CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2020-09-22
Low
CVE-2020-14023

Vendor: Ozeki
Software: Ozeki ng sms...
 

 
Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.

 
2020-09-17
Medium
CVE-2020-25216

Vendor: Yworks
Software: YED
 

 
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet.

 
2020-09-16
Medium
CVE-2020-7733

Vendor: Ua-parser-js project
Software: Ua-parser-js
 

 
The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.

 
2020-09-14
Medium
CVE-2020-13309

Vendor: Gitlab
Software: Gitlab
 

 
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature.

 
Medium
CVE-2019-0230

Vendor: Apache
Software: Struts
 

 
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

 
2020-09-11
Low
CVE-2020-1091

Vendor: Microsoft
Software: Windows 10
 

 
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1097.

 
Low
CVE-2020-1097

Vendor: Microsoft
Software: Windows 10
 

 
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1091.

 
2020-09-04
Low
CVE-2020-4632

Vendor: IBM
Software: Infosphere m...
 

 
IBM InfoSphere Metadata Asset Manager 11.7 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to submit or control server requests. IBM X-Force ID: 185416.

 
2020-09-01
High
CVE-2020-16204

Updating...
 

 
The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).

 
2020-08-29
Low
CVE-2020-24898

Vendor: Stiltsoft
Software: Table filter...
 

 
The Table Filter and Charts for Confluence Server app before 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter).

 

 


Copyright 2020, cxsecurity.com

 

Back to Top