Threat Intelligence

Cross-site Scripting XSS Bounds of a Memory Buffer Improper Input Validation Exposure to Unauthorized Actor Improper SQL ('SQL Injection') Out-of-bounds Read Cross-Site Request Forgery (CSRF) Path Traversal Improper Access Control Use After Free Improper Authentication Out-of-bounds Write Integer Overflow or Wraparound NULL Pointer Dereference Special Elements (OS Command Injection) Generation of Code ('Code Injection') Improper Privilege Management Uncontrolled Resource Consumption Special Elements in Output (Injection) Race Condition

Microsoft Oracle Apple Google Intel Cisco Redhat Linux Mozilla Adobe Apache Hp F5 Jenkins Debian Sap Opensuse Gnu Foxitsoftware Gitlab

Android Iphone os Linux kernel Mac os x Windows 10 Chrome Windows 7 Windows server 2008 Windows server 2016 Windows server 2012 Windows 8.1 Windows rt 8.1 Tvos Mysql Windows server 2019 Firefox Safari Internet explorer Jre Watchos

CVE-2019-4680 (v3: 8.8) 20 Oct 2020

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.2.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQ... Read more ➔

CVE-2020-15792 15 Oct 2020

A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some query paramete... Read more ➔

CVE-2020-15226 7 Oct 2020

In GLPI before version 9.5.2, there is a SQL Injection in the API's search function. Not only is it possible to break the SQL syntax, but it is also p... Read more ➔

CVE-2020-15176 7 Oct 2020

In GLPI before version 9.5.2, when supplying a back tick in input that gets put into a SQL query,the application does not escape or sanitize allowing... Read more ➔

CVE-2020-15160 24 Sep 2020

PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with loca... Read more ➔

CVE-2020-17463 (v3: 9.8) 13 Aug 2020

FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items. Read more ➔

CVE-2020-15616 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15617 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15618 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15619 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15620 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15621 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15622 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15624 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15625 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15626 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15627 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15628 28 Jul 2020

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authenti... Read more ➔

CVE-2020-15713 (v3: 8.8) 28 Jul 2020

rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.php script using the so... Read more ➔

CVE-2020-15714 (v3: 8.8) 28 Jul 2020

rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.crud.php script using t... Read more ➔

CVE-2019-20842 (v3: 7.2) 19 Jun 2020

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels. Read more ➔

CVE-2020-10546 (v3: 9.8) 4 Jun 2020

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in... Read more ➔

CVE-2020-10547 (v3: 9.8) 4 Jun 2020

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because, by default, nodes' passwords are stor... Read more ➔

CVE-2020-10548 (v3: 9.8) 4 Jun 2020

rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext,... Read more ➔

CVE-2020-10549 (v3: 9.8) 4 Jun 2020

rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext,... Read more ➔