334 matches found
CVE-2020-27555
Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user...
VulnCheck KEV: CVE-2025-34054
An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgiquery. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root. Exploitation evidence...
CVE-2020-26574
Leostream Connection Broker 8.2.x is affected by stored XSS. An unauthenticated attacker can inject arbitrary JavaScript code via the webquery.pl User-Agent HTTP header. It is rendered by the admins the next time they log in. The JavaScript injected can be used to force the admin to upload a...
Cross site scripting
Leostream Connection Broker 8.2.x is affected by stored XSS. An unauthenticated attacker can inject arbitrary JavaScript code via the webquery.pl User-Agent HTTP header. It is rendered by the admins the next time they log in. The JavaScript injected can be used to force the admin to upload a...
CVE-2020-26574
Leostream Connection Broker 8.2.x is affected by a stored XSS via the webquery.pl User-Agent header. An unauthenticated attacker can inject JavaScript that is rendered when admins log in, potentially forcing the admin to upload a malicious Perl script that could be executed as root through libMis...
PT-2020-16465 · Leostream · Leostream Connection Broker
Name of the Vulnerable Software and Affected Versions: Leostream Connection Broker versions 8.2.x Description: The issue allows an unauthenticated attacker to inject arbitrary JavaScript code via the User-Agent HTTP header in the webquery.pl file. This code is rendered by administrators the next...
Buffer overflow
A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication...
CVE-2020-14510 OFF-BY-ONE ERROR CWE-193
GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as root...
X.Org Server Pixel Data Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processi...
Cisco SD-WAN vManage Software License Issue Vulnerability
Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Network solutions from Cisco. An authorization issue vulnerability exists in the CLI in Cisco SD-WAN vManage Software that stems from insufficient input validation. A local attacker can exploit the...
CVE-2020-15397
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users e.g., locations under /var/spool/hylafax that are writable by the uucp account. This allows these users to execute code in the context of the user calling these binarie...
SUSE SLES12 Security Update : krb5-appl (SUSE-SU-2020:1533-1)
This update for krb5-appl fixes the following issues : CVE-2020-10188: Fixed a remote root execution bsc1165787. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as...
SUSE-SU-2020:1533-1 Security update for krb5-appl
This update for krb5-appl fixes the following issues: - CVE-2020-10188: Fixed a remote root execution bsc1165787...
(Pwn2Own) Apple macOS cfprefsd Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of file...
SAP Landscape Management Elevation of Privilege Vulnerability
SAP Landscape Management is a centralized SAP product management system from SAP. The system is used to centrally manage and configure SAP software systems running in physical, virtual, and cloud infrastructures. A security vulnerability exists in SAP Landscape Management version 3.0 and SAP...
CVE-2020-6236
SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admingroup privileges to change ownership and permissions including S-user ID bit s-bit of arbitrary files remotely. This results in the possibility to execute these files as root user from a...
CVE-2020-4273
IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input. IBM X-Force ID: 175977...
Command injection
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. Since all commands within the web application are executed as root, this could allow a remote attacker authenticated...
VMware Workstation Virtual Printer External Control of File Name Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Virtual Print...
D-Link DAP-2610 Authentication Bypass Vulnerability
The D-Link DAP-2610 is a wireless AC1300 Wave 2 dual-band PoE access point. An authentication bypass vulnerability exists in the handling of passwords in the D-Link DAP-2610 2.01RC067. The vulnerability stems from a lack of proper password checking. An attacker can exploit the vulnerability to...