in the robots. This flaw allows attackers with access to the robot or the robot network while in combination with other flaws to retrieve and easily...

CVE-2020-10273

MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way the intellectual property artifacts installed in the robots. This flaw allows attackers with access to the robot or the robot network while in combination with other flaws to retrieve and easily...

Design/Logic Flaw

MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way the intellectual property artifacts installed in the robots. This flaw allows attackers with access to the robot or the robot network while in combination with other flaws to retrieve and easily...

CVE-2020-10273

The CVE-2020-10273 entry concerns MiR robot controllers (MiR MiR100, MiR200, MiR250, MiR500, MiR1000, and MiR Fleet software older than 2.10.2.1) where sensitive intellectual property artifacts are stored without encryption or protection. The root cause is missing encryption of sensitive data on ...

Honeywell ControlEdge PLC and ControlEdge RTU Information Disclosure Vulnerability (CNVD-2020-37479)

Honeywell ControlEdge PLC and ControlEdge RTU are both products of Honeywell, Inc. The ControlEdge PLC is a programmable logic controller PLC.The ControlEdge RTU is a remote terminal unit RTU. An information disclosure vulnerability exists in the Honeywell ControlEdge PLC and RTU that can be...

CVE-2020-11989

A flaw was found in Apache Shiro in versions prior to 1.5.3. When using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2020-11989

Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

DEBIAN-CVE-2020-11989

Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

CVE-2020-11989

Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

CVE-2020-11989

Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass...