Lucene search
K

12649 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:39 p.m.8 views

CVE-2020-5764

MX Player Android App versions prior to v1.24.5, are vulnerable to a directory traversal vulnerability when user is using the MX Transfer feature in "Receive" mode. An attacker can exploit this by connecting to the MX Transfer session as a "sender" and sending a MessageType of "FILELIST" with a...

8.8CVSS7.8AI score0.02037EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:25 p.m.9 views

CVE-2020-27646

Biscom Secure File Transfer SFT before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft...

6.5CVSS7AI score0.01004EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:20 p.m.5 views

CVE-2020-23038

Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables...

7.5CVSS7AI score0.02938EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:12 p.m.7 views

CVE-2020-13111

NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/driver.c ChunkedDecode function not properly validating the length of a chunk. A remote attacker can craft a chunked-transfer request that will result in a negative value being passed to memmove via the size parameter, causing t...

7.5CVSS6.9AI score0.01435EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:12 p.m.6 views

CVE-2020-7670

agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct...

7.5CVSS6.7AI score0.0117EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:8 p.m.9 views

CVE-2020-0473

In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical possession of the device to transfer files to it over Bluetooth, with no additional execution...

4.6CVSS8.4AI score0.00144EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:7 p.m.9 views

CVE-2020-7498

A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software all versions. The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file...

9.8CVSS6.9AI score0.01358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:31 a.m.7 views

CVE-2019-5994

Buffer overflow in PTP Picture Transfer Protocol of EOS series digital cameras EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware...

8.8CVSS8.1AI score0.02459EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:31 a.m.10 views

CVE-2019-5998

Buffer overflow in PTP Picture Transfer Protocol of EOS series digital cameras EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware...

8.8CVSS8.2AI score0.02559EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:30 a.m.12 views

CVE-2019-5999

Buffer overflow in PTP Picture Transfer Protocol of EOS series digital cameras EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware...

8.8CVSS8.1AI score0.02459EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 a.m.9 views

CVE-2019-10515

DCI client which might be preemptively freed up might be accessed for transferring packets leading to kernel error in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...

5.5CVSS7.2AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:19 a.m.9 views

CVE-2019-6001

Buffer overflow in PTP Picture Transfer Protocol of EOS series digital cameras EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware...

7.2CVSS8.2AI score0.00825EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:18 a.m.9 views

CVE-2019-6000

Buffer overflow in PTP Picture Transfer Protocol of EOS series digital cameras EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware...

8.8CVSS8.1AI score0.02437EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 a.m.5 views

CVE-2019-20802

An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an...

6.1CVSS6.5AI score0.00696EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:7 a.m.5 views

CVE-2019-13267

TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to transfer data from the host network to the guest network, the sender joins and then leaves an IGMP group. After i...

8.8CVSS7AI score0.00973EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:6 a.m.7 views

CVE-2019-13270

Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to transfer data from the host network to the guest network, the sender joins and then leaves an IGMP group. After it leaves, the router...

8.8CVSS7AI score0.00913EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:0 a.m.8 views

CVE-2019-8107

An arbitrary file deletion vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with export data transfer privileges can craft a request to perform arbitrary file deletion...

6.5CVSS6.7AI score0.00791EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:15 a.m.10 views

CVE-2019-10558

While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrag...

7.8CVSS9.5AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:15 a.m.6 views

CVE-2019-18465

In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has been found that could allow an attacker to sign in without full credentials via the SSH SFTP interface. The vulnerability affects only certain SSH SFTP configurations, and is applicable only if the MySQL database is being used...

9.8CVSS6.8AI score0.01487EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:47 a.m.10 views

CVE-2019-19629

In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration...

7.5CVSS6.8AI score0.01155EPSS
Exploits0References1
Rows per page
Query Builder