Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and...
NETGEAR ReadyNAS devices before 6.6.1 are affected by command injection. Date published : 2020-04-29 https://kb.netgear.com/000044333/Security-Advisory-for-Operating-System-Command-Injection-on-ReadyNAS-OS-6-Storage-Systems-PSV-2017-2002
NETGEAR WNR854T devices before 1.5.2 are affected by command execution. Date published : 2020-04-29 https://kb.netgear.com/000038833/Security-Advisory-for-Unauthenticated-Command-Execution-on-WNR854T-PSV-2017-2317
NETGEAR ReadyNAS 6.6.1 and earlier is affected by command injection. Date published : 2020-04-29 https://kb.netgear.com/000044333/Security-Advisory-for-Operating-System-Command-Injection-on-ReadyNAS-OS-6-Storage-Systems-PSV-2017-2002
Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700...
re2c before 2.0 has uncontrolled recursion that causes stack consumption in find_fixed_tags. Date published : 2020-04-29 https://github.com/skvadrik/re2c/issues/219 https://www.openwall.com/lists/oss-security/2020/04/27/2
SUAP V2 allows XSS during the update of user information. Date published : 2020-04-29 https://medium.com/@crhenr/cve-2019-7634-my-first-cve-61db875dc94a
Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-77: Improper Neutralization of Special Elements used in a Command (‘Command Injection’). Date published : 2020-04-29 https://www.rapid7.com/db/modules/exploit/linux/misc/accellion_fta_mpipe2
Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials. Date published : 2020-04-29 https://www.rapid7.com/db/modules/exploit/linux/misc/accellion_fta_mpipe2
ABBS Software Audio Media Player version 3.1 suffers from an instance of CWE-121: Stack-based Buffer Overflow. Date published : 2020-04-29 https://www.rapid7.com/db/modules/exploit/windows/fileformat/abbs_amp_lst
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function. Date published : 2020-04-29 https://www.rapid7.com/db/modules/exploit/windows/scada/abb_wserver_exec
AASync.com AASync version 2.2.1.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow. Date published : 2020-04-29 https://www.rapid7.com/db/modules/exploit/windows/ftp/aasync_list_reply
A-PDF WAV to MP3 version 1.0.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow. Date published : 2020-04-29 https://www.rapid7.com/db/modules/exploit/windows/fileformat/a_pdf_wav_to_mp3
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device. IBM X-Force ID: 160631. Date published : 2020-04-29 https://www.ibm.com/support/pages/node/6202708 https://exchange.xforce.ibmcloud.com/vulnerabilities/160631