Weekly Vulnerabilities Reports > January 20 to 26, 2020

Overview

323 new vulnerabilities reported during this period, including 42 critical vulnerabilities and 77 high severity vulnerabilities. This weekly summary report vulnerabilities in 575 products from 151 vendors including Qualcomm, Cisco, Opensuse, Samsung, and Microsoft. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Improper Privilege Management", "Information Exposure", and "OS Command Injection".

  • 265 reported vulnerabilities are remotely exploitables.
  • 8 reported vulnerabilities have public exploit available.
  • 92 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 261 reported vulnerabilities are exploitable by an anonymous user.
  • Qualcomm has the most reported vulnerabilities, with 28 reported vulnerabilities.
  • Qualcomm has the most reported critical vulnerabilities, with 11 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

42 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-26 CVE-2020-7995 Dolibarr Improper Authentication vulnerability in Dolibarr 10.0.6

The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts.

10.0
2020-01-25 CVE-2020-7980 Intelliantech OS Command Injection vulnerability in Intelliantech Aptus web 1.24

Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI.

10.0
2020-01-24 CVE-2020-6966 Gehealthcare Inadequate Encryption Strength vulnerability in Gehealthcare products

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilize a weak encryption scheme for remote desktop control, which may allow an attacker to obtain remote code execution of devices on the network.

10.0
2020-01-24 CVE-2020-6963 Gehealthcare Improper Input Validation vulnerability in Gehealthcare products

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execute arbitrary code.

10.0
2020-01-24 CVE-2020-6962 Gehealthcare Improper Input Validation vulnerability in Gehealthcare products

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X CARESCAPE Central Station (CSCS) Versions 2.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, an input validation vulnerability exists in the web-based system configuration utility that could allow an attacker to obtain arbitrary remote code execution.

10.0
2020-01-23 CVE-2019-19897 Ixpdata OS Command Injection vulnerability in Ixpdata Easyinstall 6.2.13723

In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service.

10.0
2020-01-23 CVE-2013-1592 SAP Classic Buffer Overflow vulnerability in SAP Netweaver

A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code.

10.0
2020-01-23 CVE-2019-19839 Ruckuswireless OS Command Injection vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute.

10.0
2020-01-23 CVE-2019-19838 Ruckuswireless OS Command Injection vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute.

10.0
2020-01-22 CVE-2019-19842 Ruckuswireless OS Command Injection vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.

10.0
2020-01-22 CVE-2019-19841 Ruckuswireless OS Command Injection vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.

10.0
2020-01-22 CVE-2019-10780 Bibtex Ruby Project OS Command Injection vulnerability in Bibtex-Ruby Project Bibtex-Ruby

BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open.

10.0
2020-01-21 CVE-2019-14017 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Heap buffer overflow can occur while parsing invalid MKV clip which is not standard and have invalid vorbis codec data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

10.0
2020-01-21 CVE-2019-14016 Qualcomm Integer Overflow OR Wraparound vulnerability in Qualcomm products

Integer overflow occurs while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130

10.0
2020-01-21 CVE-2019-14014 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Possible buffer overflow when byte array receives incorrect input from reading source as array is not null terminated in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Nicobar, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR2130

10.0
2020-01-21 CVE-2019-14013 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read into the table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

10.0
2020-01-21 CVE-2019-14006 Qualcomm Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Qualcomm products

Buffer overflow occur while playing the clip which is nonstandard due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130

10.0
2020-01-21 CVE-2019-14005 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow occur while playing the clip which is nonstandard due to lack of check of size duration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130

10.0
2020-01-21 CVE-2019-14004 Qualcomm Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Qualcomm products

Buffer overflow occurs while processing invalid MKV clip, which has invalid EBML size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

10.0
2020-01-21 CVE-2019-10611 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Buffer overflow can occur while processing clip due to lack of check of object size before parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, Nicobar, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130

10.0
2020-01-21 CVE-2019-10581 Qualcomm USE After Free vulnerability in Qualcomm products

NULL is assigned to local instance of audio device pointer after free instead of global static pointer and can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8998, Nicobar, QCS605, Rennell, SA6155P, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

10.0
2020-01-21 CVE-2019-10532 Qualcomm Out-Of-Bounds Read vulnerability in Qualcomm products

Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, Nicobar, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130

10.0
2020-01-21 CVE-2019-10579 Qualcomm Out-Of-Bounds Read vulnerability in Qualcomm products

Buffer over-read can occur while playing the video clip which is not standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

9.4
2020-01-24 CVE-2019-1354 Microsoft Improper Input Validation vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.

9.3
2020-01-24 CVE-2019-1352 Microsoft Improper Input Validation vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.

9.3
2020-01-24 CVE-2019-1350 Microsoft Improper Input Validation vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.

9.3
2020-01-24 CVE-2019-1349 Microsoft Improper Input Validation vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.

9.3
2020-01-21 CVE-2020-7040 Storebackup
Debian
Opensuse
Link Following vulnerability in multiple products

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation.

9.3
2020-01-26 CVE-2019-16005 Cisco Improper Input Validation vulnerability in Cisco Collaboration Meeting Rooms and Webex Video Mesh

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system.

9.0
2020-01-26 CVE-2019-12629 Cisco Injection vulnerability in Cisco Sd-Wan Firmware

A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system.

9.0
2020-01-25 CVE-2012-6613 Dlink Unspecified vulnerability in Dlink Dsr-250N Firmware 1.05B73Ww

D-Link DSR-250N devices with firmware 1.05B73_WW allow Persistent Root Access because of the admin password for the admin account.

9.0
2020-01-24 CVE-2013-1598 Vivotek OS Command Injection vulnerability in Vivotek Pt7135 Firmware 0300A/0400A

A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code.

9.0
2020-01-23 CVE-2019-19896 Ixpdata Incorrect Default Permissions vulnerability in Ixpdata Easyinstall 6.2.13723

In IXP EasyInstall 6.2.13723, there is Remote Code Execution via weak permissions on the Engine Service share.

9.0
2020-01-23 CVE-2013-6358 Prestashop Unrestricted Upload of File With Dangerous Type vulnerability in Prestashop 1.5.5.0

PrestaShop 1.5.5 allows remote authenticated attackers to execute arbitrary code by uploading a crafted profile and then accessing it in the module/ directory.

9.0
2020-01-22 CVE-2011-3611 Usebb Improper Input Validation vulnerability in Usebb

A File Inclusion vulnerability exists in act parameter to admin.php in UseBB before 1.0.12.

9.0
2020-01-21 CVE-2020-7594 Multitech OS Command Injection vulnerability in Multitech Conduit Mtcdt-Lvw2-246A Firmware 1.4.17Ocea13592

MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field of the ping function.

9.0
2020-01-21 CVE-2019-14768 Dimo CRM Unrestricted Upload of File With Dangerous Type vulnerability in Dimo-Crm Yellowbox CRM

An Arbitrary File Upload issue in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to deploy a new WebApp WAR file to the Tomcat server via Path Traversal, allowing remote code execution with SYSTEM privileges.

9.0
2020-01-20 CVE-2020-7244 Comtechtel OS Command Injection vulnerability in Comtechtel Stampede Fx-1010 Firmware 7.4.3

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Poll Routes page and entering shell metacharacters in the Router IP Address field.

9.0
2020-01-20 CVE-2020-7243 Comtechtel OS Command Injection vulnerability in Comtechtel Stampede Fx-1010 Firmware 7.4.3

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field.

9.0
2020-01-20 CVE-2020-7242 Comtechtel OS Command Injection vulnerability in Comtechtel Stampede Fx-1010 Firmware 7.4.3

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Diagnostics Trace Route page and entering shell metacharacters in the Target IP address field.

9.0
2020-01-20 CVE-2020-7240 Meinbergglobal OS Command Injection vulnerability in Meinbergglobal Lantime M1000 Firmware and Lantime M300 Firmware

** DISPUTED ** Meinberg Lantime M300 and M1000 devices allow attackers (with privileges to configure a device) to execute arbitrary OS commands by editing the /config/netconf.cmd script (aka Extended Network Configuration).

9.0
2020-01-20 CVE-2020-7237 Cacti OS Command Injection vulnerability in Cacti 1.2.8

Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php.

9.0

77 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-24 CVE-2013-3960 Easytimestudio Missing Authorization vulnerability in Easytimestudio Easy File Manager 1.1

Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass

8.7
2020-01-21 CVE-2019-17584 Meinbergglobal Unspecified vulnerability in Meinbergglobal Syncbox/Ptpv2 Firmware 5.32/5.34G/5.34O

The Meinberg SyncBox/PTP/PTPv2 devices have default SSH keys which allow attackers to get root access to the devices.

8.5
2020-01-25 CVE-2019-5147 AMD
Vmware
Out-Of-Bounds Read vulnerability in AMD Atidxx64 26.20.13003.1007

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007.

7.8
2020-01-25 CVE-2019-5146 AMD
Vmware
Out-Of-Bounds Read vulnerability in AMD Atidxx64 26.20.13025.10004

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004.

7.8
2020-01-25 CVE-2019-5124 AMD
Vmware
Out-Of-Bounds Read vulnerability in AMD Atidxx64 26.20.13001.50005

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005.

7.8
2020-01-23 CVE-2019-19893 Ixpdata Path Traversal vulnerability in Ixpdata Easyinstall 6.2.13723

In IXP EasyInstall 6.2.13723, there is Directory Traversal on TCP port 8000 via the Engine Service by an unauthenticated attacker, who can access the server's filesystem with the access rights of NT AUTHORITY\SYSTEM.

7.8
2020-01-23 CVE-2012-6083 Freeciv Resource Exhaustion vulnerability in Freeciv

Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.

7.8
2020-01-23 CVE-2019-19837 Ruckuswireless Information Exposure vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests.

7.8
2020-01-21 CVE-2019-19414 Huawei Integer Overflow OR Wraparound vulnerability in Huawei products

There is an integer overflow vulnerability in LDAP server of some Huawei products.

7.8
2020-01-21 CVE-2019-19413 Huawei Integer Overflow OR Wraparound vulnerability in Huawei products

There is an integer overflow vulnerability in LDAP client of some Huawei products.

7.8
2020-01-21 CVE-2019-14010 Qualcomm Improper Input Validation vulnerability in Qualcomm products

The device may enter into error state when some tool or application gets failure at 1st buffer map all and performs 2nd buffer map which happens to be at same physical address in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, Rennell, SA6155P, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

7.8
2020-01-21 CVE-2019-14008 Qualcomm Null Pointer Dereference vulnerability in Qualcomm products

Possible null pointer dereference issue in location assistance data processing due to missing null check on resources before using it in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9607, MDM9650, SDM660, SDM845, SM8150, SM8250, SXR2130

7.8
2020-01-21 CVE-2019-14003 Qualcomm Null Pointer Dereference vulnerability in Qualcomm products

Null pointer exception can happen while parsing invalid MKV clip where cue information is parsed before segment information in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

7.8
2020-01-21 CVE-2019-10578 Qualcomm Null Pointer Dereference vulnerability in Qualcomm products

Null pointer dereference can occur while parsing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, Rennell, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

7.8
2020-01-21 CVE-2020-7213 Parallels Cleartext Storage of Sensitive Information vulnerability in Parallels 13

Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks.

7.6
2020-01-25 CVE-2020-7981 Rubygeocoder SQL Injection vulnerability in Rubygeocoder Geocoder

sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.

7.5
2020-01-25 CVE-2013-1744 Iris Citations Management Tool Project Unspecified vulnerability in Iris Citations Management Tool Project Iris Citations Management Tool

IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands.

7.5
2020-01-24 CVE-2019-1353 GIT
Opensuse
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6.
7.5
2020-01-24 CVE-2014-4172 Apereo
Debian
Fedoraproject
Injection vulnerability in multiple products

A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the (1) service parameter to validation/AbstractUrlBasedTicketValidator.java or (2) pgtUrl parameter to validation/Cas20ServiceTicketValidator.java.

7.5
2020-01-24 CVE-2013-1595 Vivotek Classic Buffer Overflow vulnerability in Vivotek Pt7135 Firmware 0300A/0400A

A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service.

7.5
2020-01-24 CVE-2020-6961 Gehealthcare Insufficiently Protected Credentials vulnerability in Gehealthcare products

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X, a vulnerability exists in the affected products that could allow an attacker to obtain access to the SSH private key in configuration files.

7.5
2020-01-24 CVE-2015-4042 GNU Integer Overflow OR Wraparound vulnerability in GNU Coreutils

Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings.

7.5
2020-01-24 CVE-2014-1925 Koha SQL Injection vulnerability in Koha

SQL injection vulnerability in the MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

7.5
2020-01-24 CVE-2014-1924 Koha SQL Injection vulnerability in Koha

The MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authentication, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.

7.5
2020-01-24 CVE-2012-6451 Lorextechnology Improper Authentication vulnerability in Lorextechnology Lnc104 Firmware and Lnc116 Firmware

Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability

7.5
2020-01-23 CVE-2019-17570 Apache
Debian
Deserialization of Untrusted Data vulnerability in multiple products

An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library.

7.5
2020-01-23 CVE-2012-6649 Devfarm Unrestricted Upload of File With Dangerous Type vulnerability in Devfarm WP GPX Maps 1.1.21

WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improper file upload.

7.5
2020-01-23 CVE-2020-7941 Plone Improper Privilege Management vulnerability in Plone

A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content without needing write permission.

7.5
2020-01-23 CVE-2015-5334 Openbsd
Opensuse
Out-Of-Bounds Write vulnerability in multiple products

Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow.

7.5
2020-01-23 CVE-2019-16517 Connectwise Origin Validation Error vulnerability in Connectwise Control 19.3.25270.7185

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185.

7.5
2020-01-23 CVE-2019-16153 Fortinet USE of Hard-Coded Credentials vulnerability in Fortinet Fortisiem

A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials.

7.5
2020-01-23 CVE-2013-6792 Google Unspecified vulnerability in Google Android

Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability

7.5
2020-01-23 CVE-2012-5867 HT Editor Project Out-Of-Bounds Write vulnerability in HT Editor Project HT Editor 2.0.20

HT Editor 2.0.20 has a Remote Stack Buffer Overflow Vulnerability

7.5
2020-01-23 CVE-2012-5699 Babygekko Improper Input Validation vulnerability in Babygekko

BabyGekko before 1.2.4 allows PHP file inclusion.

7.5
2020-01-23 CVE-2012-2087 Ispconfig Incorrect Permission Assignment for Critical Resource vulnerability in Ispconfig 3.0.4.3

ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client interface.

7.5
2020-01-22 CVE-2019-19840 Ruckuswireless Out-Of-Bounds Write vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware

A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request.

7.5
2020-01-22 CVE-2019-19843 Ruckuswireless Insufficiently Protected Credentials vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.

7.5
2020-01-22 CVE-2019-19836 Ruckuswireless Improper Input Validation vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware

AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename.

7.5
2020-01-22 CVE-2012-4919 Gallery Project Inclusion of Functionality From Untrusted Control Sphere vulnerability in Gallery Project Gallery 1.4

Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability

7.5
2020-01-22 CVE-2011-3621 Fluxbb Unspecified vulnerability in Fluxbb

A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled.

7.5
2020-01-22 CVE-2011-3614 Vanillaforums Unspecified vulnerability in Vanillaforums Vanilla

An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9.

7.5
2020-01-22 CVE-2020-7109 Elementor Unspecified vulnerability in Elementor Page Builder

The Elementor Page Builder plugin before 2.8.4 for WordPress does not sanitize data during creation of a new template.

7.5
2020-01-22 CVE-2020-6960 Honeywell SQL Injection vulnerability in Honeywell products

The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, and MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch contain an SQL injection vulnerability that could give an attacker remote unauthenticated access to the web user interface with administrator-level privileges.

7.5
2020-01-22 CVE-2020-6959 Honeywell Deserialization of Untrusted Data vulnerability in Honeywell products

The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, and MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch are vulnerable to an unsafe deserialization of untrusted data.

7.5
2020-01-22 CVE-2019-10781 Schema Inspector Project Exposure of Resource TO Wrong Sphere vulnerability in Schema-Inspector Project Schema-Inspector

In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the `sanitize()` and the `validate()` function used within schema-inspector.

7.5
2020-01-22 CVE-2018-16272 Samsung Improper Privilege Management vulnerability in Samsung products

The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations.

7.5
2020-01-22 CVE-2011-4943 Impresspages Unspecified vulnerability in Impresspages CMS 1.0.12

ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13)

7.5
2020-01-21 CVE-2016-11018 Huge IT SQL Injection vulnerability in Huge-It Image Gallery 1.0.1

An issue was discovered in the Huge-IT gallery-images plugin before 1.9.0 for WordPress.

7.5
2020-01-21 CVE-2015-2784 Papercrop Project Improper Input Validation vulnerability in Papercrop Project Papercrop

The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input.

7.5
2020-01-21 CVE-2020-7229 Simplejobscript SQL Injection vulnerability in Simplejobscript

An issue was discovered in Simplejobscript.com SJS before 1.65.

7.5
2020-01-21 CVE-2019-19392 Fordnn Incorrect Default Permissions vulnerability in Fordnn Usersexportimport

The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows an unprivileged user to import (create) new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data.

7.5
2020-01-21 CVE-2012-5190 Accusoft Unrestricted Upload of File With Dangerous Type vulnerability in Accusoft Prizm Content Connect 5.1

Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability

7.5
2020-01-21 CVE-2011-4094 Jara Project SQL Injection vulnerability in Jara Project Jara 1.6

Jara 1.6 has a SQL injection vulnerability.

7.5
2020-01-26 CVE-2020-3115 Cisco Improper Privilege Management vulnerability in Cisco Sd-Wan Firmware 18.4.1/19.1.0

A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system.

7.2
2020-01-24 CVE-2019-1414 Microsoft Unspecified vulnerability in Microsoft Visual Studio Code

An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer, aka 'Visual Studio Code Elevation of Privilege Vulnerability'.

7.2
2020-01-24 CVE-2012-6302 Soapbox Project Improper Privilege Management vulnerability in Soapbox Project Soapbox 0.3.1

Soapbox through 0.3.1: Sandbox bypass - runs a second instance of Soapbox within a sandboxed Soapbox.

7.2
2020-01-24 CVE-2019-3699 Privoxy Link Following vulnerability in Privoxy

UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root.

7.2
2020-01-24 CVE-2019-3697 GNU
Opensuse
Link Following vulnerability in multiple products

UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root.

7.2
2020-01-24 CVE-2019-3694 Opensuse
Suse
Link Following vulnerability in multiple products

A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root.

7.2
2020-01-24 CVE-2019-3693 Suse Link Following vulnerability in Suse Mailman 2.1.159.6.15.1/2.1.173.11.1/2.1.29Lp151.2.14

A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root.

7.2
2020-01-24 CVE-2019-3692 Suse Link Following vulnerability in Suse INN

The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks.

7.2
2020-01-23 CVE-2019-3691 Opensuse Link Following vulnerability in Opensuse Munge

A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root.

7.2
2020-01-23 CVE-2019-17202 Fasttracksoftware Improper Privilege Management vulnerability in Fasttracksoftware Admin BY Request 6.1.0.0

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will.

7.2
2020-01-23 CVE-2019-17201 Fasttracksoftware Unspecified vulnerability in Fasttracksoftware Admin BY Request 6.1.0.0

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will.

7.2
2020-01-23 CVE-2019-18898 Suse Link Following vulnerability in Suse Trousers 0.3.146.3.1

UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root.

7.2
2020-01-21 CVE-2019-2267 Qualcomm Unspecified vulnerability in Qualcomm products

Locked regions may be modified through other interfaces in secure boot loader image due to improper access control.

7.2
2020-01-21 CVE-2019-14036 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605

7.2
2020-01-21 CVE-2019-14034 Qualcomm USE After Free vulnerability in Qualcomm products

Use after free while processing eeprom query as there is a chance to not unlock mutex after error occurs in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

7.2
2020-01-21 CVE-2019-14024 Qualcomm USE After Free vulnerability in Qualcomm products

Possible stack-use-after-scope issue in NFC usecase for card emulation in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile in MSM8917, MSM8953, Nicobar, QM215, Rennell, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130

7.2
2020-01-21 CVE-2019-14023 Qualcomm Unspecified vulnerability in Qualcomm products

String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, Rennell, SA6155P, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

7.2
2020-01-21 CVE-2019-10606 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Out-of-bound access will occur in USB driver due to lack of check to validate the frame size passed by user in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, QCS605, SDX24

7.2
2020-01-21 CVE-2019-10602 Qualcomm USE After Free vulnerability in Qualcomm products

Potential use-after-free heap error during Validate/Present calls on display HW composer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCS605, SDA660, SDM845, SDX20, SM8150

7.2
2020-01-21 CVE-2019-10585 Qualcomm USE After Free vulnerability in Qualcomm products

Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130

7.2
2020-01-21 CVE-2019-10583 Qualcomm USE After Free vulnerability in Qualcomm products

Use after free issue occurs when camera access sensors data through direct report mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MDM9607, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR1130, SXR2130

7.2
2020-01-21 CVE-2019-10582 Qualcomm USE After Free vulnerability in Qualcomm products

Use after free issue due to using of invalidated iterator to delete an object in sensors HAL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR1130, SXR2130

7.2
2020-01-21 CVE-2019-10558 Qualcomm Unspecified vulnerability in Qualcomm products

While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130

7.2
2020-01-21 CVE-2019-10548 Qualcomm USE After Free vulnerability in Qualcomm products

While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130

7.2

168 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-26 CVE-2020-7991 Adive Cross-Site Request Forgery (CSRF) vulnerability in Adive Framework 2.0.8

Adive Framework 2.0.8 has admin/config CSRF to change the Administrator password.

6.8
2020-01-25 CVE-2019-5183 AMD
Vmware
Type Confusion vulnerability in AMD Atidxx64 26.20.13031.10003/26.20.13031.15006/26.20.13031.18002

An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002.

6.8
2020-01-24 CVE-2014-9630 Videolan Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Videolan VLC Media Player

The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value.

6.8
2020-01-24 CVE-2014-9629 Videolan Classic Buffer Overflow vulnerability in Videolan VLC Media Player

Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted length value.

6.8
2020-01-24 CVE-2014-9628 Videolan Classic Buffer Overflow vulnerability in Videolan VLC Media Player

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7.

6.8
2020-01-24 CVE-2014-9627 Videolan Incorrect Type Conversion OR Cast vulnerability in Videolan VLC Media Player

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size.

6.8
2020-01-24 CVE-2014-9626 Videolan Integer Underflow (Wrap OR Wraparound) vulnerability in Videolan VLC Media Player

Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7.

6.8
2020-01-24 CVE-2014-9625 Videolan Classic Buffer Overflow vulnerability in Videolan VLC Media Player

The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update status file, aka an "integer truncation" vulnerability.

6.8
2020-01-24 CVE-2020-5219 Peerigon Injection vulnerability in Peerigon Angular-Expressions

Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compile(userControlledInput) where userControlledInput is text that comes from user input.

6.8
2020-01-23 CVE-2020-7245 Ctfd Weak Password Recovery Mechanism FOR Forgotten Password vulnerability in Ctfd

Incorrect username validation in the registration process of CTFd v2.0.0 - v2.2.2 allows an attacker to take over an arbitrary account if the username is known and emails are enabled on the CTFd instance.

6.8
2020-01-23 CVE-2012-5340 Sumatrapdfreader
Artifex
Integer Overflow OR Wraparound vulnerability in multiple products

SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.

6.8
2020-01-23 CVE-2019-16513 Connectwise Cross-Site Request Forgery (CSRF) vulnerability in Connectwise Control 19.3.25270.7185

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185.

6.8
2020-01-23 CVE-2012-5698 Babygekko SQL Injection vulnerability in Babygekko

BabyGekko before 1.2.4 has SQL injection.

6.8
2020-01-23 CVE-2012-4981 Toshiba OS Command Injection vulnerability in Toshiba Configfree 8.0.38

Toshiba ConfigFree 8.0.38 has a CF7 File Remote Command Execution Vulnerability

6.8
2020-01-22 CVE-2019-20397 Cesnet Double Free vulnerability in Cesnet Libyang

A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated.

6.8
2020-01-22 CVE-2019-20394 Cesnet Double Free vulnerability in Cesnet Libyang

A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement.

6.8
2020-01-22 CVE-2019-20393 Cesnet Double Free vulnerability in Cesnet Libyang

A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used.

6.8
2020-01-22 CVE-2016-4761 Webkitgtk
Canonical
USE After Free vulnerability in multiple products

WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS

6.8
2020-01-22 CVE-2011-3612 Usebb Cross-Site Request Forgery (CSRF) vulnerability in Usebb

Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12.

6.8
2020-01-22 CVE-2011-3582 Anelectron Cross-Site Request Forgery (CSRF) vulnerability in Anelectron Advanced Electron Forums 1.0.9

A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF) through 1.0.9 due to inadequate confirmation for sensitive transactions in the administrator functions.

6.8
2020-01-21 CVE-2020-6849 Hutchhouse Cross-Site Request Forgery (CSRF) vulnerability in Hutchhouse Marketo Forms and Tracking

The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketo_fat CSRF with resultant XSS.

6.8
2020-01-21 CVE-2014-2680 Xmind Unspecified vulnerability in Xmind 3.4.1

The update process in Xmind 3.4.1 and earlier allow remote attackers to execute arbitrary code via a man-in-the-middle attack.

6.8
2020-01-21 CVE-2019-3864 Redhat Cross-Site Request Forgery (CSRF) vulnerability in Redhat Quay

A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token.

6.8
2020-01-21 CVE-2011-2668 Mozilla Unspecified vulnerability in Mozilla Firefox

Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header

6.8
2020-01-25 CVE-2020-7596 Codecov Injection vulnerability in Codecov Nodejs Uploader

Codecov npm module before 3.6.2 allows remote attackers to execute arbitrary commands via the "gcov-args" argument.

6.5
2020-01-24 CVE-2020-6965 Gehealthcare Improper Input Validation vulnerability in Gehealthcare products

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, a vulnerability in the software update mechanism allows an authenticated attacker to upload arbitrary files on the system through a crafted update package.

6.5
2020-01-24 CVE-2019-19631 Bigswitch Information Exposure vulnerability in Bigswitch products

An issue was discovered in Big Switch Big Monitoring Fabric 6.2 through 6.2.4, 6.3 through 6.3.9, 7.0 through 7.0.3, and 7.1 through 7.1.3; Big Cloud Fabric 4.5 through 4.5.5, 4.7 through 4.7.7, 5.0 through 5.0.1, and 5.1 through 5.1.4; and Multi-Cloud Director through 1.1.0.

6.5
2020-01-23 CVE-2020-7939 Plone SQL Injection vulnerability in Plone

SQL Injection in DTML or in connection objects in Plone 4.0 through 5.2.1 allows users to perform unwanted SQL queries.

6.5
2020-01-23 CVE-2020-7938 Plone Improper Privilege Management vulnerability in Plone 5.2.0/5.2.1

plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level.

6.5
2020-01-23 CVE-2019-16514 Connectwise Unrestricted Upload of File With Dangerous Type vulnerability in Connectwise Control 19.3.25270.7185

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185.

6.5
2020-01-23 CVE-2019-15712 Fortinet Unspecified vulnerability in Fortinet Fortimail

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to access web console they should not be authorized for.

6.5
2020-01-23 CVE-2020-7931 Jfrog Unspecified vulnerability in Jfrog Artifactory

In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorized_keys file.

6.5
2020-01-22 CVE-2019-19834 Ruckuswireless Path Traversal vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware

Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter.

6.5
2020-01-21 CVE-2019-14765 Dimo CRM Unspecified vulnerability in Dimo-Crm Yellowbox CRM

Incorrect Access Control in AfficheExplorateurParam() in DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to use administrative controllers.

6.5
2020-01-21 CVE-2020-7246 Qdpm Path Traversal vulnerability in Qdpm 8.3/9.0/9.1

A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier.

6.5
2020-01-21 CVE-2019-20385 Logaritmo Unrestricted Upload of File With Dangerous Type vulnerability in Logaritmo Aware Callmanager 2012

The CSV upload feature in /supervisor/procesa_carga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/* content type.

6.5
2020-01-26 CVE-2020-3134 Cisco Improper Input Validation vulnerability in Cisco Email Security Appliance

A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

6.4
2020-01-26 CVE-2019-16029 Cisco Improper Input Validation vulnerability in Cisco Smart Software Manager On-Prem

A vulnerability in the application programming interface (API) of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service (DoS) condition of the web interface.

6.4
2020-01-24 CVE-2013-4333 Tejimaya XXE vulnerability in Tejimaya Openpne

OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection Vulnerability

6.4
2020-01-23 CVE-2019-16515 Connectwise Unspecified vulnerability in Connectwise Control 19.3.25270.7185

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185.

6.4
2020-01-22 CVE-2020-5221 Troglobit Path Traversal vulnerability in Troglobit Uftpd

In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail in compose_abspath().

6.4
2020-01-24 CVE-2015-1530 Google Integer Overflow OR Wraparound vulnerability in Google Android

media/libmedia/IAudioPolicyService.cpp in Android before 5.1 allows attackers to execute arbitrary code with media_server privileges or cause a denial of service (integer overflow) via a crafted application that provides an invalid array size.

6.0
2020-01-23 CVE-2020-7936 Plone Open Redirect vulnerability in Plone

An open redirect on the login form (and possibly other places) in Plone 4.0 through 5.2.1 allows an attacker to craft a link to a Plone Site that, when followed, and possibly after login, will redirect to an attacker's site.

5.8
2020-01-22 CVE-2018-16263 Linux
Samsung
Improper Privilege Management vulnerability in Linux Tizen

The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations.

5.8
2020-01-22 CVE-2018-16262 Linux
Samsung
Improper Privilege Management vulnerability in Linux Tizen

The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations.

5.8
2020-01-21 CVE-2019-18426 Whatsapp Cross-Site Scripting vulnerability in Whatsapp and Whatsapp for Desktop

A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading.

5.8
2020-01-24 CVE-2020-5225 Simplesamlphp Information Exposure Through LOG Files vulnerability in Simplesamlphp

Log injection in SimpleSAMLphp before version 1.18.4.

5.5
2020-01-21 CVE-2019-14902 Samba
Canonical
Opensuse
There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.
5.5
2020-01-26 CVE-2020-7984 Solarwinds Cleartext Transmission of Sensitive Information vulnerability in Solarwinds N-Central 12.2

SolarWinds N-central before 12.1 SP1 HF5 and 12.2 before SP1 HF2 allows remote attackers to retrieve cleartext domain admin credentials from the Agent & Probe settings, and obtain other sensitive information.

5.0
2020-01-26 CVE-2020-3142 Cisco Missing Authentication FOR Critical Function vulnerability in Cisco Webex Meetings Online

A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password.

5.0
2020-01-26 CVE-2020-3139 Cisco Improper Input Validation vulnerability in Cisco Application Policy Infrastructure Controller

A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP ports.

5.0
2020-01-26 CVE-2019-16022 Cisco Resource Exhaustion vulnerability in Cisco IOS XR

Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

5.0
2020-01-26 CVE-2019-16020 Cisco Resource Exhaustion vulnerability in Cisco IOS XR

Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

5.0
2020-01-26 CVE-2019-16003 Cisco Missing Authentication FOR Critical Function vulnerability in Cisco UCS Director

A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to download system log files from an affected device.

5.0
2020-01-26 CVE-2019-15989 Cisco Improper Check FOR Unusual OR Exceptional Conditions vulnerability in Cisco IOS XR

A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

5.0
2020-01-25 CVE-2012-6345 Novell User Enumeration Information Disclosure vulnerability in Cyber-Ark Vault

Novell ZENworks Configuration Management before 11.2.4 allows obtaining sensitive trace information.

5.0
2020-01-24 CVE-2015-9541 QT
Fedoraproject
XML Entity Expansion vulnerability in multiple products

Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.

5.0
2020-01-24 CVE-2019-1351 Microsoft
Opensuse
USE of Incorrectly-Resolved Name OR Reference vulnerability in multiple products

A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.

5.0
2020-01-24 CVE-2020-7964 Mirumee Information Exposure vulnerability in Mirumee Saleor

An issue was discovered in Mirumee Saleor 2.x before 2.9.1.

5.0
2020-01-24 CVE-2015-2929 Torproject Denial of Service vulnerability in Tor

The Hidden Service (HS) client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service (assertion failure and application exit) via a malformed HS descriptor.

5.0
2020-01-24 CVE-2015-2928 Torproject Denial of Service vulnerability in Tor

The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors.

5.0
2020-01-24 CVE-2015-2689 Torproject Improper Input Validation vulnerability in Torproject TOR

Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle pending-connection resolve states during periods of high DNS load, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via crafted packets.

5.0
2020-01-24 CVE-2015-2688 Torproject Improper Handling of Exceptional Conditions vulnerability in Torproject TOR

buf_pullup in Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle unexpected arrival times of buffers with invalid layouts, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via crafted packets.

5.0
2020-01-24 CVE-2013-1596 Vivotek Improper Authentication vulnerability in Vivotek Pt7135 Firmware 0300A/0400A

An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554.

5.0
2020-01-24 CVE-2020-6964 Gehealthcare Missing Authentication FOR Critical Function vulnerability in Gehealthcare products

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X and CARESCAPE Central Station (CSCS) Versions 2.X, the integrated service for keyboard switching of the affected devices could allow attackers to obtain remote keyboard input access without authentication over the network.

5.0
2020-01-24 CVE-2014-1923 Koha Path Traversal vulnerability in Koha

Multiple directory traversal vulnerabilities in the (1) staff interface help editor (edithelp.pl) or (2) member-picupload.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allow remote attackers to write to arbitrary files via unspecified vectors.

5.0
2020-01-24 CVE-2014-1922 Koha Path Traversal vulnerability in Koha

Absolute path traversal vulnerability in tools/pdfViewer.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote attackers to read arbitrary files via unspecified vectors.

5.0
2020-01-24 CVE-2013-1594 Vivotek Information Exposure vulnerability in Vivotek Pt7135 Firmware 0300A/0400A

An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text.

5.0
2020-01-24 CVE-2020-7226 VT Allocation of Resources Without Limits OR Throttling vulnerability in VT Cryptacular

CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data.

5.0
2020-01-23 CVE-2012-6663 GE Insufficiently Protected Credentials vulnerability in GE D200 Firmware and D20Me Firmware

General Electric D20ME devices are not properly configured and reveal plaintext passwords.

5.0
2020-01-23 CVE-2012-5389 Dart Null Pointer Dereference vulnerability in Dart Powertcp Webserver FOR Activex 1.9.0.0/1.9.1.0/1.9.2

NULL Pointer Dereference in PowerTCP WebServer for ActiveX 1.9.2 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted HTTP request.

5.0
2020-01-23 CVE-2020-7940 Plone Weak Password Requirements vulnerability in Plone

Missing password strength checks on some forms in Plone 4.3 through 5.2.0 allow users to set weak passwords, leading to easier cracking.

5.0
2020-01-23 CVE-2019-19898 Ixpdata USE of Hard-Coded Credentials vulnerability in Ixpdata Easyinstall 6.2.13723

In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely.

5.0
2020-01-23 CVE-2015-5333 Openbsd
Opensuse
Resource Exhaustion vulnerability in multiple products

Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.

5.0
2020-01-23 CVE-2013-1593 SAP Improper Validation of Array Index vulnerability in SAP Netweaver

A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN.

5.0
2020-01-23 CVE-2012-5626 Redhat Unspecified vulnerability in Redhat products

EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation.

5.0
2020-01-23 CVE-2019-16516 Connectwise Information Exposure vulnerability in Connectwise Control 19.3.25270.7185

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185.

5.0
2020-01-23 CVE-2019-14888 Redhat Resource Exhaustion vulnerability in Redhat products

A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS.

5.0
2020-01-23 CVE-2007-6758 Sencha Server-Side Request Forgery (SSRF) vulnerability in Sencha EXT JS 5.0.0

Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.

5.0
2020-01-23 CVE-2008-7314 Mirc Resource Exhaustion vulnerability in Mirc

mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname.

5.0
2020-01-23 CVE-2019-19835 Ruckuswireless Server-Side Request Forgery (SSRF) vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware

SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI.

5.0
2020-01-23 CVE-2020-5217 Twitter Injection vulnerability in Twitter Secure Headers

In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0.

5.0
2020-01-23 CVE-2020-5216 Twitter Injection vulnerability in Twitter Secure Headers

In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0.

5.0
2020-01-22 CVE-2019-16792 Agendaless Http Request Smuggling vulnerability in Agendaless Waitress

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice.

5.0
2020-01-22 CVE-2011-3613 Vanillaforums Information Exposure vulnerability in Vanillaforums Vanilla

An issue exists in Vanilla Forums before 2.0.17.9 due to the way cookies are handled.

5.0
2020-01-22 CVE-2018-16270 Samsung Improper Privilege Management vulnerability in Samsung products

Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction.

5.0
2020-01-22 CVE-2018-16269 Samsung Information Exposure vulnerability in Samsung products

The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations.

5.0
2020-01-21 CVE-2020-7595 Xmlsoft Infinite Loop vulnerability in Xmlsoft Libxml2 2.9.10

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

5.0
2020-01-21 CVE-2019-20388 Xmlsoft Improper Resource Shutdown OR Release vulnerability in Xmlsoft Libxml2 2.9.10

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

5.0
2020-01-21 CVE-2019-20387 Opensuse Out-Of-Bounds Read vulnerability in Opensuse Libsolv

repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.

5.0
2020-01-21 CVE-2019-19886 Trustwave Improper Resource Shutdown OR Release vulnerability in Trustwave Modsecurity 3.0.0/3.0.3

Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may, when sent quickly in large volumes, lead to the server becoming slow or unresponsive (Denial of Service) because of a flaw in Transaction::addRequestHeader in transaction.cc.

5.0
2020-01-21 CVE-2020-6638 Grin Improper Input Validation vulnerability in Grin

Grin through 2.1.1 has Insufficient Validation.

5.0
2020-01-21 CVE-2020-7211 Libslirp Project
Qemu
Path Traversal vulnerability in multiple products

tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.

5.0
2020-01-21 CVE-2019-14767 Dimo CRM Path Traversal vulnerability in Dimo-Crm Yellowbox CRM

In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence (dossier=../) and servletrecuperefichier (document=../) allows an unauthenticated user to download arbitrary files from the server.

5.0
2020-01-21 CVE-2011-5282 Mirc Information Exposure vulnerability in Mirc

mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled.

5.0
2020-01-21 CVE-2011-4322 Websitebaker Missing Authentication FOR Critical Function vulnerability in Websitebaker

websitebaker prior to and including 2.8.1 has an authentication error in backup module.

5.0
2020-01-21 CVE-2019-10561 Qualcomm Unspecified vulnerability in Qualcomm products

Improper initialization of local variables which are parameters to sfs api may cause invalid pointer dereference and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9206, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QM215, SDA660, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660

5.0
2020-01-20 CVE-2020-7241 Wpseeds Files OR Directories Accessible TO External Parties vulnerability in Wpseeds WP Database Backup

The WP Database Backup plugin through 5.5 for WordPress stores downloads by default locally in the directory wp-content/uploads/db-backup/.

5.0
2020-01-22 CVE-2018-16267 Linux
Samsung
Improper Privilege Management vulnerability in Linux Tizen

The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations.

4.8
2020-01-22 CVE-2018-16266 Linux
Samsung
Improper Privilege Management vulnerability in Linux Tizen

The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations.

4.8
2020-01-24 CVE-2019-19363 Ricoh Incorrect Permission Assignment FOR Critical Resource vulnerability in Ricoh products

An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation.

4.6
2020-01-24 CVE-2015-4041 GNU Out-Of-Bounds Write vulnerability in GNU Coreutils 8.23

The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via long UTF-8 strings.

4.6
2020-01-23 CVE-2012-4606 Citrix Improper Privilege Management vulnerability in Citrix Xenserver

Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.

4.6
2020-01-23 CVE-2019-19895 Ixpdata Improper Input Validation vulnerability in Ixpdata Easyinstall 6.2.13723

In IXP EasyInstall 6.2.13723, there is Lateral Movement (using the Agent Service) against other users on a client system.

4.6
2020-01-23 CVE-2013-6773 Splunk
Microsoft
Improper Privilege Management vulnerability in Splunk

Splunk 5.0.3 has an Unquoted Service Path in Windows for Universal Forwarder which can allow an attacker to escalate privileges

4.6
2020-01-22 CVE-2019-6858 Schneider Electric Uncontrolled Search Path Element vulnerability in Schneider-Electric MSX Configurator

A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX Configurator (Software Version prior to V1.0.8.1), which could cause privilege escalation when injecting a malicious DLL.

4.4
2020-01-21 CVE-2019-18932 Squid Analysis Report Generator Project
Opensuse
Improper Privilege Management vulnerability in multiple products

log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation.

4.4
2020-01-26 CVE-2020-7996 Dolibarr Cross-Site Scripting vulnerability in Dolibarr 10.0.6

htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header.

4.3
2020-01-26 CVE-2020-7994 Dolibarr Cross-Site Scripting vulnerability in Dolibarr 10.0.6

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 10.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) label[libelle] parameter to the /htdocs/admin/dict.php?id=3 page; the (2) name[constname] parameter to the /htdocs/admin/const.php?mainmenu=home page; the (3) note[note] parameter to the /htdocs/admin/dict.php?id=10 page; the (4) zip[MAIN_INFO_SOCIETE_ZIP] or email[mail] parameter to the /htdocs/admin/company.php page; the (5) url[defaulturl], field[defaultkey], or value[defaultvalue] parameter to the /htdocs/admin/defaultvalues.php page; the (6) key[transkey] or key[transvalue] parameter to the /htdocs/admin/translation.php page; or the (7) [main_motd] or [main_home] parameter to the /htdocs/admin/ihm.php page.

4.3
2020-01-26 CVE-2020-7990 Adive Cross-Site Scripting vulnerability in Adive Framework 2.0.8

Adive Framework 2.0.8 has admin/user/add userName XSS.

4.3
2020-01-26 CVE-2020-7989 Adive Cross-Site Scripting vulnerability in Adive Framework 2.0.8

Adive Framework 2.0.8 has admin/user/add userUsername XSS.

4.3
2020-01-26 CVE-2020-3136 Cisco Cross-Site Scripting vulnerability in Cisco Jabber Guest

A vulnerability in the web-based management interface of Cisco Jabber Guest could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

4.3
2020-01-26 CVE-2020-3121 Cisco Cross-Site Scripting vulnerability in Cisco products

A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

4.3
2020-01-26 CVE-2019-16026 Cisco Improper Input Validation vulnerability in Cisco Staros

A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device.

4.3
2020-01-26 CVE-2019-16024 Cisco Cross-Site Scripting vulnerability in Cisco products

A vulnerability in the web-based management interface of Cisco Crosswork Change Automation could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system.

4.3
2020-01-26 CVE-2019-16018 Cisco Resource Exhaustion vulnerability in Cisco IOS XR

A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

4.3
2020-01-26 CVE-2019-16015 Cisco Cross-Site Scripting vulnerability in Cisco Data Center Analytics Framework

A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system.

4.3
2020-01-26 CVE-2019-15278 Cisco Cross-Site Scripting vulnerability in Cisco Finesse and Unified Contact Center Express

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device.

4.3
2020-01-25 CVE-2012-6494 Rapid7 Cross-Site Scripting vulnerability in Rapid7 Nexpose

Rapid7 Nexpose before 5.5.4 contains a session hijacking vulnerability which allows remote attackers to capture a user's session and gain unauthorized access.

4.3
2020-01-25 CVE-2012-6344 Novell Cross-Site Scripting vulnerability in Novell Zenworks Configuration Management

Novell ZENworks Configuration Management before 11.2.4 allows XSS.

4.3
2020-01-24 CVE-2015-1525 Google Improper Input Validation vulnerability in Google Android

audio/AudioPolicyManagerBase.cpp in Android before 5.1 allows attackers to cause a denial of service (audio_policy application outage) via a crafted application that provides a NULL device address.

4.3
2020-01-24 CVE-2014-9720 Tornadoweb Information Exposure Through Discrepancy vulnerability in Tornadoweb Tornado

Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.

4.3
2020-01-24 CVE-2019-19632 Bigswitch Cross-Site Scripting vulnerability in Bigswitch products

An issue was discovered in Big Switch Big Monitoring Fabric 6.2 through 6.2.4, 6.3 through 6.3.9, 7.0 through 7.0.3, and 7.1 through 7.1.3; Big Cloud Fabric 4.5 through 4.5.5, 4.7 through 4.7.7, 5.0 through 5.0.1, and 5.1 through 5.1.4; and Multi-Cloud Director through 1.1.0.

4.3
2020-01-23 CVE-2020-6007 Philips Out-Of-Bounds Write vulnerability in Philips HUE Bridge V2 Firmware

Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution.

4.3
2020-01-23 CVE-2014-2050 Owncloud Cross-Site Request Forgery (CSRF) vulnerability in Owncloud

Cross-site request forgery (CSRF) vulnerability in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2 allows remote attackers to hijack the authentication of users for requests that reset passwords via a crafted HTTP Host header.

4.3
2020-01-23 CVE-2020-7220 Hashicorp Information Exposure vulnerability in Hashicorp Vault

HashiCorp Vault Enterprise 0.11.0 through 1.3.1 fails, in certain circumstances, to revoke dynamic secrets for a mount in a deleted namespace.

4.3
2020-01-23 CVE-2016-1000237 Apostrophecms Cross-Site Scripting vulnerability in Apostrophecms Sanitize-Html

sanitize-html before 1.4.3 has XSS.

4.3
2020-01-23 CVE-2014-7238 Formget Cross-Site Scripting vulnerability in Formget Contact Form Integrated With Google Maps

The WordPress plugin Contact Form Integrated With Google Maps 1.0-2.4 has Stored XSS

4.3
2020-01-23 CVE-2013-6772 Splunk Improper Restriction of Rendered UI Layers OR Frames vulnerability in Splunk

Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking

4.3
2020-01-23 CVE-2012-4900 Corel Out-Of-Bounds Write vulnerability in Corel Wordperfect Office X6 16.0.0.388/16.0.0.429

Corel WordPerfect Office X6 16.0.0.388 has a DoS Vulnerability via untrusted pointer dereference

4.3
2020-01-23 CVE-2020-7210 Umbraco Cross-Site Request Forgery (CSRF) vulnerability in Umbraco CMS 8.2.2

Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user accounts.

4.3
2020-01-23 CVE-2019-20399 Parity Race Condition vulnerability in Parity Libsecp256K1

A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.

4.3
2020-01-22 CVE-2019-20398 Cesnet Null Pointer Dereference vulnerability in Cesnet Libyang

A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup().

4.3
2020-01-22 CVE-2019-20396 Cesnet Improper Input Validation vulnerability in Cesnet Libyang

A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.

4.3
2020-01-22 CVE-2019-20395 Cesnet Uncontrolled Recursion vulnerability in Cesnet Libyang

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs.

4.3
2020-01-22 CVE-2019-20392 Cesnet Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cesnet Libyang

An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not defined.

4.3
2020-01-22 CVE-2019-20391 Cesnet Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cesnet Libyang

An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit.

4.3
2020-01-22 CVE-2011-3622 Phorum Cross-Site Scripting vulnerability in Phorum

A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18.

4.3
2020-01-22 CVE-2019-6146 Forcepoint Cross-Site Scripting vulnerability in Forcepoint web Security 8.0.0/8.5.3

It has been reported that cross-site scripting (XSS) is possible in Forcepoint Web Security, version 8.x, via host header injection.

4.3
2020-01-22 CVE-2011-3610 S9Y Cross-Site Scripting vulnerability in S9Y Serendipity Event Freetag

A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf.

4.3
2020-01-22 CVE-2019-12490 Simplemachines Unspecified vulnerability in Simplemachines Simple Machines Forum

An issue was discovered in Simple Machines Forum (SMF) before 2.0.16.

4.3
2020-01-22 CVE-2019-16791 Postfix MTA STS Resolver Project Unspecified vulnerability in Postfix-Mta-Sts-Resolver Project Postfix-Mta-Sts-Resolver

In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy.

4.3
2020-01-22 CVE-2018-17981 Lifesize Cross-Site Scripting vulnerability in Lifesize Express 220 Firmware and Room 220I Firmware

Lifesize Express ls ex2_4.7.10 2000 (14) devices allow XSS via the interface/interface.php brand parameter.

4.3
2020-01-21 CVE-2020-1788 Huawei Improper Authentication vulnerability in Huawei Honor V30 Firmware

Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability.

4.3
2020-01-21 CVE-2019-19592 Jamasoftware Cross-Site Scripting vulnerability in Jamasoftware Connect 8.44.0

Jama Connect 8.44.0 is vulnerable to stored Cross-Site Scripting

4.3
2020-01-21 CVE-2019-19411 Huawei Improper Initialization vulnerability in Huawei Usg9500 Firmware

USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability.

4.3
2020-01-21 CVE-2011-4095 Jara Project Cross-Site Scripting vulnerability in Jara Project Jara 1.6

Jara 1.6 has an XSS vulnerability

4.3
2020-01-21 CVE-2011-2669 Mozilla Improper Certificate Validation vulnerability in Mozilla Firefox

Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates.

4.3
2020-01-21 CVE-2020-7239 IBM Cross-Site Scripting vulnerability in IBM Chatbot With IBM Watson

The conversation-watson plugin before 0.8.21 for WordPress has a DOM-based XSS vulnerability that is executed when a chat message containing JavaScript is sent.

4.3
2020-01-20 CVE-2019-20381 Testlink Cross-Site Scripting vulnerability in Testlink

TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter.

4.3
2020-01-26 CVE-2020-3131 Cisco Resource Exhaustion vulnerability in Cisco Webex Teams 3.0.12427.0/3.0.12808.0/3.0.13131

A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service (DoS) condition.

4.0
2020-01-26 CVE-2019-16027 Cisco Improper Input Validation vulnerability in Cisco IOS XR

A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS–IS process.

4.0
2020-01-26 CVE-2019-15255 Cisco Missing Authorization vulnerability in Cisco Identity Services Engine 2.2/2.2(0.470)

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access sensitive information related to the device.

4.0
2020-01-26 CVE-2019-12619 Cisco SQL Injection vulnerability in Cisco Sd-Wan Firmware

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries.

4.0
2020-01-24 CVE-2018-8654 Microsoft Improper Privilege Management vulnerability in Microsoft Dynamics 365 8.0

An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka 'Microsoft Dynamics 365 Elevation of Privilege Vulnerability'.

4.0
2020-01-24 CVE-2020-7052 Codesys Resource Exhaustion vulnerability in Codesys products

CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.

4.0
2020-01-24 CVE-2020-5224 Django User Sessions Project Inadequate Encryption Strength vulnerability in Django-User-Sessions Project Django-User-Sessions

In Django User Sessions (django-user-sessions) before 1.7.1, the views provided allow users to terminate specific sessions.

4.0
2020-01-24 CVE-2013-1597 Vivotek Path Traversal vulnerability in Vivotek Pt7135 Firmware 0300A/0400A

A Directory Traversal vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via a specially crafted GET request, which could let a malicious user obtain user credentials.

4.0
2020-01-23 CVE-2019-14885 Redhat Information Exposure vulnerability in Redhat products

A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA.

4.0
2020-01-23 CVE-2015-5745 Qemu
Fedoraproject
Classic Buffer Overflow vulnerability in multiple products

Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.

4.0
2020-01-23 CVE-2015-5278 Qemu
Fedoraproject
Canonical
Infinite Loop vulnerability in multiple products

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.

4.0
2020-01-23 CVE-2015-5239 Qemu
Fedoraproject
Canonical
Suse
Infinite Loop vulnerability in multiple products

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

4.0
2020-01-23 CVE-2019-15707 Fortinet Unspecified vulnerability in Fortinet Fortimail

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for.

4.0
2020-01-23 CVE-2013-6785 Supermicro Path Traversal vulnerability in Supermicro Intelligent Platform Management Interface

Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attackers to read arbitrary files via the url_name parameter.

4.0
2020-01-23 CVE-2012-4863 IBM Resource Exhaustion vulnerability in IBM Websphere MQ 7.1.0.0/7.1.0.1/7.5.0.0

IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability

4.0
2020-01-21 CVE-2019-17357 Cacti SQL Injection vulnerability in Cacti

Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id.

4.0
2020-01-21 CVE-2019-19344 Samba
Canonical
Synology
Opensuse
USE After Free vulnerability in multiple products

There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.

4.0
2020-01-21 CVE-2019-14766 Dimo CRM Path Traversal vulnerability in Dimo-Crm Yellowbox CRM

Path Traversal in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to browse the server filesystem.

4.0

36 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-24 CVE-2019-1348 GIT
Opensuse
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6.
3.6
2020-01-24 CVE-2019-1454 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.

3.6
2020-01-22 CVE-2019-5647 Rapid7 Insufficient Session Expiration vulnerability in Rapid7 Appspider

The Chrome Plugin for Rapid7 AppSpider can incorrectly keep browser sessions active after recording a macro, even after a restart of the Chrome browser.

3.6
2020-01-21 CVE-2020-1840 Huawei Improper Authentication vulnerability in Huawei Mate 20 Firmware

HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability.

3.6
2020-01-26 CVE-2020-3129 Cisco Cross-Site Scripting vulnerability in Cisco Unity Connection

A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack.

3.5
2020-01-26 CVE-2019-16008 Cisco Cross-Site Scripting vulnerability in Cisco products

A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system.

3.5
2020-01-24 CVE-2020-5226 Simplesamlphp Cross-Site Scripting vulnerability in Simplesamlphp

Cross-site scripting in SimpleSAMLphp before version 1.18.4.

3.5
2020-01-24 CVE-2019-1460 Microsoft Unspecified vulnerability in Microsoft Outlook

A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'.

3.5
2020-01-23 CVE-2020-7937 Plone Cross-Site Scripting vulnerability in Plone

An XSS issue in the title field in Plone 5.0 through 5.2.1 allows users with a certain privilege level to insert JavaScript that will be executed when other users access the site.

3.5
2020-01-23 CVE-2019-16512 Connectwise Cross-Site Scripting vulnerability in Connectwise Control 19.3.25270.7185

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185.

3.5
2020-01-23 CVE-2020-6843 Zohocorp Cross-Site Scripting vulnerability in Zohocorp Manageengine Servicedesk Plus 8.2/9.0

Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS.

3.5
2020-01-22 CVE-2020-7915 Eaton Cross-Site Scripting vulnerability in Eaton 5P 850 Firmware

An issue was discovered on Eaton 5P 850 devices.

3.5
2020-01-22 CVE-2011-3595 Joomla Cross-Site Scripting vulnerability in Joomla Joomla!

Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters.

3.5
2020-01-22 CVE-2020-7228 Codepeople Cross-Site Scripting vulnerability in Codepeople Calculated Fields Form

The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms.

3.5
2020-01-21 CVE-2020-7470 Sonoff Cross-Site Scripting vulnerability in Sonoff Th10 Firmware and Th16 Firmware

Sonoff TH 10 and 16 devices with firmware 6.6.0.21 allows XSS via the Friendly Name 1 field (after a successful login with the Web Admin Password).

3.5
2020-01-21 CVE-2020-7249 SMC Cross-Site Scripting vulnerability in SMC D3G0804 Firmware 3.5.2.5Latga

SMC D3G0804W 3.5.2.5-LAT_GA devices allow XSS via the SSID field on the WiFi Network Configuration page (after a successful login to the admin account).

3.5
2020-01-22 CVE-2018-16271 Samsung Improper Privilege Management vulnerability in Samsung products

The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations.

3.3
2020-01-22 CVE-2018-16268 Linux
Samsung
Improper Privilege Management vulnerability in Linux Tizen

The SoundServer/FocusServer system services in Tizen allow an unprivileged process to perform media-related system actions, due to improper D-Bus security policy configurations.

3.3
2020-01-22 CVE-2018-16265 Linux
Samsung
Improper Privilege Management vulnerability in Linux Tizen

The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations.

3.3
2020-01-22 CVE-2018-16264 Linux
Samsung
Information Exposure vulnerability in Linux Tizen

The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations.

3.3
2020-01-21 CVE-2019-14907 Samba
Redhat
Canonical
Synology
Fedoraproject
Out-Of-Bounds Read vulnerability in multiple products

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed.

2.6
2020-01-24 CVE-2019-18900 Opensuse
Suse
Incorrect Default Permissions vulnerability in Opensuse Libzypp

: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies.

2.1
2020-01-24 CVE-2019-3700 Suse USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Suse Yast2-Security

yast2-security didn't use secure defaults to protect passwords.

2.1
2020-01-23 CVE-2019-19894 Ixpdata Improper Input Validation vulnerability in Ixpdata Easyinstall 6.2.13723

In IXP EasyInstall 6.2.13723, it is possible to temporarily disable UAC by using the Agent Service on a client system.

2.1
2020-01-23 CVE-2019-5593 Fortinet Incorrect Default Permissions vulnerability in Fortinet Fortios

Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded local certificates via setting an empty password in FortiOS 6.2.1, 6.2.0, 6.0.6 and below.

2.1
2020-01-23 CVE-2019-18899 APT Cacher NG Project Improper Privilege Management vulnerability in Apt-Cacher-Ng Project Apt-Cacher-Ng

The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges.

2.1
2020-01-23 CVE-2013-4176 Mysecureshell Project Information Exposure vulnerability in Mysecureshell Project Mysecureshell 1.31

mysecureshell 1.31: Local Information Disclosure Vulnerability

2.1
2020-01-23 CVE-2013-4175 Mysecureshell Project Resource Exhaustion vulnerability in Mysecureshell Project Mysecureshell 1.31

MySecureShell 1.31 has a Local Denial of Service Vulnerability

2.1
2020-01-23 CVE-2020-5223 Privatebin Cross-Site Scripting vulnerability in Privatebin

In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2, a persistent XSS attack is possible.

2.1
2020-01-21 CVE-2020-5202 APT Cacher NG Project
Debian
Information Exposure vulnerability in multiple products

apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port.

2.1
2020-01-21 CVE-2020-6857 Taskautomation USE of Hard-Coded Credentials vulnerability in Taskautomation Carbonftp 1.4

CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key.

2.1
2020-01-21 CVE-2019-20386 Freedesktop Missing Release of Resource After Effective Lifetime vulnerability in Freedesktop Systemd

An issue was discovered in button_open in login/logind-button.c in systemd before 243.

2.1
2020-01-21 CVE-2019-20384 Gentoo Improper Preservation of Permissions vulnerability in Gentoo Portage

Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners.

2.1
2020-01-20 CVE-2020-7215 Gallagher Information Exposure vulnerability in Gallagher Command Centre

An issue was discovered in Gallagher Command Centre 7.x before 7.90.991(MR5), 8.00 before 8.00.1161(MR5), and 8.10 before 8.10.1134(MR4).

2.1
2020-01-24 CVE-2019-3687 Suse Incorrect Default Permissions vulnerability in Suse Linux Enterprise Server

The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic.

1.9
2020-01-23 CVE-2019-18222 ARM Information Exposure vulnerability in ARM Mbed Crypto and Mbed TLS

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.

1.9