Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter.
CVE-2020-27689PUBLISHED: 2020-11-04The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. A remote attacker could exploit this vulnerability to login and execute commands on the device, as well as upgrade the firmware image to a malic...
CVE-2020-7128PUBLISHED: 2020-11-04A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-7129PUBLISHED: 2020-11-04A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-28049PUBLISHED: 2020-11-04An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display contents and, ...
Support the originator by clicking the read the rest link below.
