Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18715 | 1 Netgear | 14 Ex3700, Ex3700 Firmware, Ex3800 and 11 more | 2020-04-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Certain NETGEAR devices are affected by reflected XSS. This affects EX3700 before 1.0.0.66, EX3800 before 1.0.0.66, EX6100 before 1.0.2.20, EX6120 before 1.0.0.34, EX6150 before 1.0.0.36, EX6200 before 1.0.3.84, and EX7000 before 1.0.0.60. | |||||
| CVE-2017-18716 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18717 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18718 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18704 | 1 Netgear | 36 D6220, D6220 Firmware, D6400 and 33 more | 2020-04-28 | 3.3 LOW | 6.5 MEDIUM |
| Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R6900P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8500 before 1.0.2.106, R8300 before 1.0.2.106, and WNDR3400v3 before 1.0.1.16. | |||||
| CVE-2017-18719 | 1 Netgear | 12 D6200, D6200 Firmware, R6020 and 9 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6020 before 1.1.00.26, R6080 before 1.1.00.26; R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2018-21228 | 1 Netgear | 26 D7800, D7800 Firmware, Ex6100 and 23 more | 2020-04-28 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, EX6100v2 before 1.0.1.50, EX6150v2 before 1.0.1.50, EX6200v2 before 1.0.1.44, EX6400 before 1.0.1.60, EX7300 before 1.0.1.60, R6100 before 1.0.1.16, R7500 before 1.0.0.110, R7800 before 1.0.2.32, R9000 before 1.0.2.30, WN3000RPv3 before 1.0.2.50, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. | |||||
| CVE-2017-18720 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18721 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18722 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18723 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2018-3652 | 1 Intel | 34 Atom C, Xeon, Xeon Bronze 3104 and 31 more | 2020-04-28 | 4.6 MEDIUM | 7.6 HIGH |
| Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces. | |||||
| CVE-2017-18724 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18725 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24. R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18726 | 1 Netgear | 10 R6020, R6020 Firmware, R6080 and 7 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6020 before 1.0.0.30, R6080 before 1.0.0.30, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18727 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-28 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18697 | 1 Netgear | 4 R7800, R7800 Firmware, R9000 and 1 more | 2020-04-28 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52. | |||||
| CVE-2017-18698 | 1 Netgear | 6 R6100, R6100 Firmware, R7800 and 3 more | 2020-04-28 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6100 before 1.0.1.20, R7800 before 1.0.2.40, and R9000 before 1.0.2.52. | |||||
| CVE-2017-18699 | 1 Netgear | 4 R7800, R7800 Firmware, R9000 and 1 more | 2020-04-28 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52. | |||||
| CVE-2018-3619 | 1 Intel | 17 Core I3, Core I5, Core I7 and 14 more | 2020-04-28 | 2.1 LOW | 4.6 MEDIUM |
| Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. | |||||
| CVE-2017-18701 | 1 Netgear | 4 R6700, R6700 Firmware, R6900 and 1 more | 2020-04-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Certain NETGEAR devices are affected by reflected XSS. This affects R6700 before 1.0.1.36 and R6900 before 1.0.1.34. | |||||
| CVE-2019-20789 | 1 Croogo | 1 Croogo | 2020-04-27 | 3.5 LOW | 4.8 MEDIUM |
| Croogo before 3.0.7 allows XSS via the title to admin/menus/menus or admin/taxonomy/vocabularies. | |||||
| CVE-2018-21127 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2020-04-27 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | |||||
| CVE-2018-21129 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2020-04-27 | 3.3 LOW | 6.5 MEDIUM |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | |||||
| CVE-2018-21130 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2020-04-27 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | |||||
| CVE-2018-21095 | 1 Netgear | 4 Srr60, Srr60 Firmware, Srs60 and 1 more | 2020-04-27 | 2.3 LOW | 4.3 MEDIUM |
| Certain NETGEAR devices are affected by stored XSS. This affects SRR60 before 2.2.1.210 and SRS60 before 2.2.1.210. | |||||
| CVE-2018-21126 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2020-04-27 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | |||||
| CVE-2020-2179 | 1 Jenkins | 1 Yaml Axis | 2020-04-27 | 6.5 MEDIUM | 8.8 HIGH |
| Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | |||||
| CVE-2018-21099 | 1 Netgear | 2 R7800, R7800 Firmware | 2020-04-27 | 5.2 MEDIUM | 8.0 HIGH |
| NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | |||||
| CVE-2018-21100 | 1 Netgear | 2 R7800, R7800 Firmware | 2020-04-27 | 5.2 MEDIUM | 8.0 HIGH |
| NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | |||||
| CVE-2018-21098 | 1 Netgear | 2 R7800, R7800 Firmware | 2020-04-27 | 5.2 MEDIUM | 6.8 MEDIUM |
| NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | |||||
| CVE-2018-21128 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2020-04-27 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by authentication bypass. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | |||||
| CVE-2020-9445 | 1 Zulip | 1 Zulip Server | 2020-04-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Zulip Server before 2.1.3 allows XSS via the modal_link feature in the Markdown functionality. | |||||
| CVE-2019-4668 | 1 Ibm | 1 Urbancode Deploy | 2020-04-27 | 2.1 LOW | 5.5 MEDIUM |
| IBM UrbanCode Deploy (UCD) 7.0.4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171250. | |||||
| CVE-2020-2178 | 1 Jenkins | 1 Parasoft Findings | 2020-04-27 | 5.5 MEDIUM | 7.1 HIGH |
| Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | |||||
| CVE-2020-11011 | 1 Phproject | 1 Phproject | 2020-04-27 | 6.5 MEDIUM | 8.8 HIGH |
| In Phproject before version 1.7.8, there's a vulnerability which allows users with access to file uploads to execute arbitrary code. This is patched in version 1.7.8. | |||||
| CVE-2020-11692 | 1 Jetbrains | 1 Youtrack | 2020-04-27 | 4.0 MEDIUM | 2.7 LOW |
| In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators. | |||||
| CVE-2020-5287 | 1 Prestashop | 1 Prestashop | 2020-04-27 | 6.4 MEDIUM | 6.5 MEDIUM |
| In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is improper access control on customers search. The problem is fixed in 1.7.6.5. | |||||
| CVE-2020-5288 | 1 Prestashop | 1 Prestashop | 2020-04-27 | 6.4 MEDIUM | 6.5 MEDIUM |
| "In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there is improper access controls on product attributes page. The problem is fixed in 1.7.6.5. | |||||
| CVE-2019-10523 | 1 Qualcomm | 46 Apq8009, Apq8009 Firmware, Apq8053 and 43 more | 2020-04-27 | 2.1 LOW | 5.5 MEDIUM |
| Target specific data is being sent to remote server and leads to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCA6574AU, QCS605, Rennell, SDA660, SDM429W, SDM439, SDM450, SDM710, SDM845, SM7150, SM8150, SM8250, SXR2130 | |||||
| CVE-2020-5293 | 1 Prestashop | 1 Prestashop | 2020-04-27 | 6.4 MEDIUM | 6.5 MEDIUM |
| In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper access controls on product page with combinations, attachments and specific prices. The problem is fixed in 1.7.6.5. | |||||
| CVE-2020-12071 | 1 Anchorcms | 1 Anchor | 2020-04-27 | 3.5 LOW | 4.8 MEDIUM |
| Anchor 0.12.7 allows admins to cause XSS via crafted post content. | |||||
| CVE-2020-11416 | 1 Jetbrains | 1 Space | 2020-04-27 | 3.5 LOW | 5.4 MEDIUM |
| JetBrains Space through 2020-04-22 allows stored XSS in Chats. | |||||
| CVE-2020-11687 | 1 Jetbrains | 1 Teamcity | 2020-04-27 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages. | |||||
| CVE-2020-11688 | 1 Jetbrains | 1 Teamcity | 2020-04-27 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session. | |||||
| CVE-2020-11689 | 1 Jetbrains | 1 Teamcity | 2020-04-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts file. | |||||
| CVE-2017-18790 | 1 Netgear | 12 R6700, R6700 Firmware, R7000 and 9 more | 2020-04-27 | 2.1 LOW | 6.2 MEDIUM |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100. | |||||
| CVE-2017-18797 | 1 Netgear | 8 R6400, R6400 Firmware, R7900 and 5 more | 2020-04-27 | 2.1 LOW | 6.2 MEDIUM |
| Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects R6400 before 1.0.1.24, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100. | |||||
| CVE-2018-21143 | 1 Netgear | 2 Gs810emx, Gs810emx Firmware | 2020-04-27 | 3.3 LOW | 6.5 MEDIUM |
| NETGEAR GS810EMX devices before 1.0.0.5 are affected by disclosure of sensitive information. | |||||
| CVE-2018-21144 | 1 Netgear | 18 Dm200, Dm200 Firmware, R7500 and 15 more | 2020-04-27 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DM200 before 1.0.0.52, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.16, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. | |||||