Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cve-2020-11177 vulnerabilities and exploits

(subscribe to this query)

7.8
CVSSv2
CVE-2019-11177
Unhandled exception in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access....
Intel Baseboard Management Controller Firmware
4.3
CVSSv2
CVE-2020-8988
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers (after using root access to make a copy of the local database) to discover login credentials and voting history via an offline brute-force approach....
Voatz Voatz 2020-01-01
4.3
CVSSv2
CVE-2020-29384
An issue was discovered in PNGOUT 2020-01-15. When compressing a crafted PNG file, it encounters an integer overflow....
Advsys Pngout 2020-01-15
3.5
CVSSv2
CVE-2020-25071
** DISPUTED ** Nifty Project Management Web Application 2020-08-26 allows XSS, via Add Task, that is rendered upon a Project Home visit. Note: It has been argued that this is not reproducible. "The original issue was that the task would be created and an alert would be...
Niftypm Nifty 2020-08-26
6.9
CVSSv2
CVE-2020-27014
Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute...
Trendmicro Antivirus 2020
3.6
CVSSv2
CVE-2020-27013
Trend Micro Antivirus for Mac 2020 (Consumer) contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and written to allowing the attacker to gather and modify sensitive product and user...
Trendmicro Antivirus 2020
5
CVSSv2
CVE-2014-2020
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x...
Php Php 5.5.0Php Php 5.5.1Php Php 5.5.2Php Php 5.5.3Php Php 5.5.4Php Php 5.5.5Php Php 5.5.6Php Php 5.5.7Php Php
6.8
CVSSv2
CVE-2013-7226
Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a...
Php Php 5.5.0Php Php 5.5.1Php Php 5.5.2Php Php 5.5.3Php Php 5.5.4Php Php 5.5.5Php Php 5.5.6Php Php 5.5.7Php Php 5.5.8
7.2
CVSSv2
CVE-2020-25776
Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. An attacker must first obtain the ability to execute low-privileged code on the...
Trendmicro Antivirus 2019Trendmicro Antivirus 2020
5
CVSSv2
CVE-2017-11177
TRITON AP-EMAIL 8.2 before 8.2 IB does not properly restrict file access in an unspecified directory....
Websense Triton Ap Email 8.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
arbitrary codeCVE-2020-36079microfocusCVE-2021-26561CVE-2021-21972NULL pointer dereferenceCVE-2021-25281deserializationsolutions business managerCVE-2020-28243CVE-2020-27618