Total
428 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15390 | 1 Cisco | 1 Firepower Threat Defense | 2020-08-31 | 7.1 HIGH | 6.8 MEDIUM |
| A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition. | |||||
| CVE-2019-6321 | 1 Hp | 8 Z4 G4 Core-x Workstation, Z4 G4 Core-x Workstation Firmware, Z4 G4 Workstation and 5 more | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default. | |||||
| CVE-2019-6322 | 1 Hp | 8 Z4 G4 Core-x Workstation, Z4 G4 Core-x Workstation Firmware, Z4 G4 Workstation and 5 more | 2020-08-24 | 9.0 HIGH | 6.8 MEDIUM |
| HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default. | |||||
| CVE-2018-1000127 | 4 Canonical, Debian, Memcached and 1 more | 4 Ubuntu Linux, Debian Linux, Memcached and 1 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later. | |||||
| CVE-2019-6156 | 1 Lenovo | 354 330-14igm, 330-14igm Firmware, 330-15igm and 351 more | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). Lenovo was notified that after resuming from S3 sleep mode in various versions of BIOS for Lenovo systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected. | |||||
| CVE-2019-5886 | 1 Shopxo | 1 Shopxo | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in ShopXO 1.2.0. In the application\install\controller\Index.php file, there is no validation lock file in the Add method, which allows an attacker to reinstall the database. The attacker can write arbitrary code to database.php during system reinstallation. | |||||
| CVE-2020-13246 | 1 Gitea | 1 Gitea | 2020-05-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Gitea through 1.11.5. An attacker can trigger a deadlock by initiating a transfer of a repository's ownership from one organization to another. | |||||
| CVE-2020-10573 | 1 Meetecho | 1 Janus | 2020-03-18 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Janus through 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge. | |||||