In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.
The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the
localsargument of arendercall to perform a RCE.
In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-8982 and CVE-2020-8983 but has essentially the same risk.
Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
- z3n70/CVE-2020-5902
- west9b/F5-BIG-IP-POC
- PushpenderIndia/CVE-2020-5902-Scanner
- jas502n/CVE-2020-5902
- yasserjanah/CVE-2020-5902
- cristiano-corrado/f5_scanner
- dunderhay/CVE-2020-5902
- aqhmal/CVE-2020-5902-Scanner
- haisenberg/CVE-2020-5902
- zhzyker/exphub
- faisalfs10x/F5-BIG-IP-CVE-2020-5902-shodan-scanner
- corelight/CVE-2020-5902-F5BigIP
- ludy-dev/BIG-IP-F5-TMUI-RCE-Vulnerability
- itsjeffersonli/CVE-2020-5902
- murataydemir/CVE-2020-5902
- f5devcentral/cve-2020-5902-ioc-bigip-checker
- superzerosec/cve-2020-5902
- halencarjunior/f5scan
- TheCyberViking/CVE-2020-5902-Vuln-Checker
- rockmelodies/CVE-2020-5902-rce-gui
- dnerzker/CVE-2020-5902
- momika233/cve-2020-5902
- theLSA/f5-bigip-rce-cve-2020-5902
- Al1ex/CVE-2020-5902
- d4rk007/F5-Big-IP-CVE-2020-5902-mass-exploiter
- GovindPalakkal/EvilRip
- pwnhacker0x18/CVE-2020-5902-Mass
- MrCl0wnLab/checker-CVE-2020-5902
- qiong-qi/CVE-2020-5902-POC
- lijiaxing1997/CVE-2020-5902-POC-EXP
index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742_FIX_PERL2020.
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.
A flaw was found in the Linux kernelβs implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter.
Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS Configuration Section.
Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible.
The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload (or mkfile and put) command to write PHP code into the wp-content/plugins/wp-file-manager/lib/files/ directory. This was exploited in the wild in August and September 2020.
- b1ackros337/CVE-2020-25213
- adminsec5247/CVE-2020-25213-wordpress-wp-file-manager-fileupload
- piruprohacking/CVE-2020-25213
- 0000000O0Oo/Wordpress-CVE-2020-25213
- forse01/CVE-2020-25213-Wordpress
- Aron-Tn/0day-elFinder-2020
- kakamband/WPKiller
- mansoorr123/wp-file-manager-CVE-2020-25213
A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
- lele8/CVE-2020-1472
- hadhub/ad-scanner
- sho-luv/zerologon
- Nekoox/zerologon
- Anonymous-Family/Zero-day-scanning
- Anonymous-Family/CVE-2020-1472
- TheJoyOfHacking/dirkjanm-CVE-2020-1472
- TheJoyOfHacking/SecuraBV-CVE-2020-1472
- Exploitspacks/CVE-2020-1472
- SecuraBV/CVE-2020-1472
- CPO-EH/CVE-2020-1472_ZeroLogonChecker
- NickSanzotta/zeroscan
- R0B1NL1N/CVE-2020-1472
- zeronetworks/zerologon
- Fa1c0n35/SecuraBV-CVE-2020-1472
- Fa1c0n35/CVE-2020-1472-02-
- puckiestyle/CVE-2020-1472
- itssmikefm/CVE-2020-1472
- NAXG/CVE-2020-1472
- Udyz/Zerologon
- hell-moon/ZeroLogon-Exploit
- cedelasen/OfensivaPoc
- YossiSassi/ZeroLogon-Exploitation-Check
- wrathfulDiety/zerologon
- SaharAttackit/CVE-2020-1472
- JayP232/The_big_Zero
- Whippet0/CVE-2020-1472
- b1ack0wl/CVE-2020-1472
- maikelnight/zerologon
- VoidSec/CVE-2020-1472
A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack.
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-120078455
