|
198181
|
7.5 |
HIGH
Network
|
mbconnectline
|
mbconnect24
mymbconnect24
|
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code.
|
CWE-74
Injection
|
CVE-2020-35564
|
2024-11-21 14:27 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198182
|
5.4 |
MEDIUM
Network
|
mbconnectline
|
mbconnect24
mymbconnect24
|
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an incomplete XSS filter allowing an attacker to inject crafted malicious code into the page.
|
CWE-79
Cross-site Scripting
|
CVE-2020-35563
|
2024-11-21 14:27 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198183
|
5.3 |
MEDIUM
Network
|
mbconnectline
helmholz
|
mbconnect24
mymbconnect24
myrex24.virtual
myrex24
|
An issue was discovered MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. There is an SSRF in the HA module allowing an unauthentica…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-35561
|
2024-11-21 14:27 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198184
|
6.1 |
MEDIUM
Network
|
mbconnectline
|
mbconnect24
mymbconnect24
|
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unauthenticated open redirect in the redirect.php.
|
CWE-601
Open Redirect
|
CVE-2020-35560
|
2024-11-21 14:27 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198185
|
4.3 |
MEDIUM
Network
|
mbconnectline
|
mbconnect24
mymbconnect24
|
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unused function that allows an authenticated attacker to use up all available IPs of an account and…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-35559
|
2024-11-21 14:27 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198186
|
7.5 |
HIGH
Network
|
mbconnectline
helmholz
|
mbconnect24
mymbconnect24
myrex24.virtual
myrex24
|
An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. There is an SSRF in the in the MySQL access check, allowing an attacker …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-35558
|
2024-11-21 14:27 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198187
|
6.5 |
MEDIUM
Network
|
mbconnectline
helmholz
|
mbconnect24
mymbconnect24
myrex24.virtual
myrex24
|
An issue in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 allows a logged in user to see devices in the account he should not hav…
|
CWE-269
Improper Privilege Management
|
CVE-2020-35557
|
2024-11-21 14:27 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198188
|
7.2 |
HIGH
Network
|
batflat
|
batflat
|
Sruu.pl in Batflat 1.3.6 allows an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Users tab. To exploit this, one must login to the …
|
CWE-94
Code Injection
|
CVE-2020-35734
|
2024-11-21 14:27 |
2021-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198189
|
7.8 |
HIGH
Local
|
freedesktop
|
dbus
|
A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharin…
|
CWE-416
Use After Free
|
CVE-2020-35512
|
2024-11-21 14:27 |
2021-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198190
|
7.5 |
HIGH
Network
|
openvswitch
debian
fedoraproject
|
openvswitch
debian_linux
fedora
|
A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow i…
|
-
|
CVE-2020-35498
|
2024-11-21 14:27 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
