|
217821
|
9.8 |
CRITICAL
Network
|
wavlink
|
wn530h4_firmware
|
A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without …
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-12125
|
2024-11-21 13:59 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217822
|
9.8 |
CRITICAL
Network
|
wavlink
|
wn530h4_firmware
|
A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without au…
|
CWE-78
OS Command
|
CVE-2020-12124
|
2024-11-21 13:59 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217823
|
8.1 |
HIGH
Network
|
wavlink
|
wn530h4_firmware
|
CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If…
|
CWE-352
Origin Validation Error
|
CVE-2020-12123
|
2024-11-21 13:59 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217824
|
7.5 |
HIGH
Network
|
apache
gradle
fedoraproject
oracle
|
ant
gradle
fedora
flexcube_private_banking
primavera_unifier
banking_platform
api_gateway
enterprise_repository
retail_predictive_application_server
data_integrator
util…
|
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task delete…
|
NVD-CWE-Other
|
CVE-2020-11979
|
2024-11-21 13:59 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217825
|
9.1 |
CRITICAL
Network
|
wago
|
750-852_firmware
750-880_firmware
750-881_firmware
750-831_firmware
750-882_firmware
750-885_firmware
750-889_firmware
|
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAG…
|
-
|
CVE-2020-12505
|
2024-11-21 13:59 |
2020-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217826
|
9.1 |
CRITICAL
Network
|
wago
|
750-362_firmware
750-363_firmware
750-823_firmware
750-832_firmware
750-862_firmware
750-891_firmware
750-890_firmware
|
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without auth…
|
-
|
CVE-2020-12506
|
2024-11-21 13:59 |
2020-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217827
|
8.8 |
HIGH
Network
|
gogogate
|
ismartgate_pro_firmware
|
iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)
|
CWE-352
Origin Validation Error
|
CVE-2020-12282
|
2024-11-21 13:59 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217828
|
6.5 |
MEDIUM
Network
|
gogogate
|
ismartgate_pro_firmware
|
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php.
|
CWE-352
Origin Validation Error
|
CVE-2020-12281
|
2024-11-21 13:59 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217829
|
6.5 |
MEDIUM
Network
|
gogogate
|
ismartgate_pro_firmware
|
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php.
|
CWE-352
Origin Validation Error
|
CVE-2020-12280
|
2024-11-21 13:59 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217830
|
7.2 |
HIGH
Network
|
apache
|
syncope
|
In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicious operations, inclu…
|
NVD-CWE-noinfo
|
CVE-2020-11977
|
2024-11-21 13:59 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
