CVE-2018-14558
|
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through... |
Tenda |
AC7, AC9, AC10 |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-10987
|
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the... |
n/a |
n/a |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-31755
|
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows... |
n/a |
n/a |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2017-9248
|
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect... |
Progress |
Telerik UI for ASP.NET AJAX |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2019-18988
|
TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers'... |
TeamViewer |
TeamViewer Desktop |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2017-6327
|
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual... |
Symantec Corporation |
Messaging Gateway |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-10181
|
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges... |
Sumavision |
Enhanced Multimedia Router (EMR) |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-12271
|
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in... |
n/a |
n/a |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-20016
|
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access... |
SonicWall |
SonicWall SMA100 |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-20023
|
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the... |
SonicWall |
Email Security |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-20022
|
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the... |
SonicWall |
Email Security |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2019-7481
|
Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100... |
SonicWall |
SMA100 |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-20021
|
A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP... |
SonicWall |
Email Security |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-10199
|
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). |
Sonatype |
Nexus Repository |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2016-3643
|
SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated... |
SolarWinds |
Virtualization Manager |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-35211
|
Serv-U Remote Memory Escape Vulnerability |
SolarWinds |
Serv-U Managed File Transfer Server and Serv-U Secured FTP |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-10148
|
SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands |
SolarWinds |
Orion Platform |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2019-16256
|
Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location... |
Samsung |
SIMalliance Toolbox Browser |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2016-3976
|
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ (dot dot... |
SAP |
NetWeaver AS Java |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-6207
|
SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a... |
SAP SE |
SAP Solution Manager (User Experience Monitoring) |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-6287
|
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an... |
SAP SE |
SAP NetWeaver AS JAVA (LM Configuration Wizard) |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2016-9563
|
BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the... |
SAP |
NetWeaver AS JAVA |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2010-5326
|
The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote... |
SAP |
NetWeaver Application Server Java |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2018-2380
|
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus... |
SAP SE |
SAP CRM |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-16846
|
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in... |
n/a |
n/a |
2021-11-03 00:00:00 UTC |
CISA |