| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A cross-site scripting (XSS) vulnerability exists in the 'merge account' functionality in admins.js in BigBlueButton Greenlight 2.7.6. |
| The Bluetooth handset of Mitel MiVoice 6940 and 6930 MiNet phones with firmware before 1.5.3 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A successful exploit could allow an attacker to eavesdrop on conversations. |
| The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP phones with firmware before 5.1.0.SP6 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A successful exploit could allow an attacker to eavesdrop on conversations. |
| receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code. |
| The R programming languageās default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages() function from the interpreter. Update to version 4.0.3 |
| In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random. |
| In PicoTCP 1.7.0, TCP ISNs are improperly random. |
| In Contiki 4.5, TCP ISNs are improperly random. |
| In FNET 4.6.3, TCP ISNs are improperly random. |
| In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions. |
| In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random. |
| In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random. |
| In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts. |
| In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records. |
| JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection. |
| JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF. |
| In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues. |
| JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF. |
| JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances. |
| In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version. |
