24h | 7d | 30d

CVE-2020-36924

Overview

  • Pro-Bravia
  • Sony BRAVIA Digital Signage
06 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
MEDIUM (5.3)
EPSS
Pending
KEV

Description

Sony BRAVIA Digital Signage 1.7.8 contains a remote file inclusion vulnerability that allows attackers to inject arbitrary client-side scripts through the content material URL parameter. Attackers can exploit this vulnerability to hijack user sessions, execute cross-site scripting code, and modify display content by manipulating the input material type.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture
cR0w @cR0w

Assorted old vulns whose CVEs were just published. Quick glance looks like mostly random IoS stuff.

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cc: @Dio9sys @da_667

  • 0
  • 4
  • 0
  • 14h ago

CVE-2020-36912

Overview

  • Plexus
  • Plexus anblick Digital Signage Management
06 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
MEDIUM (5.1)
EPSS
Pending
KEV

Description

Plexus anblick Digital Signage Management 3.1.13 contains an open redirect vulnerability in the 'PantallaLogin' script that allows attackers to manipulate the 'pagina' GET parameter. Attackers can craft malicious links that redirect users to arbitrary websites by exploiting improper input validation in the parameter.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture
cR0w @cR0w

Assorted old vulns whose CVEs were just published. Quick glance looks like mostly random IoS stuff.

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cc: @Dio9sys @da_667

  • 0
  • 4
  • 0
  • 14h ago

CVE-2020-36917

Overview

  • Guangzhou Yeroo Tech Co., Ltd.
  • iDS6 DSSPro Digital Signage System
06 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
HIGH (8.6)
EPSS
Pending
KEV

Description

iDS6 DSSPro Digital Signage System 6.2 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept authentication credentials through cleartext cookie transmission. Attackers can exploit the autoSave feature to capture user passwords during man-in-the-middle attacks on HTTP communications.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture
cR0w @cR0w

Assorted old vulns whose CVEs were just published. Quick glance looks like mostly random IoS stuff.

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cc: @Dio9sys @da_667

  • 0
  • 4
  • 0
  • 14h ago

CVE-2020-36916

Overview

  • Tdmsignage
  • TDM Digital Signage PC Player
06 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
HIGH (8.5)
EPSS
Pending
KEV

Description

TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files. Attackers can leverage the 'Modify' permissions for authenticated users to replace executable files with malicious binaries and gain elevated system access.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture
cR0w @cR0w

Assorted old vulns whose CVEs were just published. Quick glance looks like mostly random IoS stuff.

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cc: @Dio9sys @da_667

  • 0
  • 4
  • 0
  • 14h ago

CVE-2020-36909

Overview

  • Secure Computing
  • SnapGear Management Console SG560
06 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
Pending
KEV

Description

SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the edit_config_files CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/edit_config_files to access and modify files outside the intended /etc/config/ directory.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture
cR0w @cR0w

Assorted old vulns whose CVEs were just published. Quick glance looks like mostly random IoS stuff.

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cc: @Dio9sys @da_667

  • 0
  • 4
  • 0
  • 14h ago

CVE-2020-36906

Overview

  • P5
  • FNIP-8x16A
06 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
MEDIUM (5.3)
EPSS
Pending
KEV

Description

P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to add new admin users, change passwords, and modify system configurations by tricking authenticated users into loading a specially crafted form.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture
cR0w @cR0w

Assorted old vulns whose CVEs were just published. Quick glance looks like mostly random IoS stuff.

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cc: @Dio9sys @da_667

  • 0
  • 4
  • 0
  • 14h ago

CVE-2020-36918

Overview

  • Yerootech
  • iDS6 DSSPro Digital Signage System
06 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
MEDIUM (5.1)
EPSS
Pending
KEV

Description

iDS6 DSSPro Digital Signage System 6.2 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can craft malicious web pages to trick logged-in administrators into adding unauthorized users by exploiting the lack of CSRF protections.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture
cR0w @cR0w

Assorted old vulns whose CVEs were just published. Quick glance looks like mostly random IoS stuff.

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cc: @Dio9sys @da_667

  • 0
  • 4
  • 0
  • 14h ago

CVE-2020-36907

Overview

  • Extreme Networks
  • Aerohive HiveOS
06 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
Pending
KEV

Description

Aerohive HiveOS contains a denial of service vulnerability in the NetConfig UI that allows unauthenticated attackers to render the web interface unusable. Attackers can send a crafted HTTP request to the action.php5 script with specific parameters to trigger a 5-minute service disruption.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture
cR0w @cR0w

Assorted old vulns whose CVEs were just published. Quick glance looks like mostly random IoS stuff.

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cc: @Dio9sys @da_667

  • 0
  • 4
  • 0
  • 14h ago

CVE-2020-36925

Overview

  • Arteco-Global
  • Arteco Web Client DVR/NVR
06 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
Pending
KEV

Description

Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID complexity that allows remote attackers to bypass authentication. Attackers can brute force session IDs within a specific numeric range to obtain valid sessions and access live camera streams without authorization.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture
cR0w @cR0w

Assorted old vulns whose CVEs were just published. Quick glance looks like mostly random IoS stuff.

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cc: @Dio9sys @da_667

  • 0
  • 4
  • 0
  • 14h ago

CVE-2020-36920

Overview

  • Yerootech
  • iDS6 DSSPro Digital Signage System
06 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
Pending
KEV

Description

iDS6 DSSPro Digital Signage System 6.2 contains an improper access control vulnerability that allows authenticated users to elevate privileges through console JavaScript functions. Attackers can create users, modify roles and permissions, and potentially achieve full application takeover by exploiting insecure direct object references.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture
cR0w @cR0w

Assorted old vulns whose CVEs were just published. Quick glance looks like mostly random IoS stuff.

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cve.org/CVERecord?id=CVE-2020-

cc: @Dio9sys @da_667

  • 0
  • 4
  • 0
  • 14h ago
Showing 71 to 80 of 87 CVEs