cve-2020-5902 vulnerabilities and exploits

(subscribe to this query)

5

CVSSv2

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An...

Cisco Email Security Appliance

6.4

CVSSv2

A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation...

Cisco Email Security Appliance

4.3

CVSSv2

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The...

Cisco Email Security Appliance

10

CVSSv2

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages....

F5 Big-ip Access Policy Manager F5 Big-ip Advanced Firewall Manager F5 Big-ip Advanced Web Application Firewall F5 Big-ip Analytics F5 Big-ip Application Acceleration Manager F5 Big-ip Application Security Manager F5 Big-ip Ddos Hybrid Defender F5 Big-ip Domain Name System F5 Big-ip Fraud Protection Service F5 Big-ip Global Traffic Manager F5 Big-ip Link Controller F5 Big-ip Local Traffic Manager F5 Big-ip Policy Enforcement Manager F5 Ssl Orchestrator74 Github repositories available23 Articles available

4.3

CVSSv2

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility....

F5 Big-ip Access Policy Manager F5 Big-ip Advanced Firewall Manager F5 Big-ip Analytics F5 Big-ip Application Acceleration Manager F5 Big-ip Application Security Manager F5 Big-ip Domain Name System F5 Big-ip Fraud Protection Service F5 Big-ip Global Traffic Manager F5 Big-ip Link Controller F5 Big-ip Local Traffic Manager F5 Big-ip Policy Enforcement Manager1 Github repository available6 Articles available

2.1

CVSSv2

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the web threat protection...

Trendmicro Antivirus 2020

5

CVSSv2

A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP ports. These IP ports would be...

Cisco Application Policy Infrastructure Controller

2.1

CVSSv2

Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the...

Trendmicro Antivirus 2020

NA

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none....

6.8

CVSSv2

Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior...

Bitdefender Total Security 20201 Github repository available2 Articles available

« PREV 1 2 3 4 5 6 7 NEXT »