CVE: CVE-2020-25546 Tested Versions: Askey AP5100W version Dual_SIG_1.01.071 Product URL(s): https://www.askey.com.tw/ Description of the vulnerability Askey AP5100W was a wifi mesh node provided to Singtel customers as part of their Fibre Broadband contract package. It is used to provide greater WiFi coverage in homes or offices. The wifi mesh node comes with a configurable web interface that allows users to modify settings on their mesh nodes and run diagnostics....

CVE: CVE-2020-2575 Tested Versions: Oracle VirtualBox 6.1.0 revision r135406 Product URL(s): https://virtualbox.org Description of the vulnerability VirtualBox is a x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. It is a solution commercially supported by Oracle, in addition to being made available as open source software. It runs on various host platforms like Windows, Linux, Mac and Solaris and also supports a large number of guest operating systems....

CVE: CVE-2020-2748 Tested Versions: Oracle VirtualBox 6.1.0 r135406 Product URL(s): https://virtualbox.org Description of the vulnerability VirtualBox is a x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. It is a solution commercially supported by Oracle, in addition to being made available as open source software. It runs on various host platforms like Windows, Linux, Mac and Solaris and also supports a large number of guest operating systems....

CVE: CVE-2020-2758 Tested Versions: Oracle VirtualBox 6.1.2 r135662 Product URL(s): https://virtualbox.org Description of the vulnerability VirtualBox is a x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. It is a solution commercially supported by Oracle, in addition to being made available as open source software. It runs on various host platforms like Windows, Linux, Mac and Solaris and also supports a large number of guest operating systems....

CVE: CVE-2020-2894 Tested Versions: Oracle VirtualBox 6.1.0 revision r135406 Product URL(s): https://virtualbox.org Description of the vulnerability VirtualBox is a x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. It is a solution commercially supported by Oracle, in addition to being made available as open source software. It runs on various host platforms like Windows, Linux, Mac and Solaris and also supports a large number of guest operating systems....

CVE: CVE-2020-10907 Tested Versions: Foxit Reader 9.7.0.29455 Product URL(s): https://www.foxitsoftware.com/pdf-reader/ Description of the vulnerability Foxit Reader is a popular PDF reading and printing software. When processing XFA forms within a PDF, a flaw exists when handling widgets in the form, which can lead to code execution. The attacker setup a XFA form which has 2 XFA_Widgets: combobox, and checkbox_group. <!-- XFA Combo Box --> <subform layout="tb" name="subform_combox_0"> <occur initial="1" max="10" min="0" name="occur_subform_combox_0"> </occur> <field h="10mm" name="combox" w="40mm" x="10mm" y="10mm"> <ui> <choiceList open="onEntry"> <border><edge/></border> </choiceList> </ui> <items save="1"> <text>apples</text> <text>bananas</text> <text>pears</text> </items> <value> <text>apples</text> </value> <event activity="ready" ref="$layout"> <script contentType="application/x-javascript"> xfa....

CVE: CVE-2020-3800 Tested Versions: Acrobat DC version 2019.008.20064 (Windows 10 64-bit) Product URL(s): https://acrobat.adobe.com/us/en/acrobat.html https://get.adobe.com/reader/ Description of the vulnerability Adobe Acrobat is a family of application software and Web services developed by Adobe Inc. to view, create, manipulate, print and manage files in Portable Document Format (PDF). Both Adobe Reader and Acrobat DC share the same AcroForm.api plugin: File Version 19.012.20040.17853 Adobe Reader and Adobe Acrobat DC crashes after executing the following Javascript code:...