Weekly Vulnerabilities Reports > January 6 to 12, 2020

Overview

322 new vulnerabilities reported during this period, including 33 critical vulnerabilities and 50 high severity vulnerabilities. This weekly summary report vulnerabilities in 653 products from 168 vendors including Mozilla, Google, Redhat, Opensuse, and Cisco. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Improper Input Validation", "Out-of-bounds Write", and "Out-of-bounds Read".

  • 281 reported vulnerabilities are remotely exploitables.
  • 21 reported vulnerabilities have public exploit available.
  • 121 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 251 reported vulnerabilities are exploitable by an anonymous user.
  • Mozilla has the most reported vulnerabilities, with 34 reported vulnerabilities.
  • Cisco has the most reported critical vulnerabilities, with 10 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

33 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-10 CVE-2012-4284 Sparklabs Local Privilege Escalation vulnerability in Sparklabs Viscosity 1.4.1

A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code

10.0
2020-01-09 CVE-2014-2651 Atos Improper Authentication vulnerability in Atos products

Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface

10.0
2020-01-09 CVE-2014-2650 Atos OS Command Injection vulnerability in Atos products

Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface

10.0
2020-01-08 CVE-2020-5510 Phpgurukul SQL Injection vulnerability in PHPgurukul Hostel Management System 2.0

PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.

10.0
2020-01-08 CVE-2019-19495 Technicolor Improper Input Validation vulnerability in Technicolor Tc7230 Steb Firmware 0.1.25

The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser.

10.0
2020-01-08 CVE-2014-1598 Centurystar Project Out-of-bounds Write vulnerability in Centurystar Project Centurystar 7.12

centurystar 7.12 ActiveX Control has a Stack Buffer Overflow

10.0
2020-01-07 CVE-2019-17146 Dlink Missing Authentication for Critical Function vulnerability in Dlink Dcs-935L Firmware and Dcs-960L Firmware

This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102.

10.0
2020-01-07 CVE-2013-5122 Cisco Improper Authentication vulnerability in Cisco products

Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open which leads to unauthenticated access

10.0
2020-01-06 CVE-2019-16273 Dten Unspecified vulnerability in Dten D5 Firmware and D7 Firmware

DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading to arbitrary code execution and system administration.

10.0
2020-01-06 CVE-2016-11017 Akips OS Command Injection vulnerability in Akips Network Monitor

The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a failed login attempt returns the command-injection output to a limited login failure field).

10.0
2020-01-06 CVE-2019-15976 Cisco Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager

Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.

10.0
2020-01-06 CVE-2019-15975 Cisco Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager

Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.

10.0
2020-01-10 CVE-2012-4603 Citrix
Microsoft
Improper Input Validation vulnerability in Citrix Receiver and Xenapp Online

Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver.

9.3
2020-01-09 CVE-2012-2950 Gatewaygeomatics
Microsoft
Unrestricted Upload of File with Dangerous Type vulnerability in Gatewaygeomatics Mapserver

Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information.

9.3
2020-01-09 CVE-2019-19494 Sagemcom
Netgear
Technicolor
Compal
Classic Buffer Overflow vulnerability in multiple products

Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser.

9.3
2020-01-08 CVE-2020-0002 Google Use After Free vulnerability in Google Android

In ih264d_init_decoder of ih264d_api.c, there is a possible out of bounds write due to a use after free.

9.3
2020-01-07 CVE-2019-17147 TP Link Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers.

9.3
2020-01-10 CVE-2019-19475 Zohocorp Incorrect Default Permissions vulnerability in Zohocorp Manageengine Applications Manager 14.3

An issue was discovered in ManageEngine Applications Manager 14 with Build 14360.

9.0
2020-01-10 CVE-2013-6231 ENG Improper Privilege Management vulnerability in ENG Spagobi 4.0

SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script

9.0
2020-01-09 CVE-2012-3490 Wisc Unspecified vulnerability in Wisc Htcondor

The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors.

9.0
2020-01-09 CVE-2019-14920 Billion Unspecified vulnerability in Billion Sg600 R2 Firmware 3.02

Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authenticated attacker to gain root execution privileges over the device via a hidden etc_ro/web/adm/system_command.asp shell feature.

9.0
2020-01-09 CVE-2019-20224 Artica OS Command Injection vulnerability in Artica Pandora FMS 7.0Ng

netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request.

9.0
2020-01-06 CVE-2015-5951 Thomsonreuters Unrestricted Upload of File with Dangerous Type vulnerability in Thomsonreuters Fatca

A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands.

9.0
2020-01-06 CVE-2019-19509 Rconfig OS Command Injection vulnerability in Rconfig 3.9.3

An issue was discovered in rConfig 3.9.3.

9.0
2020-01-06 CVE-2020-5514 Gilacms Unrestricted Upload of File with Dangerous Type vulnerability in Gilacms Gila CMS 1.11.8

Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI.

9.0
2020-01-06 CVE-2019-15985 Cisco SQL Injection vulnerability in Cisco Data Center Network Manager

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device.

9.0
2020-01-06 CVE-2019-15984 Cisco SQL Injection vulnerability in Cisco Data Center Network Manager

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device.

9.0
2020-01-06 CVE-2019-15982 Cisco Path Traversal vulnerability in Cisco Data Center Network Manager

Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.

9.0
2020-01-06 CVE-2019-15981 Cisco Path Traversal vulnerability in Cisco Data Center Network Manager

Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.

9.0
2020-01-06 CVE-2019-15980 Cisco Path Traversal vulnerability in Cisco Data Center Network Manager

Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.

9.0
2020-01-06 CVE-2019-15979 Cisco OS Command Injection vulnerability in Cisco Data Center Network Manager

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS).

9.0
2020-01-06 CVE-2019-15978 Cisco OS Command Injection vulnerability in Cisco Data Center Network Manager

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS).

9.0
2020-01-06 CVE-2019-5987 Anglers NET OS Command Injection vulnerability in Anglers-Net CGI An-Anlyzer 20190624

Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allows remote authenticated attackers to execute arbitrary OS commands via the Management Page.

9.0

50 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-06 CVE-2019-16716 Open Xchange Incorrect Default Permissions vulnerability in Open-Xchange Appsuite

OX App Suite through 7.10.2 has Incorrect Access Control.

8.5
2020-01-06 CVE-2019-15977 Cisco Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager

Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.

7.8
2020-01-11 CVE-2020-6840 Mruby Use After Free vulnerability in Mruby 2.1.0

In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c.

7.5
2020-01-11 CVE-2020-6839 Mruby Out-of-bounds Write vulnerability in Mruby 2.1.0

In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c.

7.5
2020-01-11 CVE-2020-6838 Mruby Use After Free vulnerability in Mruby 2.1.0

In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c.

7.5
2020-01-11 CVE-2020-6836 HOT Formula Parser Project Code Injection vulnerability in Hot-Formula-Parser Project Hot-Formula-Parser

grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is vulnerable to arbitrary code injection.

7.5
2020-01-10 CVE-2020-6835 Bftpd Project Off-by-one Error vulnerability in Bftpd Project Bftpd

An issue was discovered in Bftpd before 5.4.

7.5
2020-01-10 CVE-2011-5020 Online TV Database Project SQL Injection vulnerability in Online TV Database Project Online TV Database 2011

An SQL Injection vulnerability exists in the ID parameter in Online TV Database 2011.

7.5
2020-01-10 CVE-2013-7380 EP Imageconvert Project Injection vulnerability in EP Imageconvert Project EP Imageconvert 0.0.1/0.0.2

The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection Vulnerability

7.5
2020-01-10 CVE-2014-5081 Sphider
Sphiderpro
Sphider Plus
Improper Authentication vulnerability in multiple products

sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass

7.5
2020-01-10 CVE-2014-4984 Dejavuprotech SQL Injection vulnerability in Dejavuprotech Crescendo - Sales CRM

Déjà Vu Crescendo Sales CRM has remote SQL Injection

7.5
2020-01-10 CVE-2014-4982 Xorux Command Injection vulnerability in Xorux Lpar2Rrd

LPAR2RRD ? 4.53 and ? 3.5 has arbitrary command injection on the application server.

7.5
2020-01-09 CVE-2020-6756 Rasilient Improper Input Validation vulnerability in Rasilient Pixelstor 5000 Firmware 4.0.158020150629

languageOptions.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows unauthenticated attackers to remotely execute code via the lang parameter.

7.5
2020-01-09 CVE-2012-3807 Samsung Unspecified vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313

Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution.

7.5
2020-01-09 CVE-2012-2226 Invisioncommunity Unrestricted Upload of File with Dangerous Type vulnerability in Invisioncommunity Invision Power Board 2.0/3.0.4

Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file.

7.5
2020-01-09 CVE-2012-2714 Browserid Project Improper Authentication vulnerability in Browserid Project Browserid 7.X1.0/7.X1.1/7.X1.2

The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users via the audience identifier.

7.5
2020-01-09 CVE-2012-1259 Plixer SQL Injection vulnerability in Plixer Scrutinizer Netflow & Sflow Analyzer 8.6.2.16204

Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_exclusions.cgi, (2) getPermissionsAndPreferences parameter to cgi-bin/login.cgi, or (3) possibly certain parameters to d4d/alarms.php as demonstrated by the search_str parameter.

7.5
2020-01-09 CVE-2019-6330 HP Unspecified vulnerability in HP Access Control

A potential security vulnerability has been identified in the software solution HP Access Control versions prior to 16.7.

7.5
2020-01-09 CVE-2019-4651 IBM SQL Injection vulnerability in IBM Jazz Reporting Service 6.0.6.1

IBM Jazz Reporting Service (JRS) 6.0.6.1 is vulnerable to SQL injection.

7.5
2020-01-09 CVE-2014-3449 BSS Continuity CMS Project Missing Authentication for Critical Function vulnerability in BSS Continuity CMS Project BSS Continuty CMS 4.2.22640.0

BSS Continuity CMS 4.2.22640.0 has an Authentication Bypass vulnerability

7.5
2020-01-09 CVE-2014-3448 BSS Continuity CMS Project Unrestricted Upload of File with Dangerous Type vulnerability in BSS Continuity CMS Project BSS Continuty CMS 4.2.22640.0

BSS Continuity CMS 4.2.22640.0 has a Remote Code Execution vulnerability due to unauthenticated file upload

7.5
2020-01-08 CVE-2011-5266 Imperva SQL Injection vulnerability in Imperva Securesphere web Application Firewall

Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass.

7.5
2020-01-08 CVE-2019-5082 Wago Out-of-bounds Write vulnerability in Wago Pfc100 Firmware and Pfc200 Firmware

An exploitable heap buffer overflow vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC200 Firmware version 03.01.07(13), WAGO PFC200 Firmware version 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12).

7.5
2020-01-08 CVE-2019-10777 Amazon OS Command Injection vulnerability in Amazon Aws-Lambda

In aws-lambda versions prior to version 1.0.5, the "config.FunctioName" is used to construct the argument used within the "exec" function without any sanitization.

7.5
2020-01-08 CVE-2019-19518 Broadcom Improper Authentication vulnerability in Broadcom CA Automic Sysload 5.6.0/6.1.2

CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands.

7.5
2020-01-08 CVE-2019-17076 Jamf Deserialization of Untrusted Data vulnerability in Jamf

An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1.

7.5
2020-01-08 CVE-2019-10778 Devcert Sanscache Project OS Command Injection vulnerability in Devcert-Sanscache Project Devcert-Sanscache

devcert-sanscache before 0.4.7 allows remote attackers to execute arbitrary code or cause a Command Injection via the exec function.

7.5
2020-01-08 CVE-2014-2072 3DS Out-of-bounds Write vulnerability in 3DS Catia V56R2013

Dassault Systemes Catia V5-6R2013: Stack Buffer Overflow due to inadequate boundary checks

7.5
2020-01-08 CVE-2014-1860 Contao Deserialization of Untrusted Data vulnerability in Contao CMS

Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities

7.5
2020-01-08 CVE-2019-20361 Icegram SQL Injection vulnerability in Icegram Email Subscribers & Newsletters

There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability).

7.5
2020-01-07 CVE-2020-5841 Opservices SQL Injection vulnerability in Opservices Opmon 9.3.11

An issue was discovered in OpServices OpMon 9.3.1-1.

7.5
2020-01-07 CVE-2019-14906 Libsdl
Redhat
Out-of-bounds Write vulnerability in multiple products

A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability.

7.5
2020-01-07 CVE-2020-5307 Phpgurukul Dairy Farm Shop Management System Project SQL Injection vulnerability in PHPgurukul Dairy Farm Shop Management System Project PHPgurukul Dairy Farm Shop Management System 1.0

PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.

7.5
2020-01-07 CVE-2019-10776 GIT Diff Apply Project OS Command Injection vulnerability in Git-Diff-Apply Project Git-Diff-Apply

In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl.

7.5
2020-01-07 CVE-2014-8673 Soplanning SQL Injection vulnerability in Soplanning

Multiple SQL vulnerabilities exist in planning.php, user_list.php, projets.php, user_groupes.php, and groupe_list.php in Simple Online Planning (SOPPlanning)before 1.33.

7.5
2020-01-06 CVE-2019-6855 Schneider Electric
SE
Incorrect Authorization vulnerability in multiple products

Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers.

7.5
2020-01-06 CVE-2019-16272 Dten Insecure Default Initialization of Resource vulnerability in Dten D5 Firmware and D7 Firmware

On DTEN D5 and D7 before 1.3.4 devices, factory settings allows for firmware reflash and Android Debug Bridge (adb) enablement.

7.5
2020-01-06 CVE-2019-20343 Mojohaus Code Injection vulnerability in Mojohaus Exec Maven 1.1.1

The MojoHaus Exec Maven plugin 1.1.1 for Maven allows code execution via a crafted XML document because a configuration element (within a plugin element) can specify an arbitrary program in an executable element (and can also specify arbitrary command-line arguments in an arguments element).

7.5
2020-01-06 CVE-2020-5519 Litespeedtech Improper Input Validation vulnerability in Litespeedtech Openlitespeed

The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen.

7.5
2020-01-10 CVE-2019-14302 Ricoh Unspecified vulnerability in Ricoh products

On Ricoh SP C250DN 1.06 devices, a debug port can be used.

7.2
2020-01-10 CVE-2019-19820 Kyrol Release of Invalid Pointer or Reference vulnerability in Kyrol Internet Security 9.0.6.9

An invalid pointer vulnerability in IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402405 using METHOD_NEITHER results in a read primitive.

7.2
2020-01-09 CVE-2019-20373 Debian
Ltsp
LTSP LDM through 2.18.06 allows fat-client root access because the LDM_USERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax.
7.2
2020-01-09 CVE-2020-1787 Huawei Improper Authentication vulnerability in Huawei Mate 20 Firmware 9.0.0.205(C00E205R2P1)/9.1.0.131(C00E131R3P1)

HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability.

7.2
2020-01-09 CVE-2019-14919 Billion Use of Hard-coded Credentials vulnerability in Billion Sg600 R2 Firmware 3.02

An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device.

7.2
2020-01-08 CVE-2020-0001 Google Improper Privilege Management vulnerability in Google Android

In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly.

7.2
2020-01-08 CVE-2019-19544 Broadcom Improper Privilege Management vulnerability in Broadcom CA Automic Dollar Universe 5.3.3

CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges.

7.2
2020-01-08 CVE-2019-20362 Teradici
Microsoft
Unquoted Search Path or Element vulnerability in Teradici products

In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\Teradici\PCoIP.exe instead of the intended pcoip_vchan_printing_svc.exe file.

7.2
2020-01-07 CVE-2019-17148 Parallels Improper Privilege Management vulnerability in Parallels Desktop 14.1.3

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop version 14.1.3 (45485).

7.2
2020-01-06 CVE-2019-20348 Okerthai OS Command Injection vulnerability in Okerthai G232V1 Firmware 1.03.02.20161129

OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control.

7.2
2020-01-06 CVE-2019-9468 Google Double Free vulnerability in Google Android 10.0/11.0/20200601

In export_key_der of export_key.cpp, there is possible memory corruption due to a double free.

7.2

203 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-10 CVE-2019-18194 Totalav Unspecified vulnerability in Totalav 2020 4.14.31

TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escalation.

6.9
2020-01-09 CVE-2016-5311 Symantec Uncontrolled Search Path Element vulnerability in Symantec products

A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.

6.9
2020-01-07 CVE-2019-14866 GNU
Redhat
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives.
6.9
2020-01-10 CVE-2020-6377 Google
Opensuse
Fedoraproject
Redhat
Use After Free vulnerability in multiple products

Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-01-10 CVE-2019-13767 Google
Opensuse
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-01-10 CVE-2019-14304 Ricoh Cross-Site Request Forgery (CSRF) vulnerability in Ricoh products

Ricoh SP C250DN 1.06 devices allow CSRF.

6.8
2020-01-10 CVE-2014-5013 Dompdf Project Unspecified vulnerability in Dompdf Project Dompdf 0.5.2/0.6.0/0.6.1

DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383.

6.8
2020-01-09 CVE-2019-20374 Typora Cross-site Scripting vulnerability in Typora

A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks.

6.8
2020-01-09 CVE-2019-20184 Keepass Improper Neutralization of Formula Elements in a CSV File vulnerability in Keepass 2.4.1

KeePass 2.4.1 allows CSV injection in the title field of a CSV export.

6.8
2020-01-09 CVE-2012-2142 Freedesktop
Xpdfreader
Redhat
Opensuse
Security vulnerability in Poppler and xpdf

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.

6.8
2020-01-09 CVE-2020-6167 Webfactoryltd Cross-Site Request Forgery (CSRF) vulnerability in Webfactoryltd Minimal Coming Soon & Maintenance Mode

A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows a CSRF attack to enable maintenance mode, inject XSS, modify several important settings, or include remote files as a logo.

6.8
2020-01-09 CVE-2020-6628 Libming Out-of-bounds Read vulnerability in Libming 0.4.8

Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c.

6.8
2020-01-08 CVE-2020-6623 Nothings Reachable Assertion vulnerability in Nothings STB Truetype.H 1.22

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index.

6.8
2020-01-08 CVE-2020-6622 Nothings Out-of-bounds Read vulnerability in Nothings STB Truetype.H 1.22

stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8.

6.8
2020-01-08 CVE-2020-6621 Nothings Out-of-bounds Read vulnerability in Nothings STB Truetype.H 1.22

stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT.

6.8
2020-01-08 CVE-2020-6620 Nothings Out-of-bounds Read vulnerability in Nothings STB Truetype.H 1.22

stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8.

6.8
2020-01-08 CVE-2020-6619 Nothings Reachable Assertion vulnerability in Nothings STB Truetype.H 1.22

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek.

6.8
2020-01-08 CVE-2020-6618 Nothings Out-of-bounds Read vulnerability in Nothings STB Truetype.H 1.22

stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__find_table.

6.8
2020-01-08 CVE-2020-6617 Nothings Reachable Assertion vulnerability in Nothings STB Truetype.H 1.22

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int.

6.8
2020-01-08 CVE-2019-17025 Mozilla
Canonical
Out-of-bounds Write vulnerability in multiple products

Mozilla developers reported memory safety bugs present in Firefox 71.

6.8
2020-01-08 CVE-2019-17024 Mozilla
Canonical
Debian
Redhat
Classic Buffer Overflow vulnerability in multiple products

Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3.

6.8
2020-01-08 CVE-2019-17019 Mozilla Improper Input Validation vulnerability in Mozilla Firefox

When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download.

6.8
2020-01-08 CVE-2019-17017 Mozilla
Canonical
Debian
Redhat
Type Confusion vulnerability in Mozilla Firefox and Firefox ESR

Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash.

6.8
2020-01-08 CVE-2019-17015 Mozilla
Microsoft
Out-of-bounds Write vulnerability in Mozilla Firefox and Firefox ESR

During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process.

6.8
2020-01-08 CVE-2019-17013 Mozilla Classic Buffer Overflow vulnerability in Mozilla Firefox

Mozilla developers reported memory safety bugs present in Firefox 70.

6.8
2020-01-08 CVE-2019-17012 Mozilla
Opensuse
Classic Buffer Overflow vulnerability in multiple products

Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2.

6.8
2020-01-08 CVE-2019-17008 Mozilla
Opensuse
Use After Free vulnerability in Mozilla Firefox and Firefox ESR

When using nested workers, a use-after-free could occur during worker destruction.

6.8
2020-01-08 CVE-2019-17005 Mozilla
Opensuse
Classic Buffer Overflow vulnerability in multiple products

The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash.

6.8
2020-01-08 CVE-2020-6609 GNU Out-of-bounds Read vulnerability in GNU Libredwg 0.9.3.2564

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.

6.8
2020-01-08 CVE-2019-11764 Mozilla
Canonical
Out-of-bounds Write vulnerability in multiple products

Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1.

6.8
2020-01-08 CVE-2019-11760 Mozilla Out-of-bounds Write vulnerability in Mozilla Firefox and Firefox ESR

A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling.

6.8
2020-01-08 CVE-2019-11759 Mozilla Classic Buffer Overflow vulnerability in Mozilla Firefox and Firefox ESR

An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack.

6.8
2020-01-08 CVE-2019-11758 Mozilla Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox

Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed.

6.8
2020-01-08 CVE-2019-11757 Mozilla Use After Free vulnerability in Mozilla Firefox and Firefox ESR

When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it.

6.8
2020-01-08 CVE-2019-11756 Mozilla Use After Free vulnerability in Mozilla Firefox

Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service).

6.8
2020-01-08 CVE-2019-11745 Mozilla
Opensuse
Canonical
Debian
Redhat
Siemens
Out-of-bounds Write vulnerability in multiple products

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur.

6.8
2020-01-08 CVE-2014-5287 Kemptechnologies Injection vulnerability in Kemptechnologies Loadmaster

A Bash script injection vulnerability exists in Kemp Load Master 7.1-16 and earlier due to a failure to sanitize input in the Web User Interface (WUI).

6.8
2020-01-07 CVE-2019-6529 Kunbus Improper Input Validation vulnerability in Kunbus Pr100088 Modbus Gateway Firmware

An attacker could specially craft an FTP request that could crash the PR100088 Modbus gateway versions prior to release R02 (or Software Version 1.1.13166).

6.8
2020-01-06 CVE-2020-5513 Gilacms Path Traversal vulnerability in Gilacms Gila CMS 1.11.8

Gila CMS 1.11.8 allows /cm/delete?t=../ Directory Traversal.

6.8
2020-01-06 CVE-2020-5512 Gilacms Path Traversal vulnerability in Gilacms Gila CMS 1.11.8

Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal.

6.8
2020-01-10 CVE-2014-5092 Status2K Improper Input Validation vulnerability in Status2K

Status2k allows Remote Command Execution in admin/options/editpl.php.

6.5
2020-01-09 CVE-2020-6757 Rasilient Improper Input Validation vulnerability in Rasilient Pixelstor 5000 Firmware 4.0.158020150629

contentHostProperties.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows authenticated attackers to remotely execute code via the name parameter.

6.5
2020-01-09 CVE-2020-5504 Phpmyadmin
Suse
Debian
SQL Injection vulnerability in multiple products

In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page.

6.5
2020-01-09 CVE-2019-20183 Employee Records System Project Unrestricted Upload of File with Dangerous Type vulnerability in Employee Records System Project Employee Records System 1.0

uploadimage.php in Employee Records System 1.0 allows upload and execution of arbitrary PHP code because file-extension validation is only on the client side.

6.5
2020-01-09 CVE-2019-20179 Soplanning SQL Injection vulnerability in Soplanning

SOPlanning 1.45 has SQL injection via the user_list.php "by" parameter.

6.5
2020-01-09 CVE-2012-4434 Cipherdyne Incorrect Default Permissions vulnerability in Cipherdyne Fwknop 2.0/2.0.1/2.0.2

fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code.

6.5
2020-01-09 CVE-2012-2931 Tinywebgallery Injection vulnerability in Tinywebgallery

PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file.

6.5
2020-01-09 CVE-2020-6168 Webfactoryltd Incorrect Permission Assignment for Critical Resource vulnerability in Webfactoryltd Minimal Coming Soon & Maintenance Mode

A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows authenticated users with basic access to enable and disable maintenance-mode settings (impacting the availability and confidentiality of a vulnerable site, along with the integrity of the setting).

6.5
2020-01-08 CVE-2020-5511 Phpgurukul SQL Injection vulnerability in PHPgurukul Small CRM 2.0

PHPGurukul Small CRM v2.0 was found vulnerable to authentication bypass via SQL injection when logging into the administrator login page.

6.5
2020-01-07 CVE-2018-10465 Jamf Unspecified vulnerability in Jamf

Jamf Pro 10.x before 10.3.0 has Incorrect Access Control.

6.5
2020-01-07 CVE-2019-14819 Redhat Improper Privilege Management vulnerability in Redhat Openshift Container Platform 3.10/3.11

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster.

6.5
2020-01-07 CVE-2019-14843 Redhat Incorrect Authorization vulnerability in Redhat products

A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester.

6.5
2020-01-06 CVE-2015-4553 Dedecms Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.5/5.6/5.7

A file upload issue exists in DeDeCMS before 5.7-sp1, which allows malicious users getshell.

6.5
2020-01-06 CVE-2020-5204 Troglobit Classic Buffer Overflow vulnerability in Troglobit Uftpd

In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the format specifier string %d.%d.%d.%d.

6.5
2020-01-06 CVE-2020-5515 Gilacms SQL Injection vulnerability in Gilacms Gila CMS 1.11.8

Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection.

6.5
2020-01-06 CVE-2020-5192 Phpgurukul SQL Injection vulnerability in PHP 4.0

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised.

6.5
2020-01-10 CVE-2012-4030 Chamilo Improper Input Validation vulnerability in Chamilo LMS

Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files.

6.4
2020-01-08 CVE-2019-20367 Freedesktop
Debian
Canonical
Opensuse
Out-of-bounds Read vulnerability in multiple products

nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).

6.4
2020-01-08 CVE-2014-1409 Mobileiron XML Injection (aka Blind XPath Injection) vulnerability in Mobileiron Sentry and Virtual Smartphone Platform

MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords

6.4
2020-01-07 CVE-2019-14837 Redhat Use of Hard-coded Credentials vulnerability in Redhat Keycloak and Single Sign-On

A flaw was found in keycloack before version 8.0.0.

6.4
2020-01-06 CVE-2019-18792 Suricata IDS
Debian
Code Injection vulnerability in multiple products

An issue was discovered in Suricata 5.0.0.

6.4
2020-01-09 CVE-2019-20180 Tablepress Improper Neutralization of Formula Elements in a CSV File vulnerability in Tablepress

The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users.

6.0
2020-01-10 CVE-2020-6162 Bftpd Project Out-of-bounds Read vulnerability in Bftpd Project Bftpd 5.3

An issue was discovered in Bftpd 5.3.

5.8
2020-01-09 CVE-2019-20178 Advisto Cross-Site Request Forgery (CSRF) vulnerability in Advisto Peel Shopping 9.2.1

Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user.

5.8
2020-01-09 CVE-2019-6319 HP Cross-Site Request Forgery (CSRF) vulnerability in HP products

HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration.

5.8
2020-01-09 CVE-2019-6320 HP Cross-Site Request Forgery (CSRF) vulnerability in HP products

Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration.

5.8
2020-01-09 CVE-2020-6625 Jhead Project Out-of-bounds Read vulnerability in Jhead Project Jhead

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c.

5.8
2020-01-09 CVE-2020-6624 Jhead Project Out-of-bounds Read vulnerability in Jhead Project Jhead

jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c.

5.8
2020-01-08 CVE-2019-9812 Mozilla Improper Input Validation vulnerability in Mozilla Firefox

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account.

5.8
2020-01-08 CVE-2019-17001 Mozilla Cross-site Scripting vulnerability in Mozilla Firefox 69.0

A Content-Security-Policy that blocks in-line scripts could be bypassed using an object tag to execute JavaScript in the protected document (cross-site scripting).

5.8
2020-01-08 CVE-2020-6614 GNU Out-of-bounds Read vulnerability in GNU Libredwg 0.9.3.2564

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.

5.8
2020-01-08 CVE-2020-6613 GNU Out-of-bounds Read vulnerability in GNU Libredwg 0.9.3.2564

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.

5.8
2020-01-08 CVE-2020-6612 GNU Out-of-bounds Read vulnerability in GNU Libredwg 0.9.3.2564

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.

5.8
2020-01-08 CVE-2019-17000 Mozilla Cross-site Scripting vulnerability in Mozilla Firefox

An object tag with a data URI did not correctly inherit the document's Content Security Policy.

5.8
2020-01-08 CVE-2019-11762 Mozilla Origin Validation Error vulnerability in Mozilla Firefox and Firefox ESR

If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window.

5.8
2020-01-08 CVE-2019-11761 Mozilla Race Condition vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird

By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content.

5.8
2020-01-07 CVE-2019-17151 Tencent Open Redirect vulnerability in Tencent Wechat

This vulnerability allows remote attackers redirect users to an external resource on affected installations of Tencent WeChat Prior to 7.0.9.

5.8
2020-01-07 CVE-2019-18386 Unisys Improper Input Validation vulnerability in Unisys MCP Firmware

Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel

5.8
2020-01-06 CVE-2019-20352 Nasm Out-of-bounds Read vulnerability in Nasm Netwide Assembler 2.15

In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c.

5.8
2020-01-09 CVE-2019-19332 Linux
Redhat
Out-of-bounds Write vulnerability in Linux Kernel

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor.

5.6
2020-01-09 CVE-2020-6166 Webfactoryltd Incorrect Default Permissions vulnerability in Webfactoryltd Minimal Coming Soon & Maintenance Mode

A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.15, allows authenticated users with basic access to export settings and change maintenance-mode themes.

5.5
2020-01-09 CVE-2020-5205 Powauth Session Fixation vulnerability in Powauth POW

In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database.

5.5
2020-01-07 CVE-2019-14879 Moodle Improper Check for Dropped Privileges vulnerability in Moodle

A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9.

5.5
2020-01-08 CVE-2019-17011 Mozilla
Opensuse
Use After Free vulnerability in multiple products

Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash.

5.1
2020-01-08 CVE-2019-17010 Mozilla
Opensuse
Use After Free vulnerability in multiple products

Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash.

5.1
2020-01-10 CVE-2019-14306 Ricoh Unspecified vulnerability in Ricoh products

Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).

5.0
2020-01-10 CVE-2019-14301 Ricoh Information Exposure vulnerability in Ricoh products

Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2).

5.0
2020-01-10 CVE-2012-3824 Arialsoftware Improper Authentication vulnerability in Arialsoftware Campaign Enterprise

In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible without authentication or authorization.

5.0
2020-01-10 CVE-2012-3823 Arialsoftware Insufficiently Protected Credentials vulnerability in Arialsoftware Campaign Enterprise

Arial Campaign Enterprise before 11.0.551 stores passwords in clear text and these may be retrieved.

5.0
2020-01-10 CVE-2012-3822 Arialsoftware Incorrect Authorization vulnerability in Arialsoftware Campaign Enterprise

Arial Campaign Enterprise before 11.0.551 has unauthorized access to the User-Edit.asp page, which allows remote attackers to enumerate users' credentials.

5.0
2020-01-10 CVE-2019-4559 IBM Information Exposure vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3.0 through 7.3.3 discloses sensitive information to unauthorized users.

5.0
2020-01-10 CVE-2020-1765 Otrs Improper Input Validation vulnerability in Otrs

An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound.

5.0
2020-01-10 CVE-2014-5093 Status2K Insufficiently Protected Credentials vulnerability in Status2K

Status2k does not remove the install directory allowing credential reset.

5.0
2020-01-09 CVE-2012-3810 Samsung Unspecified vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313

Samsung Kies before 2.5.0.12094_27_11 has registry modification.

5.0
2020-01-09 CVE-2012-3809 Samsung Unspecified vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313

Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification.

5.0
2020-01-09 CVE-2012-3808 Samsung Unspecified vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313

Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification.

5.0
2020-01-09 CVE-2012-3806 Samsung NULL Pointer Dereference vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313

Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service.

5.0
2020-01-09 CVE-2012-2724 MD Systems Information Exposure vulnerability in Md-Systems Simplenews

The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows remote attackers to obtain sensitive information via the confirmation page.

5.0
2020-01-09 CVE-2020-1925 Apache Server-Side Request Forgery (SSRF) vulnerability in Apache Olingo

Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL.

5.0
2020-01-09 CVE-2020-1810 Huawei Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei products

There is a weak algorithm vulnerability in some Huawei products.

5.0
2020-01-09 CVE-2014-3447 BSS Continuity CMS Project Resource Exhaustion vulnerability in BSS Continuity CMS Project BSS Continuty CMS 4.2.22640.0

BSS Continuity CMS 4.2.22640.0 has a Remote Denial Of Service vulnerability

5.0
2020-01-09 CVE-2014-3211 Publify Project Resource Exhaustion vulnerability in Publify Project Publify

Publify before 8.0.1 is vulnerable to a Denial of Service attack

5.0
2020-01-09 CVE-2014-2686 Redhat Always-Incorrect Control Flow Implementation vulnerability in Redhat Ansible

Ansible prior to 1.5.4 mishandles the evaluation of some strings.

5.0
2020-01-08 CVE-2011-5247 Prophecyinternational Cleartext Storage of Sensitive Information vulnerability in Prophecyinternational Snare

Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword.

5.0
2020-01-08 CVE-2019-17018 Mozilla Information Exposure vulnerability in Mozilla Firefox

When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard.

5.0
2020-01-08 CVE-2020-5183 Ftpgetter NULL Pointer Dereference vulnerability in Ftpgetter 5.97.0.223

FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption bug when a user sends a specially crafted string to the application.

5.0
2020-01-08 CVE-2020-6170 Genexis Missing Authentication for Critical Function vulnerability in Genexis Platinum-4410 Firmware 1.28

An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials from the HTML source code of the cgi-bin/index2.asp URI.

5.0
2020-01-08 CVE-2019-20360 Impress Improper Authentication vulnerability in Impress Givewp

A flaw in Give before 2.5.5, a WordPress plugin, allowed unauthenticated users to bypass API authentication methods and access personally identifiable user information (PII) including names, addresses, IP addresses, and email addresses.

5.0
2020-01-08 CVE-2014-5209 NTP
F5
Information Exposure vulnerability in multiple products

An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.

5.0
2020-01-07 CVE-2013-5657 Aultware Denial of Service vulnerability in Aultware Pwstore 2010.8.30.0

AultWare pwStore 2010.8.30.0 has DoS via an empty HTTP request

5.0
2020-01-06 CVE-2019-6857 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service of the controller when reading specific memory blocks using Modbus TCP.

5.0
2020-01-06 CVE-2019-6856 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.

5.0
2020-01-06 CVE-2018-7794 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using Modbus TCP.

5.0
2020-01-06 CVE-2019-18625 Suricata IDS
Linux
Microsoft
Unspecified vulnerability in Suricata-Ids Suricata 5.0.0

An issue was discovered in Suricata 5.0.0.

5.0
2020-01-06 CVE-2019-16271 Dten Missing Authentication for Critical Function vulnerability in Dten D5 Firmware and D7 Firmware

DTEN D5 and D7 before 1.3.2 devices allows remote attackers to read saved whiteboard image PDF documents via storage/emulated/0/Notes/PDF on TCP port 8080 without authentication.

5.0
2020-01-06 CVE-2019-16274 Dten Missing Encryption of Sensitive Data vulnerability in Dten D5 Firmware and D7 Firmware

DTEN D5 before 1.3 and D7 before 1.3 devices transfer customer data files via unencrypted HTTP.

5.0
2020-01-06 CVE-2020-5840 Hashbrowncms Path Traversal vulnerability in Hashbrowncms Hashbrown CMS

An issue was discovered in HashBrown CMS before 1.3.2.

5.0
2020-01-06 CVE-2019-5990 Anglers NET Insufficiently Protected Credentials vulnerability in Anglers-Net CGI An-Anlyzer 20190624

Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allow remote attackers to obtain a login password via HTTP referer.

5.0
2020-01-08 CVE-2020-0004 Google Improper Handling of Exceptional Conditions vulnerability in Google Android

In generateCrop of WallpaperManagerService.java, there is a possible sysui crash due to image exceeding maximum texture size.

4.9
2020-01-08 CVE-2019-17009 Mozilla
Microsoft
Opensuse
When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service.
4.6
2020-01-08 CVE-2019-5188 E2Fsprogs Project
Fedoraproject
Debian
Canonical
Opensuse
Out-of-bounds Write vulnerability in multiple products

A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4.

4.6
2020-01-07 CVE-2013-5656 Fuzezip Project Out-of-bounds Write vulnerability in Fuzezip Project Fuzezip 1.0.0.131625

FuzeZip 1.0.0.131625 has a Local Buffer Overflow vulnerability

4.6
2020-01-06 CVE-2019-6854 Schneider Electric Unspecified vulnerability in Schneider-Electric Clearscada 2017

A CWE-287: Improper Authentication vulnerability exists in a folder within EcoStruxure Geo SCADA Expert (ClearSCADA) -with initial releases before 1 January 2019- which could cause a low privilege user to delete or modify database, setting or certificate files.

4.6
2020-01-06 CVE-2019-19585 Rconfig Improper Privilege Management vulnerability in Rconfig 3.9.3

An issue was discovered in rConfig 3.9.3.

4.6
2020-01-06 CVE-2019-9471 Google Out-of-bounds Write vulnerability in Google Android

In set_outbound_iatu of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check.

4.6
2020-01-06 CVE-2019-9470 Google Out-of-bounds Write vulnerability in Google Android

In dma_sblk_start of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check.

4.6
2020-01-06 CVE-2019-9469 Google Out-of-bounds Write vulnerability in Google Android

In km_compute_shared_hmac of km4.c, there is a possible out of bounds write due to improper input validation.

4.6
2020-01-08 CVE-2016-6593 Symantec Untrusted Search Path vulnerability in Symantec VIP Access Desktop

A code-execution vulnerability exists during startup in jhi.dll and otpiha.dll in Symantec VIP Access Desktop before 2.2.2, which could let local malicious users execute arbitrary code.

4.4
2020-01-08 CVE-2016-6590 Symantec Improper Privilege Management vulnerability in Symantec products

A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.

4.4
2020-01-11 CVE-2019-20377 Tophub Cross-site Scripting vulnerability in Tophub Toplist

TopList before 2019-09-03 allows XSS via a title.

4.3
2020-01-11 CVE-2019-20379 Ganglia Cross-site Scripting vulnerability in Ganglia Ganglia-Web

ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter.

4.3
2020-01-11 CVE-2019-20378 Ganglia Cross-site Scripting vulnerability in Ganglia Ganglia-Web

ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter.

4.3
2020-01-10 CVE-2019-19819 Gonitro NULL Pointer Dereference vulnerability in Gonitro Nitropdf 12.0.0.112

The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content.

4.3
2020-01-10 CVE-2019-19817 Gonitro Out-of-bounds Read vulnerability in Gonitro Nitro Free PDF Reader 12.0.0.112

The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x2e8a Out-of-Bounds Read via crafted Unicode content.

4.3
2020-01-10 CVE-2020-1766 Otrs Cross-site Scripting vulnerability in Otrs

Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file.

4.3
2020-01-10 CVE-2014-4561 Ultimate Weather Project Cross-site Scripting vulnerability in Ultimate-Weather Project Ultimate-Weather 1.0

The ultimate-weather plugin 1.0 for WordPress has XSS

4.3
2020-01-10 CVE-2011-4595 Caseproof Cross-site Scripting vulnerability in Caseproof Pretty Link 1.5.2

Pretty-Link WordPress plugin 1.5.2 has XSS

4.3
2020-01-10 CVE-2014-4530 Flog Project Cross-site Scripting vulnerability in Flog Project Flog 0.1

flog plugin 0.1 for WordPress has XSS

4.3
2020-01-10 CVE-2014-5012 Dompdf Project Unspecified vulnerability in Dompdf Project Dompdf 0.5.2/0.6.0/0.6.1

DOMPDF before 0.6.2 allows denial of service.

4.3
2020-01-10 CVE-2014-5011 Dompdf Project Information Exposure vulnerability in Dompdf Project Dompdf 0.5.2/0.6.0/0.6.1

DOMPDF before 0.6.2 allows Information Disclosure.

4.3
2020-01-10 CVE-2019-20376 PSI Cross-site Scripting vulnerability in PSI Electronic Logbook 3.1.4

A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c.

4.3
2020-01-10 CVE-2019-20375 PSI Cross-site Scripting vulnerability in PSI Electronic Logbook 3.1.4

A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization (loc) command to elogd.c.

4.3
2020-01-09 CVE-2020-6758 Rasilient Cross-site Scripting vulnerability in Rasilient Pixelstor 5000 Firmware 4.0.158020150629

A cross-site scripting (XSS) vulnerability in Option/optionsAll.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows remote attackers to inject arbitrary web script or HTML via the ContentFrame parameter.

4.3
2020-01-09 CVE-2019-20372 Nginx HTTP Request Smuggling vulnerability in Nginx

NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

4.3
2020-01-09 CVE-2019-18859 Digi Cross-site Scripting vulnerability in Digi Anywhereusb/14 Firmware 1.93.21.19

Digi AnywhereUSB 14 allows XSS via a link for the Digi Page.

4.3
2020-01-09 CVE-2012-1915 Codeigniter Cross-site Scripting vulnerability in Codeigniter

EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.

4.3
2020-01-09 CVE-2020-6750 Gnome
Fedoraproject
GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled.
4.3
2020-01-09 CVE-2012-1261 Plixer Cross-site Scripting vulnerability in Plixer Scrutinizer Netflow & Sflow Analyzer 5.0.2/8.6.2.16204

Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter.

4.3
2020-01-09 CVE-2012-1260 Plixer Cross-site Scripting vulnerability in Plixer Scrutinizer Netflow & Sflow Analyzer 8.6.2.16204

Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allows remote attackers to inject arbitrary web script or HTML via the newUser parameter.

4.3
2020-01-09 CVE-2014-3753 1Password Information Exposure vulnerability in 1Password

AgileBits 1Password through 1.0.9.340 allows security feature bypass

4.3
2020-01-09 CVE-2020-5308 Phpgurukul Dairy Farm Shop Management System Project Cross-site Scripting vulnerability in PHPgurukul Dairy Farm Shop Management System Project PHPgurukul Dairy Farm Shop Management System 1.0

PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php.

4.3
2020-01-09 CVE-2020-6632 Prestashop Cross-site Scripting vulnerability in Prestashop 1.7.6.2

In PrestaShop 1.7.6.2, XSS can occur during addition or removal of a QuickAccess link.

4.3
2020-01-09 CVE-2020-6631 Gpac NULL Pointer Dereference vulnerability in Gpac 0.8.0

An issue was discovered in GPAC version 0.8.0.

4.3
2020-01-09 CVE-2020-6630 Gpac NULL Pointer Dereference vulnerability in Gpac 0.8.0

An issue was discovered in GPAC version 0.8.0.

4.3
2020-01-09 CVE-2020-6629 Libming NULL Pointer Dereference vulnerability in Libming 0.4.8

Ming (aka libming) 0.4.8 has z NULL pointer dereference in the function decompileGETURL2() in decompile.c.

4.3
2020-01-08 CVE-2011-5250 Prophecyinternational Cross-Site Request Forgery (CSRF) vulnerability in Prophecyinternational Snare

Snare for Linux before 1.7.0 has CSRF in the web interface.

4.3
2020-01-08 CVE-2011-5018 Koala Framework Cross-site Scripting vulnerability in Koala-Framework Koala Framework

Koala Framework before 2011-11-21 has XSS via the request_uri parameter.

4.3
2020-01-08 CVE-2019-17023 Mozilla
Canonical
Improper Authentication vulnerability in multiple products

After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine.

4.3
2020-01-08 CVE-2019-17022 Mozilla
Canonical
Debian
Redhat
Cross-site Scripting vulnerability in Mozilla Firefox and Firefox ESR

When pasting a &lt;style&gt; tag from the clipboard into a rich text editor, the CSS sanitizer does not escape &lt; and &gt; characters.

4.3
2020-01-08 CVE-2019-17020 Mozilla
Canonical
Improper Input Validation vulnerability in multiple products

If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet.

4.3
2020-01-08 CVE-2019-17016 Mozilla
Debian
Canonical
Redhat
Cross-site Scripting vulnerability in Mozilla Firefox and Firefox ESR

When pasting a &lt;style&gt; tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule.

4.3
2020-01-08 CVE-2019-17014 Mozilla Inclusion of Functionality from Untrusted Control Sphere vulnerability in Mozilla Firefox

If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak.

4.3
2020-01-08 CVE-2019-17002 Mozilla Improper Input Validation vulnerability in Mozilla Firefox

If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https.

4.3
2020-01-08 CVE-2020-6615 GNU NULL Pointer Dereference vulnerability in GNU Libredwg 0.9.3.2564

GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).

4.3
2020-01-08 CVE-2020-6611 GNU NULL Pointer Dereference vulnerability in GNU Libredwg 0.9.3.2564

GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.

4.3
2020-01-08 CVE-2020-6610 GNU
Opensuse
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.

4.3
2020-01-08 CVE-2019-11765 Mozilla Incorrect Default Permissions vulnerability in Mozilla Firefox

A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown.

4.3
2020-01-08 CVE-2020-6583 Bigprof Cross-site Scripting vulnerability in Bigprof Online Invoicing System

BigProf Online Invoicing System (OIS) through 2.6 has XSS that can be leveraged for session hijacking.

4.3
2020-01-08 CVE-2019-11763 Mozilla Cross-site Scripting vulnerability in Mozilla Firefox and Firefox ESR

Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities.

4.3
2020-01-08 CVE-2020-0006 Google Use of Uninitialized Resource vulnerability in Google Android

In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of heap memory due to uninitialized data.

4.3
2020-01-08 CVE-2019-20366 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.4.4

An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Contents.

4.3
2020-01-08 CVE-2019-20365 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.4.4

An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via search to the Users/Group search page.

4.3
2020-01-08 CVE-2019-20364 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.4.4

An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via cacheName to SystemCacheDetails.jsp.

4.3
2020-01-08 CVE-2019-20363 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.4.4

An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via alias to Manage Store Contents.

4.3
2020-01-08 CVE-2016-6586 Symantec Improper Input Validation vulnerability in Symantec Norton Mobile Security

A security bypass vulnerability exists in Symantec Norton Mobile Security for Android before 3.16, which could let a malicious user conduct a man-in-the-middle via specially crafted JavaScript to add arbitrary URLs to the URL whitelist.

4.3
2020-01-08 CVE-2020-6163 Mediawiki Cross-site Scripting vulnerability in Mediawiki 1.35

The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template syntax within the PropertySuggestionsWidget template (in the templates/search/PropertySuggestionsWidget.mustache+dom file).

4.3
2020-01-07 CVE-2019-18652 Watchguard Cross-site Scripting vulnerability in Watchguard Xmt515 Firmware 12.3

A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 through 12.1.3, allowing a remote attacker to execute JavaScript in the victim's browser by tricking the victim into clicking on a crafted link.

4.3
2020-01-07 CVE-2020-5842 Codologic Cross-site Scripting vulnerability in Codologic Codoforum 4.8.3

Codoforum 4.8.3 allows XSS in the user registration page: via the username field to the index.php?u=/user/register URI.

4.3
2020-01-07 CVE-2019-16154 Fortinet Cross-site Scripting vulnerability in Fortinet Fortiauthenticator 6.0.0

An improper neutralization of input during web page generation in FortiAuthenticator WEB UI 6.0.0 may allow an unauthenticated user to perform a cross-site scripting attack (XSS) via a parameter of the logon page.

4.3
2020-01-07 CVE-2019-14834 Thekelleys
Fedoraproject
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.

4.3
2020-01-07 CVE-2013-5658 Aultware Cross-site Scripting vulnerability in Aultware Pwstore 2010.8.30.0

AultWare pwStore 2010.8.30.0 has XSS

4.3
2020-01-07 CVE-2020-5393 Appspace Cross-site Scripting vulnerability in Appspace On-Prem

In Appspace On-Prem through 7.1.3, an adversary can steal a session token via XSS.

4.3
2020-01-06 CVE-2019-18842 Usriot Cross-site Scripting vulnerability in Usriot products

A cross-site scripting (XSS) vulnerability in the configuration web interface of the Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module with web version 1.2.2 allows attackers to leak credentials of the Wi-Fi access point the module is logged into, and the web interface login credentials, by opening a Wi-Fi access point nearby with a malicious SSID.

4.3
2020-01-06 CVE-2019-16717 Open Xchange Cross-site Scripting vulnerability in Open-Xchange Appsuite

OX App Suite through 7.10.2 has XSS.

4.3
2020-01-06 CVE-2014-3743 Marked Project Cross-site Scripting vulnerability in Marked Project Marked

Multiple cross-site scripting (XSS) vulnerabilities in the Marked module before 0.3.1 for Node.js allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) gfm codeblocks (language) or (2) javascript url's.

4.3
2020-01-06 CVE-2019-15603 Seeftl Project Cross-site Scripting vulnerability in Seeftl Project Seeftl 0.1.1

The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability via a malicious filename rendered in a directory listing.

4.3
2020-01-06 CVE-2019-15602 Itwork Cross-site Scripting vulnerability in Itwork Fileview 0.1.6

The fileview package v0.1.6 has inadequate output encoding and escaping, which leads to a stored Cross-Site Scripting (XSS) vulnerability in files it serves.

4.3
2020-01-06 CVE-2019-5989 Anglers NET Cross-site Scripting vulnerability in Anglers-Net CGI An-Anlyzer 20190624

DOM-based cross-site scripting vulnerability in Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allows remote attackers to inject arbitrary web script or HTML via the Analysis Object Page.

4.3
2020-01-06 CVE-2019-5988 Anglers NET Cross-site Scripting vulnerability in Anglers-Net CGI An-Anlyzer 20190624

Stored cross-site scripting vulnerability in Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allows remote attackers to inject arbitrary web script or HTML via the Management Page.

4.3
2020-01-06 CVE-2020-5191 Phpgurukul Cross-site Scripting vulnerability in PHP 4.0

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities.

4.3
2020-01-06 CVE-2019-19265 Icewarp Cross-site Scripting vulnerability in Icewarp Mail Server

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 1 of 2) in notes for contacts.

4.3
2020-01-10 CVE-2012-3821 Arialsoftware Incorrect Authorization vulnerability in Arialsoftware Campaign Enterprise 11.0.551

A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field.

4.0
2020-01-09 CVE-2012-1258 Plixer Improper Authentication vulnerability in Plixer Scrutinizer Netflow & Sflow Analyzer 5.0.2/8.6.2.16204

cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters.

4.0
2020-01-09 CVE-2019-11292 Pivotal Software Information Exposure vulnerability in Pivotal Software Operations Manager

Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2.5.24, 2.6.x prior to 2.6.16, and 2.7.x prior to 2.7.5, logs all query parameters to tomcat’s access file.

4.0
2020-01-08 CVE-2016-6589 Symantec Improper Input Validation vulnerability in Symantec IT Management Suite 8.0

A Denial of Service vulnerability exists in the ITMS workflow process manager login window in Symantec IT Management Suite 8.0.

4.0
2020-01-08 CVE-2019-14820 Redhat Unspecified vulnerability in Redhat products

It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL.

4.0
2020-01-07 CVE-2019-6700 Fortinet Insufficiently Protected Credentials vulnerability in Fortinet Fortisiem

An information exposure vulnerability in the external authentication profile form of FortiSIEM 5.2.2 and earlier may allow an authenticated attacker to retrieve the external authentication password via the HTML source code.

4.0
2020-01-07 CVE-2019-14854 Redhat Information Exposure Through Log Files vulnerability in Redhat Openshift Container Platform 4.1/4.2

OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the log level in a given operator is set to Debug or higher.

4.0
2020-01-06 CVE-2020-5846 Ahsay Unrestricted Upload of File with Dangerous Type vulnerability in Ahsay Cloud Backup Suite 8.3.0.30

An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.3.0.30 via a "PUT /obs/obm7/file/upload" request with the base64-encoded pathname in the X-RSW-custom-encode-path HTTP header, and the content in the HTTP request body.

4.0
2020-01-06 CVE-2019-18179 Otrs
Debian
Information Exposure vulnerability in multiple products

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23.

4.0
2020-01-06 CVE-2019-15999 Cisco Unspecified vulnerability in Cisco Data Center Network Manager

A vulnerability in the application environment of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain unauthorized access to the JBoss Enterprise Application Platform (JBoss EAP) on an affected device.

4.0
2020-01-06 CVE-2019-15983 Cisco XXE vulnerability in Cisco Data Center Network Manager

A vulnerability in the SOAP API of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system.

4.0
2020-01-06 CVE-2019-20354 Pisignage Path Traversal vulnerability in Pisignage

The web application component of piSignage before 2.6.4 allows a remote attacker (authenticated as a low-privilege user) to download arbitrary files from the Raspberry Pi via api/settings/log?file=../ path traversal.

4.0

36 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-08 CVE-2020-0003 Google Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 8.0

In onCreate of InstallStart.java, there is a possible package validation bypass due to a time-of-check time-of-use vulnerability.

3.7
2020-01-11 CVE-2020-6847 Opentrade Project Cross-site Scripting vulnerability in Opentrade Project Opentrade 0.2.0

OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator attempts to delete a message that contains JavaScript.

3.5
2020-01-10 CVE-2019-18588 Dell Cross-site Scripting vulnerability in Dell EMC Powermax and EMC Unisphere for Powermax

Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability.

3.5
2020-01-10 CVE-2020-1767 Otrs Unspecified vulnerability in Otrs

Agent A is able to save a draft (i.e.

3.5
2020-01-10 CVE-2013-6430 Pivotal Software Cross-site Scripting vulnerability in Pivotal Software Spring Framework

The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.

3.5
2020-01-09 CVE-2019-20182 Fooplugins Cross-site Scripting vulnerability in Fooplugins Foogallery

The FooGallery plugin 1.8.12 for WordPress allow XSS via the post_title parameter.

3.5
2020-01-09 CVE-2019-20181 Getawesomesupport Cross-site Scripting vulnerability in Getawesomesupport Awesome Support

The awesome-support plugin 5.8.0 for WordPress allows XSS via the post_title parameter.

3.5
2020-01-09 CVE-2012-5558 Smiley Project
Smileys Project
Cross-site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary web script or HTML via a smiley acronym.

3.5
2020-01-09 CVE-2019-6332 HP Cross-site Scripting vulnerability in HP products

A potential security vulnerability has been identified with certain HP InkJet printers.

3.5
2020-01-09 CVE-2019-14918 Billion Cross-site Scripting vulnerability in Billion Sg600 R2 Firmware 3.02

XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etc_ro/web/internet/dhcpcliinfo.asp.

3.5
2020-01-08 CVE-2016-6585 Symantec Improper Input Validation vulnerability in Symantec Norton Mobile Security

A Denial of Service vulnerability exists in Symantec Norton Mobile Security for Android prior to 3.16, which could let a remote malicious user conduct a man-in-the-middle attack via specially crafted JavaScript.

3.5
2020-01-08 CVE-2016-6588 Symantec Cross-site Scripting vulnerability in Symantec IT Management Suite 8.0

A Cross-Site Scripting (XSS) vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8.0.

3.5
2020-01-08 CVE-2014-1454 Pearson Cross-site Scripting vulnerability in Pearson Esis Enterprise Student Information System

Pearson eSIS (Enterprise Student Information System) message board has stored XSS due to improper validation of user input

3.5
2020-01-07 CVE-2013-5638 Transcend Info Cross-site Scripting vulnerability in Transcend-Info Wifisd Firmware 1.8

Transcend WiFiSD 1.8 has persistent XSS

3.5
2020-01-07 CVE-2013-5637 Pqigroup Cross-site Scripting vulnerability in Pqigroup AIR Card Firmware

PQI AirCard has persistent XSS

3.5
2020-01-07 CVE-2020-5843 Codologic Cross-site Scripting vulnerability in Codologic Codoforum 4.8.3

Codoforum 4.8.3 allows XSS in the admin dashboard via a category to the Manage Users screen.

3.5
2020-01-06 CVE-2014-9405 Free Cross-site Scripting vulnerability in Free Freebox OS 3.0.2

A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code.

3.5
2020-01-06 CVE-2014-8674 Soplanning Cross-site Scripting vulnerability in Soplanning

Multiple Cross-Site Scripting (XSS) vulnerabilities exist in Simple Online Planning (SOPlanning) before 1.33 via the document.cookie in nb_mois and mb_ligness and the debug GET parameter to export.php, which allows malicious users to execute arbitrary code.

3.5
2020-01-06 CVE-2015-4039 E Plugins Cross-site Scripting vulnerability in E-Plugins WP Membership 1.2.3

Multiple cross-site scripting (XSS) vulnerabilities in the WP Membership plugin 1.2.3 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via unspecified (1) profile fields or (2) new post content.

3.5
2020-01-06 CVE-2019-19266 Icewarp Cross-site Scripting vulnerability in Icewarp Mail Server

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 2 of 2) in notes for objects.

3.5
2020-01-08 CVE-2016-6591 Symantec Incorrect Authorization vulnerability in Symantec Norton APP Lock 1.0.3.186

A security bypass vulnerability exists in Symantec Norton App Lock 1.0.3.186 and earlier if application pinning is enabled, which could let a local malicious user bypass security restrictions.

3.3
2020-01-08 CVE-2014-9908 Google Denial of Service vulnerability in Google Android 4.4/5.0.2/5.1.1

A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558).

3.3
2020-01-08 CVE-2019-17021 Mozilla
Opensuse
Race Condition vulnerability in multiple products

During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process.

2.6
2020-01-07 CVE-2013-5571 Hmailserver Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hmailserver

HMailServer 5.3.x and prior: Memory Corruption which could cause DOS

2.6
2020-01-10 CVE-2019-4508 IBM Insufficiently Protected Credentials vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage in some instances which could be decrypted by a local attacker.

2.1
2020-01-09 CVE-2019-6331 HP Information Exposure vulnerability in HP Samsung Mobile Print

An issue was found in Samsung Mobile Print (Android) versions prior to 4.08.007.

2.1
2020-01-09 CVE-2020-1786 Huawei Improper Authentication vulnerability in Huawei Mate 20 PRO Firmware 9.1.0.135(C00E133R3P1)/9.1.0.310(C185E10R2P1)

HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69R3P8) have an improper authentication vulnerability.

2.1
2020-01-09 CVE-2020-1826 Huawei Information Exposure vulnerability in Huawei Honor Magic2 Firmware

Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an information leak vulnerability.

2.1
2020-01-08 CVE-2020-0007 Google Use of Uninitialized Resource vulnerability in Google Android

In flattenString8 of Sensor.cpp, there is a possible information disclosure of heap memory due to uninitialized data.

2.1
2020-01-08 CVE-2016-5346 Google Information Exposure vulnerability in Google Android

An Information Disclosure vulnerability exists in the Google Pixel/Pixel SL Qualcomm Avtimer Driver due to a NULL pointer dereference when processing an accept system call by the user process on AF_MSM_IPC sockets, which could let a local malicious user obtain sensitive information (Android Bug ID A-32551280).

2.1
2020-01-08 CVE-2016-6587 Symantec Information Exposure vulnerability in Symantec Norton Mobile Security

An Information Disclosure vulnerability exists in the mid.dat file stored on the SD card in Symantec Norton Mobile Security for Android before 3.16, which could let a local malicious user obtain sensitive information.

2.1
2020-01-08 CVE-2020-0009 Google Incorrect Default Permissions vulnerability in Google Android

In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass.

2.1
2020-01-07 CVE-2019-9465 Google Unspecified vulnerability in Google Android

In the Titan M handling of cryptographic operations, there is a possible information disclosure due to an unusual root cause.

2.1
2020-01-06 CVE-2019-9472 Google Information Exposure vulnerability in Google Android

In DCRYPTO_equals of compare.c, there is a possible timing attack due to improperly used crypto.

2.1
2020-01-09 CVE-2010-3282 HP
Redhat
Fedoraproject
Cleartext Storage of Sensitive Information vulnerability in multiple products

389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log.

1.9
2020-01-08 CVE-2020-0008 Google Out-of-bounds Read vulnerability in Google Android

In LowEnergyClient::MtuChangedCallback of low_energy_client.cc, there is a possible out of bounds read due to a race condition.

1.9