|
An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by... |
This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service... |
The service offers a survey to check the compliance of an organization with the GDPR (General Data Protection... |
This service collects data related to public available exploits. The database is updated daily through the official... |
| Published | Description | |
|---|---|---|
| CVE-2021-0218 |
15-01-2021 18:15:00 |
A command injection vulnerability in the license-check daemon of Juniper Networks Junos OS that may allow a locally authenticated attacker with low privileges to execute commands with root privilege. license-check is a daemon used to manage licenses in Junos OS. To update licenses, a user executes the command 'request system license update' via the CLI. An attacker with access to this CLI command may be able to exploit the vulnerability. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S6; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S3; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior to 19.3R2-S5, 19.3R3; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R1-S4, 20.1R2; 20.2 versions prior to 20.2R1-S2, 20.2R2. |
| CVE-2021-0206 |
15-01-2021 18:15:00 |
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to send a specific packet causing the packet forwarding engine (PFE) to crash and restart, resulting in a Denial of Service (DoS). By continuously sending these specific packets, an attacker can repeatedly disable the PFE causing a sustained Denial of Service (DoS). This issue only affects Juniper Networks NFX Series, SRX Series platforms when SSL Proxy is configured. This issue affects Juniper Networks Junos OS on NFX Series and SRX Series: 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S1; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS versions on NFX Series and SRX Series prior to 18.3R1. |
| CVE-2020-27219 |
14-01-2021 23:15:00 |
In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client. |
| CVE-2020-27220 |
14-01-2021 23:15:00 |
The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. The missing check involves verifying that the command target device is configured giving permission for the gateway device to act on its behalf. This means an authenticated device of a certain tenant, notably also a non-gateway device acting like a gateway, may receive command & control messages targeted at a different device of the same tenant without corresponding permissions getting checked. |
| CVE-2020-29494 |
14-01-2021 21:15:00 |
Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM. A remote user could potentially exploit this vulnerability, to gain unauthorized write access to the arbitrary files stored on the server filesystem, causing deletion of arbitrary files. |
| Date | Title | Platform | Author |
|---|---|---|---|
|
11-01-2021 |
PortableKanban 4.3.6578.38136 - Encrypted Password Retrieval | windows | rootabeta |
|
11-01-2021 |
Prestashop 1.7.7.0 - 'id_product' Time Based Blind SQL Injection | php | Jaimin Gondaliya |
|
11-01-2021 |
EyesOfNetwork 5.3 - LFI | multiple | Audencia Business SCHOOL Red Team |
|
11-01-2021 |
Anchor CMS 0.12.7 - 'markdown' Stored Cross-Site Scripting | multiple | Ramazan Mert GÖKTEN |
|
11-01-2021 |
EyesOfNetwork 5.3 - RCE & PrivEsc | multiple | Audencia Business SCHOOL Red Team |
Italiano
English