Unauthorized Access Vulnerability in TamronOS IPTV System

TamronOS IPTV system is a set of Linux kernel-based development of broadband operators, hotels, schools, live on-demand all-in-one solution. An unauthorized access vulnerability exists in the TamronOS IPTV system. An attacker can exploit the vulnerability to obtain sensitive information...

Insecure Cryptographic Functions

github.com/moov-io/customers uses insecure cryptographic function. An attacker is able to exploit the vulnerability by using a rainbow table attack on the system. Th vulnerability exists due to a probability of a lack of uniqueness in the complexity of the hash function...

Adobe Acrobat/Reader Heap Buffer Overflow Vulnerability (CNVD-2021-49210)

Adobe Acrobat is a PDF editing software developed by Adobe.Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat/Reader has a heap buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...

Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2021-48888)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...

ASUS BMC Firmware Buffer Overflow Vulnerability (CNVD-2021-39577)

ASUS BMC Firmware is a firmware from Asus China. A buffer overflow vulnerability exists in the ASUS BMC firmware Web management page, which originates from a specific function that does not validate the length of a user-entered string, and can be exploited by a remote attacker to terminate a Web...

Unauthorized Access Vulnerability in Unicom's CPE-WiFi Web Management Platform

Founded on July 19, 1994, China United Telecommunications Corporation CUCC started with a capital of RMB 1.34 billion, and after ten years of development, it has become a mega state-owned backbone enterprise with net assets of RMB 84.3 billion and total assets of RMB 212.9 billion, and is the onl...

Linux kernel input validation error vulnerability (CNVD-2021-21917)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from an input validation error vulnerability that can be exploited by attackers to cause users to crash their systems or potentially escalate their...

Apache Subversion Denial of Service Vulnerability (CNVD-2021-38781)

Apache Subversion is the United States Apache Apache Foundation of a set of open source version control system. The system is compatible with Concurrent Versions System CVS. Apache Subversion there is a denial of service vulnerability , an attacker can exploit the vulnerability through mod authz...

Microsoft SharePoint 安全漏洞

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...

Network Video Surveillance Client Has Logic Flaw Vulnerability

Network Video Surveillance Client is a network video surveillance system. A logic flaw vulnerability exists in the Network Video Surveillance Client. An attacker can exploit the vulnerability to bypass the login password and obtain sensitive information by modifying the value in the return packet...

CVE-2020-11530

creationtimestamp| type| source ---|---|--- 2021-02-18 11:04:04+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wpchopslideridsqli.rb 2025-01-14 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-01-14...

CVE-2020-27874

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat 7.0.18. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM...

CVE-2020-4547

IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the...

Authorization Bypass

virtualbox is vulnerable to authorization bypass. An easy to exploit vulnerability allows a high privileged attacker to perform unauthorized creation, deletion or modification access to critical data...

Authorization Bypass

virtualbox is vulnerable to authorization bypass. An easy to exploit vulnerability allows a high privileged attacker to perform unauthorized creation, deletion or modification access to critical data...

Cisco RV110W/RV130/RV130W/RV215W Remote Command Execution and Denial of Service Vulnerability (CNVD-2021-41192)

The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...

CVE-2020-14270

HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. An unauthenticated attacker could exploit this vulnerability to obtain information about the XPages software running on the Domino server...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to cause arbitrary code execution...

CVE-2020-27485

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check the index...

CVE-2020-27483

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the offset provided...