โผ CVE-2020-4663 โผ
๐ Read
via "National Vulnerability Database".
IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186234.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1058 โผ
๐ Read
via "National Vulnerability Database".
NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1066 โผ
๐ Read
via "National Vulnerability Database".
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to unexpected consumption of resources, which in turn may lead to denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1057 โผ
๐ Read
via "National Vulnerability Database".
NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to allocate some resources for which the guest is not authorized, which may lead to integrity and confidentiality loss, denial of service, or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1064 โผ
๐ Read
via "National Vulnerability Database".
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which it obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1060 โผ
๐ Read
via "National Vulnerability Database".
NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1065 โผ
๐ Read
via "National Vulnerability Database".
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).๐ Read
via "National Vulnerability Database".
โผ CVE-2021-3111 โผ
๐ Read
via "National Vulnerability Database".
The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-8584 โผ
๐ Read
via "National Vulnerability Database".
Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code execution.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-5805 โผ
๐ Read
via "National Vulnerability Database".
In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users.xml. OS-level users on the QCC host who are not authorized to use QCC may use the plaintext credentials to login to QCC.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1061 โผ
๐ Read
via "National Vulnerability Database".
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).๐ Read
via "National Vulnerability Database".
โผ CVE-2020-27260 โผ
๐ Read
via "National Vulnerability Database".
Innokas Yhtymรยค Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments into specific HL7 v2.x messages via multiple expected parameters.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-4666 โผ
๐ Read
via "National Vulnerability Database".
IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186281.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1063 โผ
๐ Read
via "National Vulnerability Database".
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1062 โผ
๐ Read
via "National Vulnerability Database".
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).๐ Read
via "National Vulnerability Database".
โผ CVE-2020-4606 โผ
๐ Read
via "National Vulnerability Database".
IBM Security Verify Privilege Manager 10.8 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A local attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 184883.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-4667 โผ
๐ Read
via "National Vulnerability Database".
IBM Engineering Requirements Quality Assistant On-Premises could allow an authenticated user to obtain sensitive information due to improper input validation. IBM X-Force ID: 186282.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-4664 โผ
๐ Read
via "National Vulnerability Database".
IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186235.๐ Read
via "National Vulnerability Database".
๐ฆฟ How to use Dropbox Passwords as your password manager ๐ฆฟ
๐ Read
via "Tech Republic".
Dropbox now offers its own password manager. Here are the steps on how to set it up and use it.๐ Read
via "Tech Republic".
TechRepublic
How to use Dropbox Passwords as your password manager
Dropbox now offers its own password manager. Here are the steps on how to set it up and use it.
โผ CVE-2020-17502 โผ
๐ Read
via "National Vulnerability Database".
Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameters xmodules, ymodules and savelocking are not properly handled. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-26664 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.๐ Read
via "National Vulnerability Database".