Weekly Vulnerabilities Reports > January 27 to February 2, 2020
Overview
386 new vulnerabilities reported during this period, including 43 critical vulnerabilities and 80 high severity vulnerabilities. This weekly summary report vulnerabilities in 905 products from 200 vendors including Debian, Gitlab, IBM, Fedoraproject, and Jetbrains. Vulnerabilities are notably categorized as "Cross-site Scripting", "OS Command Injection", "Information Exposure", "Out-of-bounds Write", and "Improper Input Validation".
- 335 reported vulnerabilities are remotely exploitables.
- 20 reported vulnerabilities have public exploit available.
- 155 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 295 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 20 reported vulnerabilities.
- Adobe has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
43 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-01-30 | CVE-2020-8445 | Ossec | Improper Input Validation vulnerability in Ossec In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-analysisd doesn't remove or encode terminal control characters or newlines from processed log messages. | 10.0 |
2020-01-29 | CVE-2013-3317 | Netgear | Improper Authentication vulnerability in Netgear Wnr1000 Firmware Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. | 10.0 |
2020-01-29 | CVE-2013-3316 | Netgear | Improper Authentication vulnerability in Netgear Wnr1000 Firmware Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg". | 10.0 |
2020-01-29 | CVE-2020-3718 | Magento | Unspecified vulnerability in Magento Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. | 10.0 |
2020-01-29 | CVE-2020-3716 | Magento | Deserialization of Untrusted Data vulnerability in Magento Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. | 10.0 |
2020-01-29 | CVE-2013-2573 | TP Link | OS Command Injection vulnerability in Tp-Link products A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. | 10.0 |
2020-01-29 | CVE-2013-2568 | Zavio | OS Command Injection vulnerability in Zavio F3105 Firmware and F312A Firmware A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code. | 10.0 |
2020-01-28 | CVE-2013-1599 | Dlink | OS Command Injection vulnerability in Dlink products A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface. | 10.0 |
2020-01-28 | CVE-2013-2060 | Redhat | OS Command Injection vulnerability in Redhat Openshift 1.0 The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart. | 10.0 |
2020-01-27 | CVE-2013-2612 | Huawei | OS Command Injection vulnerability in Huawei E587 Firmware 11.203.27 Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI. | 10.0 |
2020-01-27 | CVE-2020-8087 | SMC | Unspecified vulnerability in SMC D3G0804W Firmware D3Gnv5M3.5.1.6.10Ga SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. | 10.0 |
2020-01-27 | CVE-2019-17095 | Bitdefender | OS Command Injection vulnerability in Bitdefender BOX 2 Firmware 2.1.47.42/2.1.53.45 A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. | 10.0 |
2020-01-27 | CVE-2014-8741 | Lexmark | Path Traversal vulnerability in Lexmark Markvision Enterprise Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors. | 10.0 |
2020-01-27 | CVE-2020-8001 | Intelliantech | Use of Hard-coded Credentials vulnerability in Intelliantech Aptus 1.0.2 The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account. | 10.0 |
2020-01-27 | CVE-2020-8000 | Intelliantech | Use of Hard-coded Credentials vulnerability in Intelliantech Aptus web 1.24 Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account. | 10.0 |
2020-02-01 | CVE-2020-8515 | Draytek | OS Command Injection vulnerability in Draytek products DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. | 9.8 |
2020-01-31 | CVE-2016-2031 | Arubanetworks Siemens | Improper Input Validation vulnerability in multiple products Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code. | 9.8 |
2020-01-29 | CVE-2020-8432 | Denx Opensuse | Double Free vulnerability in multiple products In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. | 9.8 |
2020-01-29 | CVE-2020-7247 | Openbsd Debian Fedoraproject Canonical | Improper Handling of Exceptional Conditions vulnerability in multiple products smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. | 9.8 |
2020-01-29 | CVE-2019-20217 | Dlink | OS Command Injection vulnerability in Dlink Dir-859 Firmware 1.05/1.06B01 D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. | 9.8 |
2020-01-29 | CVE-2019-20216 | Dlink | OS Command Injection vulnerability in Dlink Dir-859 Firmware 1.05/1.06B01 D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is mishandled. | 9.8 |
2020-01-29 | CVE-2019-20215 | Dlink | OS Command Injection vulnerability in Dlink Dir-859 Firmware 1.05/1.06B01 D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. | 9.8 |
2020-01-28 | CVE-2015-8011 | Lldpd Project Debian Fedoraproject | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. | 9.8 |
2020-01-31 | CVE-2014-5039 | Eucalyptus | Cross-site Scripting vulnerability in Eucalyptus Management Console 4.0.0/4.0.1 Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 9.6 |
2020-01-29 | CVE-2020-3714 | Adobe | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator CC Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. | 9.3 |
2020-01-29 | CVE-2020-3713 | Adobe | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator CC Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. | 9.3 |
2020-01-29 | CVE-2020-3712 | Adobe | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator CC Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. | 9.3 |
2020-01-29 | CVE-2020-3711 | Adobe | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator CC Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. | 9.3 |
2020-01-29 | CVE-2020-3710 | Adobe | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator CC Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. | 9.3 |
2020-01-28 | CVE-2013-3093 | Asus | Cross-Site Request Forgery (CSRF) vulnerability in Asus products ASUS RT-N56U devices allow CSRF. | 9.3 |
2020-01-27 | CVE-2019-17096 | Bitdefender | OS Command Injection vulnerability in Bitdefender BOX 2 Firmware and Central A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command. | 9.3 |
2020-01-27 | CVE-2013-3486 | Irfanview | Integer Overflow or Wraparound vulnerability in Irfanview Flashpix Plugin 4.3.4.0 IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability | 9.3 |
2020-01-27 | CVE-2019-17102 | Bitdefender | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Bitdefender BOX 2 Firmware An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. | 9.3 |
2020-01-29 | CVE-2019-20445 | Netty Debian Fedoraproject Canonical Redhat Apache | HTTP Request Smuggling vulnerability in multiple products HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. | 9.1 |
2020-01-29 | CVE-2019-20444 | Netty Debian Fedoraproject Canonical Redhat | HTTP Request Smuggling vulnerability in multiple products HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold." | 9.1 |
2020-01-31 | CVE-2013-3322 | Netapp | OS Command Injection vulnerability in Netapp Oncommand System Manager 2.0.2/2.1 NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface. | 9.0 |
2020-01-29 | CVE-2020-8438 | Arris | OS Command Injection vulnerability in Arris Ruckus Zoneflex R500 Firmware 104.0.0.0.1347 Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IFS} substring. | 9.0 |
2020-01-28 | CVE-2013-4863 | Micasaverde | Improper Authentication vulnerability in Micasaverde Veralite Firmware 1.5.408 The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag. | 9.0 |
2020-01-28 | CVE-2012-6610 | Polycom | OS Command Injection vulnerability in Polycom HDX Video END Points and UC APL Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature. | 9.0 |
2020-01-28 | CVE-2020-7799 | Fusionauth | Injection vulnerability in Fusionauth An issue was discovered in FusionAuth before 1.11.0. | 9.0 |
2020-01-28 | CVE-2020-7998 | Super File Explorer Project | Unrestricted Upload of File with Dangerous Type vulnerability in Super File Explorer Project Super File Explorer 1.0.1 An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. | 9.0 |
2020-01-27 | CVE-2013-2267 | Fudforum | Code Injection vulnerability in Fudforum 3.0.4 PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system. | 9.0 |
2020-01-27 | CVE-2019-20427 | Lustre | Classic Buffer Overflow vulnerability in Lustre In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. | 9.0 |
80 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-01-28 | CVE-2020-8112 | Uclouvain Debian | Out-of-bounds Write vulnerability in multiple products opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851. | 8.8 |
2020-01-27 | CVE-2019-19824 | Totolink | OS Command Injection vulnerability in Totolink products On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. | 8.8 |
2020-01-29 | CVE-2020-2099 | Jenkins | Use of Insufficiently Random Values vulnerability in Jenkins Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents. | 8.6 |
2020-01-30 | CVE-2020-1931 | Apache | OS Command Injection vulnerability in Apache Spamassassin A command execution issue was found in Apache SpamAssassin prior to 3.4.3. | 8.1 |
2020-01-30 | CVE-2020-1930 | Apache | OS Command Injection vulnerability in Apache Spamassassin A command execution issue was found in Apache SpamAssassin prior to 3.4.3. | 8.1 |
2020-01-27 | CVE-2017-14807 | Suse | SQL Injection vulnerability in Suse Studio Onsite and Susestudio-Ui-Server An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification of data. | 8.1 |
2020-01-31 | CVE-2014-8141 | Unzip Project Redhat | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. | 7.8 |
2020-01-31 | CVE-2014-8140 | Unzip Project Redhat | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. | 7.8 |
2020-01-31 | CVE-2014-8139 | Unzip Project Redhat | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. | 7.8 |
2020-01-30 | CVE-2020-3147 | Cisco | Improper Input Validation vulnerability in Cisco products A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |
2020-01-29 | CVE-2020-3719 | Magento | SQL Injection vulnerability in Magento Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. | 7.8 |
2020-01-29 | CVE-2019-18634 | Sudo Project Debian | Out-of-bounds Write vulnerability in multiple products In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. | 7.8 |
2020-01-28 | CVE-2013-3074 | Netgear | Resource Exhaustion vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash). | 7.8 |
2020-01-27 | CVE-2014-8742 | Lexmark | Path Traversal vulnerability in Lexmark Markvision Enterprise Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors. | 7.8 |
2020-01-27 | CVE-2019-17190 | Avast | Incorrect Authorization vulnerability in Avast Secure Browser 76.0.1659.101 A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. | 7.8 |
2020-01-27 | CVE-2013-6056 | Alienvault | Path Traversal vulnerability in Alienvault Open Source Security Information Management OSSIM before 4.3.3.1 has tele_compress.php path traversal vulnerability | 7.8 |
2020-01-27 | CVE-2019-20432 | Lustre | Out-of-bounds Write vulnerability in Lustre In the Lustre file system before 2.12.3, the mdt module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. | 7.8 |
2020-01-27 | CVE-2019-20431 | Lustre | Out-of-bounds Write vulnerability in Lustre In the Lustre file system before 2.12.3, the ptlrpc module has an osd_map_remote_to_local out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. | 7.8 |
2020-01-27 | CVE-2019-20430 | Lustre | Improper Input Validation vulnerability in Lustre In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client. | 7.8 |
2020-01-27 | CVE-2019-20429 | Lustre | Out-of-bounds Read vulnerability in Lustre In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. | 7.8 |
2020-01-27 | CVE-2019-20428 | Lustre | Out-of-bounds Read vulnerability in Lustre In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. | 7.8 |
2020-01-27 | CVE-2019-20426 | Lustre | Out-of-bounds Write vulnerability in Lustre In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. | 7.8 |
2020-01-27 | CVE-2019-20425 | Lustre | Out-of-bounds Write vulnerability in Lustre In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. | 7.8 |
2020-01-27 | CVE-2019-20424 | Lustre | NULL Pointer Dereference vulnerability in Lustre In the Lustre file system before 2.12.3, mdt_object_remote in the mdt module has a NULL pointer dereference and panic due to the lack of validation for specific fields of packets sent by a client. | 7.8 |
2020-01-27 | CVE-2019-20423 | Lustre | Classic Buffer Overflow vulnerability in Lustre In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. | 7.8 |
2020-01-27 | CVE-2019-20421 | Exiv2 Canonical Debian | Infinite Loop vulnerability in multiple products In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. | 7.8 |
2020-01-29 | CVE-2020-2108 | Jenkins | XXE vulnerability in Jenkins Websphere Deployer Jenkins WebSphere Deployer Plugin 1.6.1 and earlier does not configure the XML parser to prevent XXE attacks which can be exploited by a user with Job/Configure permissions. | 7.6 |
2020-01-31 | CVE-2014-2025 | Unitedplanet | Unrestricted Upload of File with Dangerous Type vulnerability in Unitedplanet Intrexx 5.2/6.0 Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unknown vectors. | 7.5 |
2020-01-31 | CVE-2014-8322 | Aircrack NG | Out-of-bounds Write vulnerability in Aircrack-Ng Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value. | 7.5 |
2020-01-31 | CVE-2020-8440 | Simplejobscript | Unrestricted Upload of File with Dangerous Type vulnerability in Simplejobscript 1.65/1.66 controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume. | 7.5 |
2020-01-31 | CVE-2020-7956 | Hashicorp | Improper Certificate Validation vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. | 7.5 |
2020-01-30 | CVE-2013-2198 | Login Security Project | Incorrect Authorization vulnerability in Login Security Project Login Security The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username. | 7.5 |
2020-01-30 | CVE-2014-3719 | Exlibrisgroup | SQL Injection vulnerability in Exlibrisgroup Aleph 500 18.1/20.0 Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via the (1) find, (2) lib, or (3) sid parameter. | 7.5 |
2020-01-30 | CVE-2020-8447 | Ossec | Use After Free vulnerability in Ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of syscheck formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted). | 7.5 |
2020-01-30 | CVE-2020-8444 | Ossec | Use After Free vulnerability in Ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of ossec-alert formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted). | 7.5 |
2020-01-30 | CVE-2020-8443 | Ossec | Off-by-one Error vulnerability in Ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted). | 7.5 |
2020-01-29 | CVE-2019-10783 | Isof Project | OS Command Injection vulnerability in Isof Project Isof All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. | 7.5 |
2020-01-29 | CVE-2013-3215 | Vtiger | Improper Authentication vulnerability in Vtiger CRM vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function. | 7.5 |
2020-01-29 | CVE-2013-2570 | Zavio | OS Command Injection vulnerability in Zavio F3105 Firmware and F312A Firmware A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code. | 7.5 |
2020-01-28 | CVE-2020-5227 | Feedgen Project | XML Entity Expansion vulnerability in Feedgen Project Feedgen Feedgen (python feedgen) before 0.9.0 is susceptible to XML Denial of Service attacks. | 7.5 |
2020-01-28 | CVE-2013-3214 | Vtiger | Injection vulnerability in Vtiger CRM vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'. | 7.5 |
2020-01-28 | CVE-2013-3071 | Netgear | Improper Authentication vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass. | 7.5 |
2020-01-28 | CVE-2013-2748 | Belkin | Unrestricted Upload of File with Dangerous Type vulnerability in Belkin Wemo Switch Firmware Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system. | 7.5 |
2020-01-28 | CVE-2020-5211 | Nethack | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 7.5 |
2020-01-28 | CVE-2020-4207 | IBM | Classic Buffer Overflow vulnerability in IBM products IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. | 7.5 |
2020-01-28 | CVE-2020-5214 | Nethack | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, detecting an unknown configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 7.5 |
2020-01-28 | CVE-2020-5213 | Nethack | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 7.5 |
2020-01-28 | CVE-2020-5212 | Nethack | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 7.5 |
2020-01-28 | CVE-2020-1940 | Apache | Improper Cross-boundary Removal of Sensitive Data vulnerability in Apache Jackrabbit OAK The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. | 7.5 |
2020-01-28 | CVE-2013-4864 | Micasaverde | Server-Side Request Forgery (SSRF) vulnerability in Micasaverde Veralite Firmware 1.5.408 MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue. | 7.5 |
2020-01-28 | CVE-2014-2914 | Fishshell | Improper Input Validation vulnerability in Fishshell Fish 2.0.0/2.1.0 fish (aka fish-shell) 2.0.0 before 2.1.1 does not restrict access to the configuration service (aka fish_config), which allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by set_prompt. | 7.5 |
2020-01-28 | CVE-2014-2898 | Wolfssl | Out-of-bounds Read vulnerability in Wolfssl wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact via multiple calls to the CyaSSL_read function which triggers an out-of-bounds read when an error occurs, related to not checking the return code and MAC verification failure. | 7.5 |
2020-01-28 | CVE-2014-2897 | Wolfssl | Out-of-bounds Read vulnerability in Wolfssl The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read. | 7.5 |
2020-01-28 | CVE-2014-2896 | Wolfssl | Out-of-bounds Read vulnerability in Wolfssl The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact and vectors, which trigger memory corruption or an out-of-bounds read. | 7.5 |
2020-01-28 | CVE-2014-3445 | Handsomeweb | Insufficiently Protected Credentials vulnerability in Handsomeweb SOS Webpages backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash. | 7.5 |
2020-01-28 | CVE-2013-2571 | Hcomm | Improper Input Validation vulnerability in Hcomm Xpient Iris 3.8 Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer. | 7.5 |
2020-01-28 | CVE-2013-1437 | Module Metadata Project Fedoraproject | Injection vulnerability in multiple products Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value. | 7.5 |
2020-01-28 | CVE-2019-5464 | Gitlab | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized. | 7.5 |
2020-01-28 | CVE-2019-15585 | Gitlab | Improper Authentication vulnerability in Gitlab Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account. | 7.5 |
2020-01-28 | CVE-2019-8257 | Adobe | Use After Free vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. | 7.5 |
2020-01-28 | CVE-2019-7131 | Adobe | Type Confusion vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and 2015.006.30461 and earlier have a type confusion vulnerability. | 7.5 |
2020-01-27 | CVE-2020-8088 | Usebb | Type Confusion vulnerability in Usebb 1.0.12 panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters. | 7.5 |
2020-01-27 | CVE-2014-8563 | Synacor | OS Command Injection vulnerability in Synacor Zimbra Collaboration Server Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS. | 7.5 |
2020-01-27 | CVE-2013-7390 | Zohocorp | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Desktop Central 7.0.0/7.0.1/8.0.0 Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot. | 7.5 |
2020-01-27 | CVE-2020-7238 | Netty Fedoraproject Debian Redhat | HTTP Request Smuggling vulnerability in multiple products Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. | 7.5 |
2020-01-27 | CVE-2019-19825 | Totolink | Improper Authentication vulnerability in Totolink products On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. | 7.5 |
2020-01-27 | CVE-2015-0244 | Postgresql Debian | SQL Injection vulnerability in multiple products PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation. | 7.5 |
2020-01-27 | CVE-2013-3493 | Xnview | Integer Overflow or Wraparound vulnerability in Xnview 2.03 XnView 2.03 has an integer overflow vulnerability | 7.5 |
2020-01-27 | CVE-2013-3492 | Xnview | Out-of-bounds Write vulnerability in Xnview 2.03 XnView 2.03 has a stack-based buffer overflow vulnerability | 7.5 |
2020-01-27 | CVE-2012-1495 | Webcalendar Project | Injection vulnerability in Webcalendar Project Webcalendar install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter. | 7.5 |
2020-01-27 | CVE-2018-12476 | Suse | Path Traversal vulnerability in Suse Obs-Service-Tar SCM Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. | 7.5 |
2020-01-27 | CVE-2020-7999 | Intelliantech | Use of Hard-coded Credentials vulnerability in Intelliantech Aptus 1.0.2 The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY. | 7.5 |
2020-01-31 | CVE-2014-4860 | Tianocore | Integer Overflow or Wraparound vulnerability in Tianocore Edk2 Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase. | 7.2 |
2020-01-31 | CVE-2014-4859 | Tianocore | Integer Overflow or Wraparound vulnerability in Tianocore Edk2 Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data. | 7.2 |
2020-01-31 | CVE-2019-18913 | HP | Unspecified vulnerability in HP products A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. | 7.2 |
2020-01-29 | CVE-2019-7656 | Wowza | Incorrect Permission Assignment for Critical Resource vulnerability in Wowza Streaming Engine A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any unprivileged Linux user to escalate privileges to root. | 7.2 |
2020-01-27 | CVE-2019-17094 | Belkin | Out-of-bounds Write vulnerability in Belkin Wemo Insight Switch Firmware A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. | 7.2 |
2020-01-27 | CVE-2014-7303 | HP | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db. | 7.2 |
2020-01-27 | CVE-2014-7302 | HP | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx. | 7.2 |
2020-01-30 | CVE-2019-20050 | Artica | OS Command Injection vulnerability in Artica Pandora FMS 7.42 Pandora FMS ≤ 7.42 suffers from a remote code execution vulnerability. | 7.1 |
226 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-01-30 | CVE-2013-0725 | Hexagongeospatial | Uncontrolled Search Path Element vulnerability in Hexagongeospatial Erdas ER Viewer 13.0 ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities | 6.9 |
2020-01-31 | CVE-2020-5234 | Messagepack | Out-of-bounds Write vulnerability in Messagepack MessagePack for C# and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. | 6.8 |
2020-01-31 | CVE-2013-3489 | MPC HC | Classic Buffer Overflow vulnerability in Mpc-Hc Buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0 allows remote attackers to execute arbitrary code via a crafted RealMedia .rm file | 6.8 |
2020-01-31 | CVE-2013-3488 | MPC HC | Classic Buffer Overflow vulnerability in Mpc-Hc Stack-based buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream (M2TS) file. | 6.8 |
2020-01-29 | CVE-2020-7965 | Webargs Project | Cross-Site Request Forgery (CSRF) vulnerability in Webargs Project Webargs flaskparser.py in Webargs 5.x through 5.5.2 doesn't check that the Content-Type header is application/json when receiving JSON input. | 6.8 |
2020-01-28 | CVE-2020-8424 | Cups Easy Project | Cross-Site Request Forgery (CSRF) vulnerability in Cups Easy Project Cups Easy 1.0 Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account takeover via passwordmychange.php. | 6.8 |
2020-01-28 | CVE-2020-8420 | Joomla | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.15. | 6.8 |
2020-01-28 | CVE-2020-8419 | Joomla | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.15. | 6.8 |
2020-01-28 | CVE-2020-8417 | Codesnippets | Cross-Site Request Forgery (CSRF) vulnerability in Codesnippets Code Snippets The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu. | 6.8 |
2020-01-28 | CVE-2013-3212 | Vtiger | Injection vulnerability in Vtiger CRM vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code. | 6.8 |
2020-01-28 | CVE-2015-5483 | Private Only Project | Cross-Site Request Forgery (CSRF) vulnerability in Private Only Project Private Only 3.5.1 Multiple cross-site request forgery (CSRF) vulnerabilities in the Private Only plugin 3.5.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) add users, (2) delete posts, or (3) modify PHP files via unspecified vectors, or (4) conduct cross-site scripting (XSS) attacks via the po_logo parameter in the privateonly.php page to wp-admin/options-general.php. | 6.8 |
2020-01-28 | CVE-2020-8086 | Prosody Debian | Incorrect Authorization vulnerability in multiple products The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. | 6.8 |
2020-01-28 | CVE-2019-5462 | Gitlab | Insufficient Session Expiration vulnerability in Gitlab A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed. | 6.8 |
2020-01-27 | CVE-2019-13521 | Rockwellautomation | Unspecified vulnerability in Rockwellautomation Arena Simulation 16.00.00 A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. | 6.8 |
2020-01-27 | CVE-2019-13519 | Rockwellautomation | Type Confusion vulnerability in Rockwellautomation Arena Simulation 16.00.00 A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. | 6.8 |
2020-01-27 | CVE-2020-7952 | Valvesoftware | Unspecified vulnerability in Valvesoftware Dota 2 7.23E rendersystemdx9.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is affected by memory corruption. | 6.8 |
2020-01-27 | CVE-2020-7951 | Valvesoftware | Unspecified vulnerability in Valvesoftware Dota 2 meshsystem.dll in Valve Dota 2 before 7.23e allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is affected by memory corruption. | 6.8 |
2020-01-27 | CVE-2020-7950 | Valvesoftware | Unspecified vulnerability in Valvesoftware Dota 2 7.23E meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a vulnerable function call. | 6.8 |
2020-01-27 | CVE-2020-7949 | Valvesoftware | Unspecified vulnerability in Valvesoftware Dota 2 7.23E schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a GetValue call. | 6.8 |
2020-01-31 | CVE-2013-5116 | Evernote | Improper Authentication vulnerability in Evernote Evernote prior to 5.5.1 has insecure password change | 6.6 |
2020-01-31 | CVE-2013-5114 | Logmein | Improper Authentication vulnerability in Logmein Lastpass LastPass prior to 2.5.1 allows secure wipe bypass. | 6.6 |
2020-02-02 | CVE-2019-20446 | Gnome Opensuse Fedoraproject Debian Canonical Netapp | Resource Exhaustion vulnerability in multiple products In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. | 6.5 |
2020-01-31 | CVE-2014-8126 | Wisc | Improper Input Validation vulnerability in Wisc Htcondor The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code. | 6.5 |
2020-01-31 | CVE-2014-3868 | Zeuscart | SQL Injection vulnerability in Zeuscart 4.0 Multiple SQL injection vulnerabilities in ZeusCart 4.x. | 6.5 |
2020-01-31 | CVE-2014-3119 | Web2Project | SQL Injection vulnerability in Web2Project 2.0/3.0/3.1 Multiple SQL injection vulnerabilities in web2Project 3.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search_string parameter in the contacts module to index.php or allow remote attackers to execute arbitrary SQL commands via the updatekey parameter to (2) do_updatecontact.php or (3) updatecontact.php. | 6.5 |
2020-01-30 | CVE-2020-8494 | Kronos | Improper Privilege Management vulnerability in Kronos web Time and Attendance 3.8 In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H402editUser servlet allows an attacker with Timekeeper, Master Timekeeper, or HR Admin privileges to gain unauthorized administrative privileges within the application via the emp_id, userid, pw1, pw2, supervisor, and timekeeper parameters. | 6.5 |
2020-01-30 | CVE-2020-5222 | Apereo | Use of Hard-coded Credentials vulnerability in Apereo Opencast Opencast before 7.6 and 8.1 enables a remember-me cookie based on a hash created from the username, password, and an additional system key. | 6.5 |
2020-01-30 | CVE-2020-8492 | Python Opensuse Canonical Fedoraproject Debian | Resource Exhaustion vulnerability in multiple products Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. | 6.5 |
2020-01-30 | CVE-2020-8442 | Ossec | Out-of-bounds Write vulnerability in Ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client. | 6.5 |
2020-01-29 | CVE-2019-7654 | Wowza | Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine Wowza Streaming Engine 4.8.0 and earlier suffers from multiple CSRF vulnerabilities. | 6.5 |
2020-01-29 | CVE-2012-4383 | Contao | SQL Injection vulnerability in Contao contao prior to 2.11.4 has a sql injection vulnerability | 6.5 |
2020-01-28 | CVE-2013-4583 | Gitlab | Improper Privilege Management vulnerability in Gitlab and Gitlab-Shell The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories. | 6.5 |
2020-01-28 | CVE-2019-5468 | Gitlab | Improper Privilege Management vulnerability in Gitlab An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account. | 6.5 |
2020-01-27 | CVE-2015-0243 | Postgresql Debian | Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | 6.5 |
2020-01-27 | CVE-2015-0242 | Postgresql Microsoft Debian | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a floating point number with a large precision, as demonstrated by using the to_char function. | 6.5 |
2020-01-27 | CVE-2015-0241 | Postgresql Debian | Classic Buffer Overflow vulnerability in multiple products The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow. | 6.5 |
2020-01-27 | CVE-2012-1496 | Webcalendar Project | Injection vulnerability in Webcalendar Project Webcalendar Local file inclusion in WebCalendar before 1.2.5. | 6.5 |
2020-01-31 | CVE-2011-4115 | Cpan | Unspecified vulnerability in Cpan Parallel::Forkmanager Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files. | 6.4 |
2020-01-30 | CVE-2020-5206 | Apereo | Improper Authentication vulnerability in Apereo Opencast In Opencast before 7.6 and 8.1, using a remember-me cookie with an arbitrary username can cause Opencast to assume proper authentication for that user even if the remember-me cookie was incorrect given that the attacked endpoint also allows anonymous access. | 6.4 |
2020-01-30 | CVE-2013-1350 | Veraxsystems | Incorrect Authorization vulnerability in Veraxsystems Network Management System Verax NMS prior to 2.1.0 has multiple security bypass vulnerabilities | 6.4 |
2020-01-27 | CVE-2019-20433 | GNU | Out-of-bounds Read vulnerability in GNU Aspell libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable. | 6.4 |
2020-01-27 | CVE-2013-4462 | Portable Phpmyadmin Project | Improper Authentication vulnerability in Portable PHPmyadmin Project Portable PHPmyadmin WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability | 6.4 |
2020-01-30 | CVE-2013-1867 | Apple | Link Following vulnerability in Apple Tokend 032013 Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability | 6.3 |
2020-01-30 | CVE-2013-1866 | Opensc Project Apple | Link Following vulnerability in Opensc Project Opensc OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability | 6.3 |
2020-01-31 | CVE-2013-3565 | Videolan Opensuse | Cross-site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua. | 6.1 |
2020-01-28 | CVE-2019-20437 | Wso2 | Cross-site Scripting vulnerability in Wso2 API Manager and Identity Server An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. | 6.1 |
2020-01-28 | CVE-2019-20436 | Wso2 | Cross-site Scripting vulnerability in Wso2 API Manager and Identity Server An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. | 6.1 |
2020-01-27 | CVE-2019-19143 | TP Link | Missing Authentication for Critical Function vulnerability in Tp-Link Tl-Wr849N Firmware 0.9.14.16 TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI. | 6.1 |
2020-01-30 | CVE-2020-8495 | Kronos | Incorrect Authorization vulnerability in Kronos web Time and Attendance 3.8 In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unauthorized administrative privileges within the application via the delegate, delegateRole, and delegatorUserId parameters. | 6.0 |
2020-01-29 | CVE-2013-3321 | Netapp | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Netapp Oncommand System Manager 2.0.2/2.1 NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter. | 6.0 |
2020-01-27 | CVE-2011-4558 | Tiki | Injection vulnerability in Tiki Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters. | 6.0 |
2020-01-27 | CVE-2017-14806 | Suse | Improper Certificate Validation vulnerability in Suse Studio Onsite and Susestudio-Ui-Server A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. | 5.9 |
2020-01-30 | CVE-2020-5233 | Oauth2 Proxy Project | Open Redirect vulnerability in Oauth2 Proxy Project Oauth2 Proxy OAuth2 Proxy before 5.0 has an open redirect vulnerability. | 5.8 |
2020-01-30 | CVE-2020-7904 | Jetbrains | Improper Certificate Validation vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS. | 5.8 |
2020-01-29 | CVE-2020-2100 | Jenkins | Unspecified vulnerability in Jenkins Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848. | 5.8 |
2020-01-28 | CVE-2013-2764 | United Security Providers | Open Redirect vulnerability in United-Security-Providers Secure Entry Server Secure Entry Server before 4.7.0 contains a URI Redirection vulnerability which could allow remote attackers to conduct phishing attacks due to HSP_AbsoluteRedirects being disabled by default. | 5.8 |
2020-01-28 | CVE-2019-4631 | IBM | Open Redirect vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.8 |
2020-01-28 | CVE-2020-5523 | 77Bank Ashikagabank Hokkaidobank Hokugin Naganobank Nttdata Shikokubank Sihd BK Tohoku Bank | Improper Certificate Validation vulnerability in multiple products Android App 'MyPallete' and some of the Android banking applications based on 'MyPallete' do not verify X.509 certificates from servers, and also do not properly validate certificates with host-mismatch, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
2020-01-27 | CVE-2020-5522 | Fujixerox | Improper Certificate Validation vulnerability in Fujixerox Easy Netprint 2.0.3 The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
2020-01-27 | CVE-2020-5521 | Fujixerox | Improper Certificate Validation vulnerability in Fujixerox Easy Netprint The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
2020-01-27 | CVE-2020-5520 | Fujixerox | Improper Certificate Validation vulnerability in Fujixerox Netprint The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
2020-01-30 | CVE-2020-5229 | Apereo | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Apereo Opencast Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. | 5.5 |
2020-01-28 | CVE-2019-4707 | IBM | XXE vulnerability in IBM Security Access Manager 9.0.7.0 IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
2020-01-28 | CVE-2013-4862 | Micasaverde | Incorrect Authorization vulnerability in Micasaverde Veralite Firmware 1.5.408 MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access, which allows remote authenticated users to (1) update the firmware via the squashfs parameter to upgrade_step2.sh or (2) obtain hashed passwords via the cgi-bin/cmh/backup.sh page. | 5.5 |
2020-01-28 | CVE-2020-0549 | Intel Opensuse Debian Canonical Fedoraproject | Improper Resource Shutdown or Release vulnerability in multiple products Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
2020-01-28 | CVE-2020-0548 | Intel | Improper Resource Shutdown or Release vulnerability in Intel products Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
2020-01-27 | CVE-2018-20105 | Yast2 RMT Project Opensuse Suse | Information Exposure Through Log Files vulnerability in multiple products A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. | 5.5 |
2020-01-27 | CVE-2020-8003 | Virglrenderer Project Debian | Double Free vulnerability in multiple products A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free. | 5.5 |
2020-01-27 | CVE-2020-8002 | Virglrenderer Project Debian | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without previously providing a Compute Shader (CS). | 5.5 |
2020-01-29 | CVE-2020-2106 | Jenkins | Cross-site Scripting vulnerability in Jenkins Code Coverage API Jenkins Code Coverage API Plugin 1.1.2 and earlier does not escape the filename of the coverage report used in its view, resulting in a stored XSS vulnerability exploitable by users able to change job configurations. | 5.4 |
2020-01-29 | CVE-2020-2105 | Jenkins | Improper Restriction of Rendered UI Layers or Frames vulnerability in Jenkins REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks. | 5.4 |
2020-01-29 | CVE-2020-2103 | Jenkins | Information Exposure vulnerability in Jenkins Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page. | 5.4 |
2020-01-29 | CVE-2019-7655 | Wowza | Cross-site Scripting vulnerability in Wowza Streaming Engine Wowza Streaming Engine 4.8.0 and earlier from multiple authenticated XSS vulnerabilities via the (1) customList%5B0%5D.value field in enginemanager/server/serversetup/edit_adv.htm of the Server Setup configuration or the (2) host field in enginemanager/j_spring_security_check of the login form. | 5.4 |
2020-01-28 | CVE-2020-8426 | Elementor | Cross-site Scripting vulnerability in Elementor Website Builder The Elementor plugin before 2.8.5 for WordPress suffers from a reflected XSS vulnerability on the elementor-system-info page. | 5.4 |
2020-02-02 | CVE-2020-8516 | Torproject | Unspecified vulnerability in Torproject TOR The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not verify that a rendezvous node is known before attempting to connect to it, which might make it easier for remote attackers to discover circuit information. | 5.3 |
2020-01-30 | CVE-2019-10782 | Checkstyle | XXE vulnerability in Checkstyle All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity (XXE) Injection due to an incomplete fix for CVE-2019-9658. | 5.3 |
2020-01-29 | CVE-2020-2102 | Jenkins | Information Exposure Through Discrepancy vulnerability in Jenkins Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC. | 5.3 |
2020-01-29 | CVE-2020-2101 | Jenkins | Information Exposure Through Discrepancy vulnerability in Jenkins Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret. | 5.3 |
2020-01-28 | CVE-2020-1928 | Apache | Information Exposure Through Log Files vulnerability in Apache Nifi 1.10.0 An information disclosure vulnerability was found in Apache NiFi 1.10.0. | 5.3 |
2020-01-30 | CVE-2019-20358 | Trendmicro | Improper Input Validation vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218 Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | 5.1 |
2020-01-31 | CVE-2014-5236 | Open Xchange | Path Traversal vulnerability in Open-Xchange Appsuite Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remote attackers to read application files via a full pathname in a crafted (1) OLE Object or (2) image in an OpenDocument text file. | 5.0 |
2020-01-31 | CVE-2019-13000 | Acinq | Unspecified vulnerability in Acinq Eclair 0.3 Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. | 5.0 |
2020-01-31 | CVE-2019-12999 | Lightning | Unspecified vulnerability in Lightning Network Daemon Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control. | 5.0 |
2020-01-31 | CVE-2019-12998 | Elementsproject | Unspecified vulnerability in Elementsproject C-Lightning c-lightning before 0.7.1 allows attackers to trigger loss of funds because of Incorrect Access Control. | 5.0 |
2020-01-31 | CVE-2016-2032 | Arubanetworks | Improper Authentication vulnerability in Arubanetworks Airwave Network Management, Aruba Instant and Arubaos A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. | 5.0 |
2020-01-31 | CVE-2011-4117 | Cpan | Unspecified vulnerability in Cpan Batch::Batchrun 1.0.3 The Batch::BatchRun module 1.03 for Perl does not properly handle temporary files. | 5.0 |
2020-01-31 | CVE-2011-4116 | Cpan | Link Following vulnerability in Cpan File::Temp _is_safe in the File::Temp module for Perl does not properly handle symlinks. | 5.0 |
2020-01-31 | CVE-2011-4088 | Abrt Project Fedoraproject Redhat | Information Exposure vulnerability in multiple products ABRT might allow attackers to obtain sensitive information from crash reports. | 5.0 |
2020-01-31 | CVE-2019-4720 | IBM | Allocation of Resources Without Limits or Throttling vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. | 5.0 |
2020-01-31 | CVE-2019-19550 | Senior | Information Exposure vulnerability in Senior Rubiweb 6.2.34.28/6.2.34.37 Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions. | 5.0 |
2020-01-31 | CVE-2020-7955 | Hashicorp | Information Exposure vulnerability in Hashicorp Consul HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. | 5.0 |
2020-01-31 | CVE-2020-7914 | Jetbrains | Information Exposure vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. | 5.0 |
2020-01-31 | CVE-2020-7219 | Hashicorp | Resource Exhaustion vulnerability in Hashicorp Consul HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. | 5.0 |
2020-01-31 | CVE-2020-7218 | Hashicorp | Allocation of Resources Without Limits or Throttling vulnerability in Hashicorp Nomad HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. | 5.0 |
2020-01-30 | CVE-2020-5230 | Apereo | Injection vulnerability in Apereo Opencast Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used. | 5.0 |
2020-01-30 | CVE-2015-8851 | Node Uuid Project | Insufficient Entropy vulnerability in Node-Uuid Project Node-Uuid node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing. | 5.0 |
2020-01-30 | CVE-2020-5228 | Apereo | Missing Authorization vulnerability in Apereo Opencast Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. | 5.0 |
2020-01-30 | CVE-2020-7912 | Jetbrains | Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups. | 5.0 |
2020-01-30 | CVE-2020-7909 | Jetbrains | Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI. | 5.0 |
2020-01-30 | CVE-2020-7906 | Jetbrains | Improper Verification of Cryptographic Signature vulnerability in Jetbrains Rider 2019.3.0 In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. | 5.0 |
2020-01-30 | CVE-2020-7905 | Jetbrains | Information Exposure vulnerability in Jetbrains Intellij Idea Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network. | 5.0 |
2020-01-30 | CVE-2013-1631 | Veraxsystems | Information Exposure vulnerability in Veraxsystems Network Management System Verax NMS prior to 2.1.0 leaks connection details when any user executes a Repair Table action | 5.0 |
2020-01-30 | CVE-2013-1352 | Veraxsystems | Use of Hard-coded Credentials vulnerability in Veraxsystems Network Management System Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a JAR archive. | 5.0 |
2020-01-30 | CVE-2013-0291 | Imagely | Information Exposure vulnerability in Imagely Nextgen Gallery 1.9.10/1.9.11 NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability | 5.0 |
2020-01-29 | CVE-2020-3717 | Magento | Path Traversal vulnerability in Magento Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a path traversal vulnerability. | 5.0 |
2020-01-29 | CVE-2013-2574 | Foscam | Incorrect Authorization vulnerability in Foscam Fi8620 Firmware An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information. | 5.0 |
2020-01-29 | CVE-2013-2572 | TP Link | Use of Hard-coded Credentials vulnerability in Tp-Link products A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files. | 5.0 |
2020-01-29 | CVE-2013-2569 | Zavio | Improper Authentication vulnerability in Zavio F3105 Firmware and F312A Firmware A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream. | 5.0 |
2020-01-29 | CVE-2020-8416 | Iktm | Resource Exhaustion vulnerability in Iktm Bearftp 0.0.1/0.1.0 IKTeam BearFTP before 0.2.0 allows remote attackers to achieve denial of service via a large volume of connections to the PASV mode port. | 5.0 |
2020-01-29 | CVE-2013-2567 | Zavio | Use of Hard-coded Credentials vulnerability in Zavio F3105 Firmware and F312A Firmware An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information. | 5.0 |
2020-01-28 | CVE-2013-1603 | Dlink | Use of Hard-coded Credentials vulnerability in Dlink products An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream. | 5.0 |
2020-01-28 | CVE-2013-1602 | Dlink | Information Exposure vulnerability in Dlink products An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams. | 5.0 |
2020-01-28 | CVE-2013-1601 | Dlink | Information Exposure vulnerability in Dlink products An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. | 5.0 |
2020-01-28 | CVE-2013-1600 | Dlink | Improper Authentication vulnerability in Dlink Dcs-2102 Firmware and Dcs-2121 Firmware An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. | 5.0 |
2020-01-28 | CVE-2019-4639 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2020-01-28 | CVE-2015-8012 | Lldpd Project | Reachable Assertion vulnerability in Lldpd Project Lldpd lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via a malformed packet. | 5.0 |
2020-01-28 | CVE-2012-6609 | Polycom | Path Traversal vulnerability in Polycom HDX Video END Points and UC APL Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. | 5.0 |
2020-01-28 | CVE-2014-2581 | Smb4K Project Fedoraproject | Insufficiently Protected Credentials vulnerability in multiple products Smb4K before 1.1.1 allows remote attackers to obtain credentials via vectors related to the cuid option in the "Additional options" line edit. | 5.0 |
2020-01-28 | CVE-2013-6455 | Mediawiki | Information Exposure vulnerability in Mediawiki The CentralAuth extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain usernames via vectors related to writing the names to the DOM of a page. | 5.0 |
2020-01-28 | CVE-2013-1895 | Python Fedoraproject | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products The py-bcrypt module before 0.3 for Python does not properly handle concurrent memory access, which allows attackers to bypass authentication via multiple authentication requests, which trigger the password hash to be overwritten. | 5.0 |
2020-01-28 | CVE-2019-5472 | Gitlab | Unspecified vulnerability in Gitlab An authorization issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 that prevented owners and maintainer to delete epic comments. | 5.0 |
2020-01-28 | CVE-2019-5470 | Gitlab | Missing Authorization vulnerability in Gitlab An information disclosure issue was discovered GitLab versions < 12.1.2, < 12.0.4, and < 11.11.6 in the security dashboard which could result in disclosure of vulnerability feedback information. | 5.0 |
2020-01-28 | CVE-2019-15590 | Gitlab | Unspecified vulnerability in Gitlab An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration | 5.0 |
2020-01-28 | CVE-2019-15583 | Gitlab | Information Exposure vulnerability in Gitlab An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). | 5.0 |
2020-01-28 | CVE-2019-15582 | Gitlab | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a maintainer to add any private group to a protected environment. | 5.0 |
2020-01-28 | CVE-2019-15581 | Gitlab | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group via merge request approval rules. | 5.0 |
2020-01-28 | CVE-2019-15579 | Gitlab | Unspecified vulnerability in Gitlab An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) where the assignee(s) of a confidential issue in a private project would be disclosed to a guest via milestones. | 5.0 |
2020-01-28 | CVE-2019-15578 | Gitlab | Information Exposure vulnerability in Gitlab An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). | 5.0 |
2020-01-27 | CVE-2013-2499 | Simplehrm | Information Exposure vulnerability in Simplehrm 2.2/2.3 SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie. | 5.0 |
2020-01-27 | CVE-2013-2474 | AWS DMS | Path Traversal vulnerability in Aws-Dms AWS XMS 2.5 Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter. | 5.0 |
2020-01-27 | CVE-2020-5220 | Sylius | Information Exposure vulnerability in Sylius Syliusresourcebundle Sylius ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. | 5.0 |
2020-01-27 | CVE-2020-5207 | Jetbrains | HTTP Request Smuggling vulnerability in Jetbrains Ktor In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator. | 5.0 |
2020-01-27 | CVE-2019-19823 | Totolink Realtek Sapido Ciktel Kctvjeju FG Products Hiwifi Tbroad Coship Iodata HCN MAX C300N Project | Insufficiently Protected Credentials vulnerability in multiple products A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. | 5.0 |
2020-01-27 | CVE-2019-19822 | Totolink Realtek Sapido Ciktel Kctvjeju FG Products Hiwifi Tbroad Coship Iodata HCN MAX C300N Project | Missing Authentication for Critical Function vulnerability in multiple products A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). | 5.0 |
2020-01-27 | CVE-2014-3979 | Bytemark | Denial of Service vulnerability in Bytemark Symbiosis 'pattern.rb' Bytemark Symbiosis allows remote attackers to cause a denial of service via a crafted username, which triggers the firewall to blacklist the IP. | 5.0 |
2020-01-27 | CVE-2013-4441 | Pwgen Project | Improper Restriction of Excessive Authentication Attempts vulnerability in Pwgen Project Pwgen 2.06 The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack. | 5.0 |
2020-01-27 | CVE-2015-0294 | GNU Debian Redhat | Improper Certificate Validation vulnerability in multiple products GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. | 5.0 |
2020-01-27 | CVE-2014-4156 | Proxmox | Information Exposure Through Discrepancy vulnerability in Proxmox Virtual Environment Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability | 5.0 |
2020-01-27 | CVE-2013-5659 | Info ZIP | Out-of-bounds Write vulnerability in Info-Zip WIZ 5.0.3 Wiz 5.0.3 has a user mode write access violation | 5.0 |
2020-01-27 | CVE-2020-8009 | Motu | Path Traversal vulnerability in Motu AVB Firmware AVB MOTU devices through 2020-01-22 allow /.. | 5.0 |
2020-01-31 | CVE-2020-5232 | ENS Domains | Unspecified vulnerability in Ens.Domains Ethereum Name Service A user who owns an ENS domain can set a trapdoor, allowing them to transfer ownership to another user, and later regain ownership without the new owners consent or awareness. | 4.9 |
2020-01-30 | CVE-2020-8095 | Bitdefender | Improper Input Validation vulnerability in Bitdefender Total Security 2020 24.0.12.69/24.0.20.116 A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device. | 4.9 |
2020-01-28 | CVE-2019-20439 | Wso2 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 4.8 |
2020-01-28 | CVE-2019-20435 | Wso2 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 4.8 |
2020-01-28 | CVE-2019-20434 | Wso2 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 4.8 |
2020-01-31 | CVE-2019-3016 | Linux | Race Condition vulnerability in Linux Kernel In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. | 4.7 |
2020-01-31 | CVE-2014-8321 | Aircrack NG | Out-of-bounds Write vulnerability in Aircrack-Ng Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors. | 4.6 |
2020-01-30 | CVE-2015-0949 | Dell HP | Improper Privilege Management vulnerability in multiple products The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. | 4.6 |
2020-01-30 | CVE-2020-8093 | Bitdefender | Injection vulnerability in Bitdefender Antivirus A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution | 4.6 |
2020-01-28 | CVE-2019-4620 | IBM | Improper Input Validation vulnerability in IBM MQ Appliance IBM MQ Appliance 8.0 and 9.0 LTS could allow a local attacker to bypass security restrictions caused by improper validation of environment variables. | 4.6 |
2020-01-28 | CVE-2020-5210 | Nethack | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 4.6 |
2020-01-28 | CVE-2020-5209 | Nethack | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 4.6 |
2020-01-27 | CVE-2014-7301 | HP | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw. | 4.6 |
2020-01-28 | CVE-2014-3856 | Fishshell | Race Condition vulnerability in Fishshell Fish The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name. | 4.4 |
2020-01-28 | CVE-2014-2906 | Fishshell | Race Condition vulnerability in Fishshell Fish The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name. | 4.4 |
2020-01-27 | CVE-2019-17099 | Bitdefender | Untrusted Search Path vulnerability in Bitdefender Endpoint Security Tools An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the search path. | 4.4 |
2020-01-27 | CVE-2019-17100 | Bitdefender | Untrusted Search Path vulnerability in Bitdefender Total Security 2020 An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. | 4.4 |
2020-02-02 | CVE-2020-8514 | Maxum | Cross-site Scripting vulnerability in Maxum Rumpus 8.2.10 An issue was discovered in Rumpus 8.2.10 on macOS. | 4.3 |
2020-02-01 | CVE-2020-8512 | Icewarp | Cross-site Scripting vulnerability in Icewarp Server 11.4.4.1 In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter. | 4.3 |
2020-01-31 | CVE-2020-8505 | Arox | Cross-Site Request Forgery (CSRF) vulnerability in Arox School Management Software PHP/Mysql 20190314 School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user. | 4.3 |
2020-01-31 | CVE-2020-8504 | Arox | Cross-Site Request Forgery (CSRF) vulnerability in Arox School Management Software PHP/Mysql 20190314 School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrative user. | 4.3 |
2020-01-31 | CVE-2014-8338 | Videowhisper | Cross-site Scripting vulnerability in Videowhisper Webcam 7.X1.7 Cross-site scripting (XSS) vulnerability in vwrooms/js/jsor-jcarousel/examples/special_textscroller.php in the VideoWhisper Webcam plugins for Drupal 7.x allows remote attackers to inject arbitrary web script or HTML via a URL to a crafted SVG file in the feed parameter. | 4.3 |
2020-01-31 | CVE-2014-3809 | Nokia | Cross-site Scripting vulnerability in Nokia products Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html. | 4.3 |
2020-01-31 | CVE-2014-2843 | Infoware | Cross-site Scripting vulnerability in Infoware Mapsuite Cross-site scripting (XSS) vulnerability in infoware MapSuite MapAPI 1.0.x before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2020-01-31 | CVE-2020-5526 | Fujixerox | Improper Certificate Validation vulnerability in Fujixerox Apeosware Management Suite The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 4.3 |
2020-01-30 | CVE-2013-4241 | Hitmyserver | Cross-site Scripting vulnerability in Hitmyserver HMS Testimonials Multiple cross-site scripting (XSS) vulnerabilities in the HMS Testimonials plugin before 2.0.11 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) image, (3) url, or (4) testimonial parameter to the Testimonial form (hms-testimonials-addnew page); (5) date_format parameter to the Settings - Default form (hms-testimonials-settings page); (6) name parameter in a Save action to the Settings - Custom Fields form (hms-testimonials-settings-fields page); or (7) name parameter in a Save action to the Settings - Template form (hms-testimonials-templates-new page). | 4.3 |
2020-01-30 | CVE-2013-2294 | Viewgit Project | Cross-site Scripting vulnerability in Viewgit Project Viewgit Multiple cross-site scripting (XSS) vulnerabilities in ViewGit before 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in templates/shortlog.php or (3) Heads table in plates/summary.php. | 4.3 |
2020-01-30 | CVE-2012-6133 | Roundup Tracker | Cross-site Scripting vulnerability in Roundup-Tracker Roundup Multiple cross-site scripting (XSS) vulnerabilities in Roundup before 1.4.20 allow remote attackers to inject arbitrary web script or HTML via the (1) @ok_message or (2) @error_message parameter to issue*. | 4.3 |
2020-01-30 | CVE-2014-3718 | Exlibrisgroup | Cross-site Scripting vulnerability in Exlibrisgroup Aleph 500 18.1/20.0 Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/tag_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to inject arbitrary web script or HTML via the (1) find, (2) lib, or (3) sid parameter. | 4.3 |
2020-01-30 | CVE-2020-7913 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Youtrack JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description. | 4.3 |
2020-01-30 | CVE-2020-7911 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS. | 4.3 |
2020-01-30 | CVE-2020-7908 | Jetbrains | Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. | 4.3 |
2020-01-30 | CVE-2013-1351 | Veraxsystems | Authentication Bypass by Capture-replay vulnerability in Veraxsystems Network Management System Verax NMS prior to 2.10 allows authentication via the encrypted password without knowing the cleartext password. | 4.3 |
2020-01-30 | CVE-2013-0739 | Chamilo | Cross-site Scripting vulnerability in Chamilo 1.9.4 Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script. | 4.3 |
2020-01-30 | CVE-2013-0738 | Chamilo | Cross-site Scripting vulnerability in Chamilo 1.9.4 Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php. | 4.3 |
2020-01-29 | CVE-2013-3320 | Netapp | Cross-site Scripting vulnerability in Netapp Oncommand System Manager 2.0.2/2.1 Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote attackers to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields. | 4.3 |
2020-01-29 | CVE-2020-3758 | Magento | Cross-site Scripting vulnerability in Magento Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. | 4.3 |
2020-01-29 | CVE-2020-3715 | Magento | Cross-site Scripting vulnerability in Magento Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. | 4.3 |
2020-01-29 | CVE-2020-2107 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins Fortify 19.1.28/19.1.29 Jenkins Fortify Plugin 19.1.29 and earlier stores proxy server passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 4.3 |
2020-01-29 | CVE-2020-2104 | Jenkins | Incorrect Authorization vulnerability in Jenkins Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart. | 4.3 |
2020-01-28 | CVE-2020-8425 | Cups Easy Purchase Inventory Project | Cross-Site Request Forgery (CSRF) vulnerability in Cups Easy (Purchase & Inventory) Project Cups Easy (Purchase & Inventory) 1.0 Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account deletion via userdelete.php. | 4.3 |
2020-01-28 | CVE-2020-5215 | Improper Input Validation vulnerability in Google Tensorflow In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. | 4.3 | |
2020-01-28 | CVE-2020-8421 | Joomla | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.15. | 4.3 |
2020-01-28 | CVE-2014-8490 | Tennisconnect | Cross-site Scripting vulnerability in Tennisconnect Components 9.927 Cross-site scripting (XSS) vulnerability in TennisConnect COMPONENTS 9.927 allows remote attackers to inject arbitrary web script or HTML via the pid parameter to index.cfm. | 4.3 |
2020-01-28 | CVE-2013-2714 | Podpress Project | Cross-site Scripting vulnerability in Podpress Project Podpress 8.8.10.13 Cross-site Scripting (XSS) in WordPress podPress Plugin 8.8.10.13 could allow remote attackers to inject arbitrary web script or html via the 'playerID' parameter. | 4.3 |
2020-01-28 | CVE-2020-8315 | Python | Improper Input Validation vulnerability in Python In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. | 4.3 |
2020-01-28 | CVE-2019-4638 | IBM | Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2020-01-28 | CVE-2019-4633 | IBM | Exposure of Resource to Wrong Sphere vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. | 4.3 |
2020-01-28 | CVE-2019-4632 | IBM | Cross-site Scripting vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. | 4.3 |
2020-01-28 | CVE-2019-4568 | IBM | Improper Input Validation vulnerability in IBM MQ and MQ Appliance IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel. | 4.3 |
2020-01-28 | CVE-2013-4865 | Micasaverde | Cross-Site Request Forgery (CSRF) vulnerability in Micasaverde Veralite Firmware 1.5.408 Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter. | 4.3 |
2020-01-28 | CVE-2014-3230 | LWP | Improper Certificate Validation vulnerability in Lwp::Protocol::Https Project Lwp::Protocol::Https 6.04/6.06 The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment variable. | 4.3 |
2020-01-28 | CVE-2013-0294 | Pyrad Project Fedoraproject | Use of Insufficiently Random Values vulnerability in multiple products packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack. | 4.3 |
2020-01-28 | CVE-2013-6451 | Mediawiki | Cross-site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in MediaWiki 1.19.9 before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via unspecified CSS values. | 4.3 |
2020-01-28 | CVE-2020-7997 | Asus | Cross-site Scripting vulnerability in Asus Rt-Ac66U Firmware 3.0.0.4.37267 ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature. | 4.3 |
2020-01-28 | CVE-2019-15586 | Gitlab | Cross-site Scripting vulnerability in Gitlab A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin. | 4.3 |
2020-01-28 | CVE-2020-1933 | Apache | Cross-site Scripting vulnerability in Apache Nifi A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. | 4.3 |
2020-01-28 | CVE-2019-10779 | Gchq | Cross-site Scripting vulnerability in Gchq Stroom All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting. | 4.3 |
2020-01-28 | CVE-2019-10770 | Ratpack | Cross-site Scripting vulnerability in Ratpack 0.9.10 All versions of io.ratpack:ratpack-core from 0.9.10 inclusive and before 1.7.6 are vulnerable to Cross-site Scripting (XSS). | 4.3 |
2020-01-27 | CVE-2020-8091 | Typo3 | Cross-site Scripting vulnerability in Typo3 svg.swf in TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. | 4.3 |
2020-01-27 | CVE-2012-6448 | Cpanel | Cross-site Scripting vulnerability in Cpanel Webhost Manager 11.34.0 Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2020-01-27 | CVE-2019-8947 | Zimbra | Cross-site Scripting vulnerability in Zimbra Collaboration Server Zimbra Collaboration 8.7.x - 8.8.11P2 contains non-persistent XSS. | 4.3 |
2020-01-27 | CVE-2019-8946 | Zimbra | Cross-site Scripting vulnerability in Zimbra Collaboration Server Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS. | 4.3 |
2020-01-27 | CVE-2019-8945 | Zimbra | Cross-site Scripting vulnerability in Zimbra Collaboration Server Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS. | 4.3 |
2020-01-27 | CVE-2019-15313 | Zimbra | Cross-site Scripting vulnerability in Zimbra Collaboration Server In Zimbra Collaboration before 8.8.15 Patch 1, there is a non-persistent XSS vulnerability. | 4.3 |
2020-01-27 | CVE-2014-5500 | Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server Synacor Zimbra Collaboration before 8.0.8 has XSS. | 4.3 |
2020-01-27 | CVE-2013-4770 | Eucalyptus | Cross-site Scripting vulnerability in Eucalyptus Management Console 4.0.0 Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2020-01-27 | CVE-2015-3154 | Zend | Injection vulnerability in Zend Framework CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email. | 4.3 |
2020-01-27 | CVE-2014-9481 | Mediawiki | Information Exposure vulnerability in Mediawiki The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML. | 4.3 |
2020-01-27 | CVE-2019-6036 | F Revocrm | Cross-site Scripting vulnerability in F-Revocrm 6.0/6.5 Cross-site scripting vulnerability in F-RevoCRM 6.0 to F-RevoCRM 6.5 patch6 (version 6 series) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2020-01-31 | CVE-2020-8422 | Zohocorp | Insufficiently Protected Credentials vulnerability in Zohocorp Manageengine Remote Access Plus An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine Remote Access Plus before 10.0.450. | 4.0 |
2020-01-30 | CVE-2020-5231 | Apereo | Incorrect Default Permissions vulnerability in Apereo Opencast In Opencast before 7.6 and 8.1, users with the role ROLE_COURSE_ADMIN can use the user-utils endpoint to create new users not including the role ROLE_ADMIN. | 4.0 |
2020-01-30 | CVE-2013-4187 | Flippy Project | Information Exposure vulnerability in Flippy Project Flippy The Flippy module 7.x-1.x before 7.x-1.2 for Drupal does not properly restrict access to nodes, which allows remote authenticated users with the permission to access content to read a link or alias to a restricted node. | 4.0 |
2020-01-28 | CVE-2019-4679 | IBM | Unspecified vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD could allow an authenticated user to gain information about the hosting operating system and version that could be used in further attacks against the system. | 4.0 |
2020-01-28 | CVE-2019-4637 | IBM | Unspecified vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. | 4.0 |
2020-01-28 | CVE-2019-4636 | IBM | Information Exposure Through an Error Message vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 could disclose sensitive information to an authenticated user from generated error messages. | 4.0 |
2020-01-28 | CVE-2019-4635 | IBM | Command Injection vulnerability in IBM Security Secret Server 10.7 IBM Security Secret Server 10.7 could allow a privileged user to perform unauthorized command injection due to imporoper input neutralization of special elements. | 4.0 |
2020-01-28 | CVE-2019-4614 | IBM | Improper Input Validation vulnerability in IBM MQ and MQ Appliance IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Queue Manager could cause a SIGSEGV denial of service caused by converting an invalid message. | 4.0 |
2020-01-28 | CVE-2013-4861 | Micasaverde | Path Traversal vulnerability in Micasaverde Veralite Firmware 1.5.408 Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a .. | 4.0 |
2020-01-28 | CVE-2013-4582 | Gitlab | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Gitlab and Gitlab-Shell The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface. | 4.0 |
2020-01-28 | CVE-2019-5474 | Gitlab | Incorrect Authorization vulnerability in Gitlab An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the merge request approval rules to be overridden without appropriate permissions. | 4.0 |
2020-01-28 | CVE-2019-5466 | Gitlab | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names. | 4.0 |
2020-01-28 | CVE-2019-5465 | Gitlab | Unspecified vulnerability in Gitlab An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID. | 4.0 |
2020-01-28 | CVE-2020-1932 | Apache | Information Exposure vulnerability in Apache Superset An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. | 4.0 |
2020-01-27 | CVE-2020-5218 | Sylius | HTTP Request Smuggling vulnerability in Sylius Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments. | 4.0 |
2020-01-27 | CVE-2014-8161 | Postgresql Debian | Information Exposure Through an Error Message vulnerability in multiple products PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message. | 4.0 |
37 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-01-29 | CVE-2020-8428 | Linux | Use After Free vulnerability in Linux Kernel fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. | 3.6 |
2020-01-28 | CVE-2012-6114 | GIT Extras Project | Link Following vulnerability in Git-Extras Project Git-Extras 1.7.0 The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort. | 3.6 |
2020-01-31 | CVE-2015-6815 | Qemu Fedoraproject Novell Canonical Redhat XEN Arista | Infinite Loop vulnerability in multiple products The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. | 3.5 |
2020-01-31 | CVE-2020-8503 | Biscom | Authorization Bypass Through User-Controlled Key vulnerability in Biscom Secure File Transfer Biscom Secure File Transfer (SFT) 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference (IDOR) by an authenticated sender because of an error in a file-upload feature. | 3.5 |
2020-01-30 | CVE-2020-8498 | Gistpress Project | Cross-site Scripting vulnerability in Gistpress Project Gistpress XSS exists in the shortcode functionality of the GistPress plugin before 3.0.2 for WordPress via the includes/class-gistpress.php id parameter. | 3.5 |
2020-01-30 | CVE-2020-8496 | Kronos | Cross-site Scripting vulnerability in Kronos web Time and Attendance In Kronos Web Time and Attendance (webTA) 4.1.x and later 4.x versions before 5.0, there is a Stored XSS vulnerability by setting the Application Banner input field of the /ApplicationBanner page as an authenticated administrator. | 3.5 |
2020-01-30 | CVE-2020-8493 | Kronos | Cross-site Scripting vulnerability in Kronos web Time and Attendance 3.8 A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affects 3.8.x and later 3.x versions before 4.0 via multiple input fields (Login Message, Banner Message, and Password Instructions) of the com.threeis.webta.H261configMenu servlet via an authenticated administrator. | 3.5 |
2020-01-30 | CVE-2020-7910 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Teamcity JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role. | 3.5 |
2020-01-29 | CVE-2013-0161 | Havalite | Cross-site Scripting vulnerability in Havalite 1.1.7 Havalite CMS 1.1.7 has a stored XSS vulnerability | 3.5 |
2020-01-29 | CVE-2012-5776 | Dokeos | Cross-site Scripting vulnerability in Dokeos 2.1.1 Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in main/auth/profile.php. | 3.5 |
2020-01-28 | CVE-2019-17338 | Tibco | Cross-site Scripting vulnerability in Tibco Patterns - Search The user interface component of TIBCO Software Inc.'s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. | 3.5 |
2020-01-28 | CVE-2015-7851 | NTP | Path Traversal vulnerability in NTP Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files. | 3.5 |
2020-01-28 | CVE-2020-7934 | Liferay | Cross-site Scripting vulnerability in Liferay Portal In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. | 3.5 |
2020-01-28 | CVE-2019-15607 | Nodered | Cross-site Scripting vulnerability in Nodered Node-Red A stored XSS vulnerability is present within node-red (version: <= 0.20.7) npm package, which is a visual tool for wiring the Internet of Things. | 3.5 |
2020-01-28 | CVE-2019-20438 | Wso2 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 3.5 |
2020-01-28 | CVE-2019-17651 | Fortinet | Cross-site Scripting vulnerability in Fortinet Fortisiem An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule in FortiSIEM version 5.2.5 and below may allow a remote authenticated attacker to perform a Stored Cross Site Scripting attack (XSS) by injecting malicious JavaScript code into the description field of a Device Maintenance schedule. | 3.5 |
2020-01-28 | CVE-2019-20443 | Wso2 | Cross-site Scripting vulnerability in Wso2 API Manager, Enterprise Integrator and Identity Server An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. | 3.5 |
2020-01-28 | CVE-2019-20442 | Wso2 | Cross-site Scripting vulnerability in Wso2 API Manager, Enterprise Integrator and Identity Server An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. | 3.5 |
2020-01-28 | CVE-2019-20441 | Wso2 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 3.5 |
2020-01-28 | CVE-2019-20440 | Wso2 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 3.5 |
2020-01-27 | CVE-2020-8090 | A1 | Cross-site Scripting vulnerability in A1 Wlan BOX ADB Vv2220 Firmware The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS (after a successful Administrator login). | 3.5 |
2020-01-27 | CVE-2019-12427 | Zimbra | Cross-site Scripting vulnerability in Zimbra Collaboration Server Zimbra Collaboration before 8.8.15 Patch 1 is vulnerable to a non-persistent XSS via the Admin Console. | 3.5 |
2020-01-27 | CVE-2019-11318 | Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server Zimbra Collaboration before 8.8.12 Patch 1 has persistent XSS. | 3.5 |
2020-01-27 | CVE-2015-2249 | Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server Zimbra Collaboration before 8.6.0 patch5 has XSS. | 3.5 |
2020-01-27 | CVE-2013-0286 | Pinboard Project | Cross-site Scripting vulnerability in Pinboard Project Pinboard 1.0.6 Pinboard 1.0.6 theme for Wordpress has XSS. | 3.5 |
2020-01-30 | CVE-2019-17273 | Netapp | Improper Input Validation vulnerability in Netapp E-Series Santricity OS Controller E-Series SANtricity OS Controller Software version 11.60.0 is susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in IPv6 environments. | 3.3 |
2020-01-27 | CVE-2006-7246 | Gnome Opensuse Suse | Improper Certificate Validation vulnerability in multiple products NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used. | 3.2 |
2020-01-31 | CVE-2013-5112 | Evernote | Improper Authentication vulnerability in Evernote Evernote before 5.5.1 has insecure PIN storage | 2.1 |
2020-01-30 | CVE-2020-8092 | Bitdefender | Improper Privilege Management vulnerability in Bitdefender Antivirus A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud. | 2.1 |
2020-01-30 | CVE-2020-8448 | Ossec | NULL Pointer Dereference vulnerability in Ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a denial of service (NULL pointer dereference) via crafted messages written directly to the analysisd UNIX domain socket by a local user. | 2.1 |
2020-01-30 | CVE-2020-8446 | Ossec | Path Traversal vulnerability in Ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to path traversal (with write access) via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user. | 2.1 |
2020-01-27 | CVE-2019-19539 | HP | Insufficiently Protected Credentials vulnerability in HP products An issue was discovered in Idelji Web ViewPoint H01ABO-H01BY and L01ABP-L01ABZ, Web ViewPoint Plus H01AAG-H01AAQ and L01AAH-L01AAR, and Web ViewPoint Enterprise H01-H01AAE and L01-L01AAF. | 2.1 |
2020-01-27 | CVE-2019-17103 | Bitdefender | Incorrect Default Permissions vulnerability in Bitdefender Antivirus An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for Mac allows an attacker to elevate permissions to read protected directories. | 2.1 |
2020-01-27 | CVE-2019-20422 | Linux | Improper Handling of Exceptional Conditions vulnerability in Linux Kernel In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db. | 2.1 |
2020-01-31 | CVE-2013-5113 | Logmein | Insufficiently Protected Credentials vulnerability in Logmein Lastpass LastPass prior to 2.5.1 has an insecure PIN implementation. | 1.9 |
2020-01-27 | CVE-2019-11288 | Pivotal | Unspecified vulnerability in Pivotal TC Runtimes and TC Server In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions prior to 7.0.99.B, 8.x versions prior to 8.5.47.A, and 9.x versions prior to 9.0.27.A, when a tc Runtime instance is configured with the JMX Socket Listener, a local attacker without access to the tc Runtime process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. | 1.9 |
2020-01-27 | CVE-2018-19441 | Neatorobotics | Use of Insufficiently Random Values vulnerability in Neatorobotics Botvac Connected Firmware 2.2.0 An issue was discovered in Neato Botvac Connected 2.2.0. | 1.9 |