Weekly Vulnerabilities Reports > January 27 to February 2, 2020

Overview

386 new vulnerabilities reported during this period, including 41 critical vulnerabilities and 68 high severity vulnerabilities. This weekly summary report vulnerabilities in 919 products from 199 vendors including Gitlab, IBM, Debian, Jetbrains, and Jenkins. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "OS Command Injection", "Out-of-bounds Write", and "Improper Input Validation".

  • 338 reported vulnerabilities are remotely exploitables.
  • 20 reported vulnerabilities have public exploit available.
  • 154 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 303 reported vulnerabilities are exploitable by an anonymous user.
  • Gitlab has the most reported vulnerabilities, with 18 reported vulnerabilities.
  • Adobe has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

41 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-01 CVE-2020-8515 Draytek Injection vulnerability in Draytek products

DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI.

10.0
2020-01-30 CVE-2020-8445 Ossec Improper Input Validation vulnerability in Ossec

In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-analysisd doesn't remove or encode terminal control characters or newlines from processed log messages.

10.0
2020-01-29 CVE-2013-3317 Netgear Improper Authentication vulnerability in Netgear Wnr1000 Firmware

Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.

10.0
2020-01-29 CVE-2013-3316 Netgear Improper Authentication vulnerability in Netgear Wnr1000 Firmware

Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg".

10.0
2020-01-29 CVE-2020-8432 Denx Double Free vulnerability in Denx U-Boot

In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function.

10.0
2020-01-29 CVE-2020-3718 Magento Unspecified vulnerability in Magento

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability.

10.0
2020-01-29 CVE-2020-3716 Magento Deserialization of Untrusted Data vulnerability in Magento

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability.

10.0
2020-01-29 CVE-2013-2573 TP Link OS Command Injection vulnerability in Tp-Link products

A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G.

10.0
2020-01-29 CVE-2013-2568 Zavio OS Command Injection vulnerability in Zavio F3105 Firmware and F312A Firmware

A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.

10.0
2020-01-29 CVE-2020-7247 Openbsd
Debian
Unchecked Return Value vulnerability in multiple products

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field.

10.0
2020-01-29 CVE-2019-20217 Dlink OS Command Injection vulnerability in Dlink Dir-859 Firmware 1.05/1.06B01

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled.

10.0
2020-01-29 CVE-2019-20216 Dlink OS Command Injection vulnerability in Dlink Dir-859 Firmware 1.05/1.06B01

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is mishandled.

10.0
2020-01-29 CVE-2019-20215 Dlink OS Command Injection vulnerability in Dlink Dir-859 Firmware 1.05/1.06B01

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled.

10.0
2020-01-28 CVE-2013-1599 Dlink OS Command Injection vulnerability in Dlink products

A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface.

10.0
2020-01-28 CVE-2013-2060 Redhat OS Command Injection vulnerability in Redhat Openshift 1.0

The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.

10.0
2020-01-27 CVE-2013-2612 Huawei OS Command Injection vulnerability in Huawei E587 Firmware 11.203.27

Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI.

10.0
2020-01-27 CVE-2020-8087 SMC Unspecified vulnerability in SMC D3G0804W Firmware D3Gnv5M3.5.1.6.10Ga

SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login.

10.0
2020-01-27 CVE-2019-17095 Bitdefender OS Command Injection vulnerability in Bitdefender BOX 2 Firmware 2.1.47.42/2.1.53.45

A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45.

10.0
2020-01-27 CVE-2014-8741 Lexmark Path Traversal vulnerability in Lexmark Markvision Enterprise

Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors.

10.0
2020-01-27 CVE-2020-8001 Intelliantech USE of Hard-Coded Credentials vulnerability in Intelliantech Aptus 1.0.2

The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account.

10.0
2020-01-27 CVE-2020-8000 Intelliantech USE of Hard-Coded Credentials vulnerability in Intelliantech Aptus web 1.24

Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account.

10.0
2020-01-30 CVE-2020-1931 Apache OS Command Injection vulnerability in Apache Spamassassin

A command execution issue was found in Apache SpamAssassin prior to 3.4.3.

9.3
2020-01-30 CVE-2020-1930 Apache OS Command Injection vulnerability in Apache Spamassassin

A command execution issue was found in Apache SpamAssassin prior to 3.4.3.

9.3
2020-01-29 CVE-2020-3714 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Illustrator CC

Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability.

9.3
2020-01-29 CVE-2020-3713 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Illustrator CC

Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability.

9.3
2020-01-29 CVE-2020-3712 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Illustrator CC

Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability.

9.3
2020-01-29 CVE-2020-3711 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Illustrator CC

Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability.

9.3
2020-01-29 CVE-2020-3710 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Illustrator CC

Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability.

9.3
2020-01-28 CVE-2013-3093 Asus Cross-Site Request Forgery (CSRF) vulnerability in Asus products

ASUS RT-N56U devices allow CSRF.

9.3
2020-01-27 CVE-2019-17096 Bitdefender OS Command Injection vulnerability in Bitdefender BOX 2 Firmware and Central

A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command.

9.3
2020-01-27 CVE-2013-3486 Irfanview Integer Overflow OR Wraparound vulnerability in Irfanview Flashpix Plugin 4.3.4.0

IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability

9.3
2020-01-27 CVE-2019-17102 Bitdefender Time-Of-Check Time-Of-Use (Toctou) Race Condition vulnerability in Bitdefender BOX 2 Firmware

An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91.

9.3
2020-01-31 CVE-2013-3322 Netapp OS Command Injection vulnerability in Netapp Oncommand System Manager 2.0.2/2.1

NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface.

9.0
2020-01-29 CVE-2020-8438 Arris OS Command Injection vulnerability in Arris Ruckus Zoneflex R500 Firmware 104.0.0.0.1347

Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IFS} substring.

9.0
2020-01-28 CVE-2013-4863 Micasaverde Improper Authentication vulnerability in Micasaverde Veralite Firmware 1.5.408

The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag.

9.0
2020-01-28 CVE-2012-6610 Polycom OS Command Injection vulnerability in Polycom HDX Video END Points and UC APL

Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature.

9.0
2020-01-28 CVE-2020-7799 Fusionauth Injection vulnerability in Fusionauth

An issue was discovered in FusionAuth before 1.11.0.

9.0
2020-01-28 CVE-2020-7998 Super File Explorer Project Unrestricted Upload of File With Dangerous Type vulnerability in Super File Explorer Project Super File Explorer 1.0.1

An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS.

9.0
2020-01-27 CVE-2013-2267 Fudforum Code Injection vulnerability in Fudforum 3.0.4

PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system.

9.0
2020-01-27 CVE-2019-19824 Totolink OS Command Injection vulnerability in Totolink products

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available.

9.0
2020-01-27 CVE-2019-20427 Lustre Classic Buffer Overflow vulnerability in Lustre

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client.

9.0

68 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-30 CVE-2020-3147 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.8
2020-01-29 CVE-2020-3719 Magento SQL Injection vulnerability in Magento

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability.

7.8
2020-01-28 CVE-2013-3074 Netgear Resource Exhaustion vulnerability in Netgear Wndr4700 Firmware 1.0.0.34

NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash).

7.8
2020-01-27 CVE-2014-8742 Lexmark Path Traversal vulnerability in Lexmark Markvision Enterprise

Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors.

7.8
2020-01-27 CVE-2013-6056 Alienvault Path Traversal vulnerability in Alienvault Open Source Security Information Management

OSSIM before 4.3.3.1 has tele_compress.php path traversal vulnerability

7.8
2020-01-27 CVE-2019-20432 Lustre Out-Of-Bounds Write vulnerability in Lustre

In the Lustre file system before 2.12.3, the mdt module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client.

7.8
2020-01-27 CVE-2019-20431 Lustre Out-Of-Bounds Write vulnerability in Lustre

In the Lustre file system before 2.12.3, the ptlrpc module has an osd_map_remote_to_local out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client.

7.8
2020-01-27 CVE-2019-20430 Lustre Improper Input Validation vulnerability in Lustre

In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client.

7.8
2020-01-27 CVE-2019-20429 Lustre Out-Of-Bounds Read vulnerability in Lustre

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client.

7.8
2020-01-27 CVE-2019-20428 Lustre Out-Of-Bounds Read vulnerability in Lustre

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client.

7.8
2020-01-27 CVE-2019-20426 Lustre Out-Of-Bounds Write vulnerability in Lustre

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client.

7.8
2020-01-27 CVE-2019-20425 Lustre Out-Of-Bounds Write vulnerability in Lustre

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client.

7.8
2020-01-27 CVE-2019-20424 Lustre Null Pointer Dereference vulnerability in Lustre

In the Lustre file system before 2.12.3, mdt_object_remote in the mdt module has a NULL pointer dereference and panic due to the lack of validation for specific fields of packets sent by a client.

7.8
2020-01-27 CVE-2019-20423 Lustre Classic Buffer Overflow vulnerability in Lustre

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client.

7.8
2020-01-27 CVE-2019-20421 Exiv2
Canonical
Infinite Loop vulnerability in multiple products

In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption.

7.8
2020-01-31 CVE-2014-2025 Unitedplanet Unrestricted Upload of File With Dangerous Type vulnerability in Unitedplanet Intrexx 5.2/6.0

Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unknown vectors.

7.5
2020-01-31 CVE-2014-8322 Aircrack NG Out-Of-Bounds Write vulnerability in Aircrack-Ng

Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value.

7.5
2020-01-31 CVE-2016-2031 Arubanetworks Improper Input Validation vulnerability in Arubanetworks Airwave Network Management, Aruba Instant and Arubaos

Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code.

7.5
2020-01-31 CVE-2020-8440 Simplejobscript Unrestricted Upload of File With Dangerous Type vulnerability in Simplejobscript 1.65/1.66

controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume.

7.5
2020-01-31 CVE-2020-7956 Hashicorp Improper Certificate Validation vulnerability in Hashicorp Nomad

HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation.

7.5
2020-01-30 CVE-2013-2198 Login Security Project Incorrect Authorization vulnerability in Login Security Project Login Security

The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username.

7.5
2020-01-30 CVE-2014-3719 Exlibrisgroup SQL Injection vulnerability in Exlibrisgroup Aleph 500 18.1/20.0

Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via the (1) find, (2) lib, or (3) sid parameter.

7.5
2020-01-30 CVE-2020-8447 Ossec USE After Free vulnerability in Ossec

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of syscheck formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted).

7.5
2020-01-30 CVE-2020-8444 Ossec USE After Free vulnerability in Ossec

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of ossec-alert formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted).

7.5
2020-01-30 CVE-2020-8443 Ossec Out-Of-Bounds Write vulnerability in Ossec

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted).

7.5
2020-01-29 CVE-2019-10783 Isof Project OS Command Injection vulnerability in Isof Project Isof

All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection.

7.5
2020-01-29 CVE-2013-3215 Vtiger Improper Authentication vulnerability in Vtiger CRM

vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function.

7.5
2020-01-29 CVE-2013-2570 Zavio OS Command Injection vulnerability in Zavio F3105 Firmware and F312A Firmware

A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.

7.5
2020-01-29 CVE-2020-2099 Jenkins USE of Insufficiently Random Values vulnerability in Jenkins

Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.

7.5
2020-01-28 CVE-2013-3214 Vtiger Injection vulnerability in Vtiger CRM

vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'.

7.5
2020-01-28 CVE-2013-3071 Netgear Improper Authentication vulnerability in Netgear Wndr4700 Firmware 1.0.0.34

NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass.

7.5
2020-01-28 CVE-2013-2748 Belkin Unrestricted Upload of File With Dangerous Type vulnerability in Belkin Wemo Switch Firmware

Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system.

7.5
2020-01-28 CVE-2020-5211 Nethack Classic Buffer Overflow vulnerability in Nethack

In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.

7.5
2020-01-28 CVE-2020-4207 IBM Classic Buffer Overflow vulnerability in IBM products

IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers.

7.5
2020-01-28 CVE-2020-5214 Nethack Classic Buffer Overflow vulnerability in Nethack

In NetHack before 3.6.5, detecting an unknown configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.

7.5
2020-01-28 CVE-2020-5213 Nethack Classic Buffer Overflow vulnerability in Nethack

In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.

7.5
2020-01-28 CVE-2020-5212 Nethack Classic Buffer Overflow vulnerability in Nethack

In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.

7.5
2020-01-28 CVE-2013-4864 Micasaverde Server-Side Request Forgery (SSRF) vulnerability in Micasaverde Veralite Firmware 1.5.408

MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue.

7.5
2020-01-28 CVE-2014-2914 Fishshell Improper Input Validation vulnerability in Fishshell Fish 2.0.0/2.1.0

fish (aka fish-shell) 2.0.0 before 2.1.1 does not restrict access to the configuration service (aka fish_config), which allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by set_prompt.

7.5
2020-01-28 CVE-2014-2898 Wolfssl Out-Of-Bounds Read vulnerability in Wolfssl

wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact via multiple calls to the CyaSSL_read function which triggers an out-of-bounds read when an error occurs, related to not checking the return code and MAC verification failure.

7.5
2020-01-28 CVE-2014-2897 Wolfssl Out-Of-Bounds Read vulnerability in Wolfssl

The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read.

7.5
2020-01-28 CVE-2014-2896 Wolfssl Out-Of-Bounds Read vulnerability in Wolfssl

The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact and vectors, which trigger memory corruption or an out-of-bounds read.

7.5
2020-01-28 CVE-2014-3445 Handsomeweb Insufficiently Protected Credentials vulnerability in Handsomeweb SOS Webpages

backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash.

7.5
2020-01-28 CVE-2013-2571 Hcomm Improper Input Validation vulnerability in Hcomm Xpient Iris 3.8

Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer.

7.5
2020-01-28 CVE-2013-1437 Module Metadata Project
Fedoraproject
Injection vulnerability in multiple products

Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.

7.5
2020-01-28 CVE-2019-5464 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized.

7.5
2020-01-28 CVE-2019-15585 Gitlab Improper Authentication vulnerability in Gitlab

Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account.

7.5
2020-01-28 CVE-2019-8257 Adobe
Apple
Microsoft
USE After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability.

7.5
2020-01-28 CVE-2019-7131 Adobe
Apple
Microsoft
Type Confusion vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and 2015.006.30461 and earlier have a type confusion vulnerability.

7.5
2020-01-27 CVE-2020-8088 Usebb Type Confusion vulnerability in Usebb 1.0.12

panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.

7.5
2020-01-27 CVE-2014-8563 Synacor OS Command Injection vulnerability in Synacor Zimbra Collaboration Server

Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS.

7.5
2020-01-27 CVE-2013-7390 Zohocorp Unrestricted Upload of File With Dangerous Type vulnerability in Zohocorp Manageengine Desktop Central 7.0.0/7.0.1/8.0.0

Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot.

7.5
2020-01-27 CVE-2019-19825 Totolink Improper Authentication vulnerability in Totolink products

On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass.

7.5
2020-01-27 CVE-2015-0244 Postgresql
Debian
SQL Injection vulnerability in multiple products

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation.

7.5
2020-01-27 CVE-2013-3493 Xnview Integer Overflow OR Wraparound vulnerability in Xnview 2.03

XnView 2.03 has an integer overflow vulnerability

7.5
2020-01-27 CVE-2013-3492 Xnview Out-Of-Bounds Write vulnerability in Xnview 2.03

XnView 2.03 has a stack-based buffer overflow vulnerability

7.5
2020-01-27 CVE-2012-1495 Webcalendar Project Injection vulnerability in Webcalendar Project Webcalendar

install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter.

7.5
2020-01-27 CVE-2020-7999 Intelliantech USE of Hard-Coded Credentials vulnerability in Intelliantech Aptus 1.0.2

The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY.

7.5
2020-01-31 CVE-2014-4860 Tianocore Integer Overflow OR Wraparound vulnerability in Tianocore Edk2

Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase.

7.2
2020-01-31 CVE-2014-4859 Tianocore Integer Overflow OR Wraparound vulnerability in Tianocore Edk2

Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data.

7.2
2020-01-31 CVE-2019-18913 HP Unspecified vulnerability in HP products

A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks.

7.2
2020-01-29 CVE-2019-7656 Wowza Incorrect Default Permissions vulnerability in Wowza Streaming Engine 4.7.7/4.7.8

A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any unprivileged Linux user to escalate privileges to root.

7.2
2020-01-27 CVE-2019-17094 Belkin Out-Of-Bounds Write vulnerability in Belkin Wemo Insight Switch Firmware

A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device.

7.2
2020-01-27 CVE-2014-7303 HP Incorrect Default Permissions vulnerability in HP SGI Tempo

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db.

7.2
2020-01-27 CVE-2014-7302 HP Incorrect Default Permissions vulnerability in HP SGI Tempo

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx.

7.2
2020-01-27 CVE-2019-17190 Avast Incorrect Authorization vulnerability in Avast Secure Browser 76.0.1659.101

A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101.

7.2
2020-01-30 CVE-2020-8492 Python
Opensuse
Resource Exhaustion vulnerability in multiple products

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

7.1
2020-01-30 CVE-2019-20050 Artica OS Command Injection vulnerability in Artica Pandora FMS 7.42

Pandora FMS ≤ 7.42 suffers from a remote code execution vulnerability.

7.1

226 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-30 CVE-2013-0725 Hexagongeospatial Uncontrolled Search Path Element vulnerability in Hexagongeospatial Erdas ER Viewer 13.0

ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities

6.9
2020-01-31 CVE-2014-8141 Unzip Project
Redhat
Out-Of-Bounds Write vulnerability in multiple products

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

6.8
2020-01-31 CVE-2014-8140 Unzip Project
Redhat
Out-Of-Bounds Write vulnerability in multiple products

Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

6.8
2020-01-31 CVE-2014-8139 Unzip Project
Redhat
Out-Of-Bounds Write vulnerability in multiple products

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

6.8
2020-01-31 CVE-2014-5039 Eucalyptus Cross-Site Scripting vulnerability in Eucalyptus Management Console 4.0.0/4.0.1

Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.8
2020-01-31 CVE-2020-5234 Messagepack Out-Of-Bounds Write vulnerability in Messagepack

MessagePack for C# and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow.

6.8
2020-01-31 CVE-2013-3489 MPC HC Classic Buffer Overflow vulnerability in Mpc-Hc

Buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0 allows remote attackers to execute arbitrary code via a crafted RealMedia .rm file

6.8
2020-01-31 CVE-2013-3488 MPC HC Classic Buffer Overflow vulnerability in Mpc-Hc

Stack-based buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream (M2TS) file.

6.8
2020-01-29 CVE-2020-7965 Webargs Project Cross-Site Request Forgery (CSRF) vulnerability in Webargs Project Webargs

flaskparser.py in Webargs 5.x through 5.5.2 doesn't check that the Content-Type header is application/json when receiving JSON input.

6.8
2020-01-28 CVE-2020-8424 Cups Easy Project Cross-Site Request Forgery (CSRF) vulnerability in Cups Easy Project Cups Easy 1.0

Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account takeover via passwordmychange.php.

6.8
2020-01-28 CVE-2020-8420 Joomla Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.9.15.

6.8
2020-01-28 CVE-2020-8419 Joomla Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.9.15.

6.8
2020-01-28 CVE-2020-8417 Codesnippets Cross-Site Request Forgery (CSRF) vulnerability in Codesnippets Code Snippets

The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu.

6.8
2020-01-28 CVE-2013-3212 Vtiger Injection vulnerability in Vtiger CRM

vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code.

6.8
2020-01-28 CVE-2015-5483 Private Only Project Cross-Site Request Forgery (CSRF) vulnerability in Private Only Project Private Only 3.5.1

Multiple cross-site request forgery (CSRF) vulnerabilities in the Private Only plugin 3.5.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) add users, (2) delete posts, or (3) modify PHP files via unspecified vectors, or (4) conduct cross-site scripting (XSS) attacks via the po_logo parameter in the privateonly.php page to wp-admin/options-general.php.

6.8
2020-01-28 CVE-2015-8011 Lldpd Project Classic Buffer Overflow vulnerability in Lldpd Project Lldpd

Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.

6.8
2020-01-28 CVE-2020-8112 Openjpeg
Debian
Out-Of-Bounds Write vulnerability in multiple products

opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.

6.8
2020-01-28 CVE-2020-8086 Prosody
Debian
Incorrect Authorization vulnerability in multiple products

The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function.

6.8
2020-01-28 CVE-2019-5462 Gitlab Insufficient Session Expiration vulnerability in Gitlab

A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed.

6.8
2020-01-27 CVE-2019-13521 Rockwellautomation Unspecified vulnerability in Rockwellautomation Arena Simulation 16.00.00

A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation.

6.8
2020-01-27 CVE-2019-13519 Rockwellautomation Type Confusion vulnerability in Rockwellautomation Arena Simulation 16.00.00

A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation.

6.8
2020-01-27 CVE-2020-7952 Valvesoftware Unspecified vulnerability in Valvesoftware Dota 2 7.23E

rendersystemdx9.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is affected by memory corruption.

6.8
2020-01-27 CVE-2020-7951 Valvesoftware Unspecified vulnerability in Valvesoftware Dota 2

meshsystem.dll in Valve Dota 2 before 7.23e allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is affected by memory corruption.

6.8
2020-01-27 CVE-2020-7950 Valvesoftware Unspecified vulnerability in Valvesoftware Dota 2 7.23E

meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a vulnerable function call.

6.8
2020-01-27 CVE-2020-7949 Valvesoftware Unspecified vulnerability in Valvesoftware Dota 2 7.23E

schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a GetValue call.

6.8
2020-01-31 CVE-2013-5116 Evernote Improper Authentication vulnerability in Evernote

Evernote prior to 5.5.1 has insecure password change

6.6
2020-01-31 CVE-2013-5114 Logmein Improper Authentication vulnerability in Logmein Lastpass

LastPass prior to 2.5.1 allows secure wipe bypass.

6.6
2020-01-31 CVE-2014-8126 Wisc Improper Input Validation vulnerability in Wisc Htcondor

The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code.

6.5
2020-01-31 CVE-2014-3868 Zeuscart SQL Injection vulnerability in Zeuscart 4.0

Multiple SQL injection vulnerabilities in ZeusCart 4.x.

6.5
2020-01-31 CVE-2014-3119 Web2Project SQL Injection vulnerability in Web2Project 2.0/3.0/3.1

Multiple SQL injection vulnerabilities in web2Project 3.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search_string parameter in the contacts module to index.php or allow remote attackers to execute arbitrary SQL commands via the updatekey parameter to (2) do_updatecontact.php or (3) updatecontact.php.

6.5
2020-01-30 CVE-2020-8494 Kronos Improper Privilege Management vulnerability in Kronos web Time and Attendance 3.8

In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H402editUser servlet allows an attacker with Timekeeper, Master Timekeeper, or HR Admin privileges to gain unauthorized administrative privileges within the application via the emp_id, userid, pw1, pw2, supervisor, and timekeeper parameters.

6.5
2020-01-30 CVE-2020-5222 Apereo USE of Hard-Coded Credentials vulnerability in Apereo Opencast

Opencast before 7.6 and 8.1 enables a remember-me cookie based on a hash created from the username, password, and an additional system key.

6.5
2020-01-30 CVE-2020-8442 Ossec Out-Of-Bounds Write vulnerability in Ossec

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client.

6.5
2020-01-29 CVE-2020-2108 Jenkins XXE vulnerability in Jenkins Websphere Deployer

Jenkins WebSphere Deployer Plugin 1.6.1 and earlier does not configure the XML parser to prevent XXE attacks which can be exploited by a user with Job/Configure permissions.

6.5
2020-01-29 CVE-2012-4383 Contao SQL Injection vulnerability in Contao

contao prior to 2.11.4 has a sql injection vulnerability

6.5
2020-01-28 CVE-2013-4583 Gitlab Improper Privilege Management vulnerability in Gitlab and Gitlab-Shell

The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories.

6.5
2020-01-28 CVE-2019-5468 Gitlab Improper Privilege Management vulnerability in Gitlab

An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account.

6.5
2020-01-27 CVE-2015-0243 Postgresql
Debian
Classic Buffer Overflow vulnerability in multiple products

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

6.5
2020-01-27 CVE-2015-0242 Postgresql
Microsoft
Debian
Out-Of-Bounds Write vulnerability in multiple products

Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a floating point number with a large precision, as demonstrated by using the to_char function.

6.5
2020-01-27 CVE-2015-0241 Postgresql
Debian
Classic Buffer Overflow vulnerability in multiple products

The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow.

6.5
2020-01-27 CVE-2012-1496 Webcalendar Project Injection vulnerability in Webcalendar Project Webcalendar

Local file inclusion in WebCalendar before 1.2.5.

6.5
2020-01-31 CVE-2011-4115 Cpan Unspecified vulnerability in Cpan Parallel::Forkmanager

Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files.

6.4
2020-01-30 CVE-2020-5206 Apereo Improper Authentication vulnerability in Apereo Opencast

In Opencast before 7.6 and 8.1, using a remember-me cookie with an arbitrary username can cause Opencast to assume proper authentication for that user even if the remember-me cookie was incorrect given that the attacked endpoint also allows anonymous access.

6.4
2020-01-30 CVE-2013-1350 Veraxsystems Incorrect Authorization vulnerability in Veraxsystems Network Management System

Verax NMS prior to 2.1.0 has multiple security bypass vulnerabilities

6.4
2020-01-29 CVE-2019-20445 Netty Http Request Smuggling vulnerability in Netty

HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.

6.4
2020-01-29 CVE-2019-20444 Netty Http Request Smuggling vulnerability in Netty

HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."

6.4
2020-01-27 CVE-2019-20433 GNU Out-Of-Bounds Read vulnerability in GNU Aspell

libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable.

6.4
2020-01-27 CVE-2013-4462 Portable Phpmyadmin Project Improper Authentication vulnerability in Portable PHPmyadmin Project Portable PHPmyadmin

WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability

6.4
2020-01-27 CVE-2018-12476 Suse Path Traversal vulnerability in Suse Obs-Service-Tar SCM

Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed.

6.4
2020-01-30 CVE-2013-1867 Apple Link Following vulnerability in Apple Tokend 032013

Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability

6.3
2020-01-30 CVE-2013-1866 Opensc Project
Apple
Link Following vulnerability in Opensc Project Opensc

OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability

6.3
2020-01-30 CVE-2020-8495 Kronos Incorrect Authorization vulnerability in Kronos web Time and Attendance 3.8

In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unauthorized administrative privileges within the application via the delegate, delegateRole, and delegatorUserId parameters.

6.0
2020-01-29 CVE-2013-3321 Netapp Inclusion of Functionality From Untrusted Control Sphere vulnerability in Netapp Oncommand System Manager 2.0.2/2.1

NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.

6.0
2020-01-27 CVE-2011-4558 Tiki Injection vulnerability in Tiki

Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters.

6.0
2020-01-30 CVE-2020-5233 Oauth2 Proxy Project Open Redirect vulnerability in Oauth2 Proxy Project Oauth2 Proxy

OAuth2 Proxy before 5.0 has an open redirect vulnerability.

5.8
2020-01-30 CVE-2020-7904 Jetbrains Improper Certificate Validation vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS.

5.8
2020-01-28 CVE-2013-2764 United Security Providers Open Redirect vulnerability in United-Security-Providers Secure Entry Server

Secure Entry Server before 4.7.0 contains a URI Redirection vulnerability which could allow remote attackers to conduct phishing attacks due to HSP_AbsoluteRedirects being disabled by default.

5.8
2020-01-28 CVE-2019-4631 IBM Open Redirect vulnerability in IBM Security Secret Server

IBM Security Secret Server 10.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

5.8
2020-01-28 CVE-2020-5523 77Bank
Ashikagabank
Hokkaidobank
Hokugin
Naganobank
Nttdata
Shikokubank
Sihd BK
Tohoku Bank
Improper Certificate Validation vulnerability in multiple products

Android App 'MyPallete' and some of the Android banking applications based on 'MyPallete' do not verify X.509 certificates from servers, and also do not properly validate certificates with host-mismatch, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2020-01-27 CVE-2020-5522 Fujixerox Improper Certificate Validation vulnerability in Fujixerox Easy Netprint 2.0.3

The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2020-01-27 CVE-2020-5521 Fujixerox Improper Certificate Validation vulnerability in Fujixerox Easy Netprint

The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2020-01-27 CVE-2020-5520 Fujixerox Improper Certificate Validation vulnerability in Fujixerox Netprint

The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2020-01-30 CVE-2020-5229 Apereo USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Apereo Opencast

Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm.

5.5
2020-01-28 CVE-2019-4707 IBM XXE vulnerability in IBM Security Access Manager 9.0.7.0

IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

5.5
2020-01-28 CVE-2013-4862 Micasaverde Incorrect Authorization vulnerability in Micasaverde Veralite Firmware 1.5.408

MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access, which allows remote authenticated users to (1) update the firmware via the squashfs parameter to upgrade_step2.sh or (2) obtain hashed passwords via the cgi-bin/cmh/backup.sh page.

5.5
2020-01-27 CVE-2017-14807 Suse SQL Injection vulnerability in Suse Studio Onsite and Susestudio-Ui-Server

An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification of data.

5.5
2020-01-30 CVE-2019-20358 Trendmicro
Microsoft
Improper Input Validation vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218

Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed.

5.1
2020-02-02 CVE-2020-8516 Torproject Information Exposure vulnerability in Torproject TOR

** DISPUTED ** The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not verify that a rendezvous node is known before attempting to connect to it, which might make it easier for remote attackers to discover circuit information.

5.0
2020-01-31 CVE-2014-5236 Open Xchange Path Traversal vulnerability in Open-Xchange Appsuite

Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remote attackers to read application files via a full pathname in a crafted (1) OLE Object or (2) image in an OpenDocument text file.

5.0
2020-01-31 CVE-2019-13000 Acinq Unspecified vulnerability in Acinq Eclair 0.3

Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control.

5.0
2020-01-31 CVE-2019-12999 Lightning Unspecified vulnerability in Lightning Network Daemon

Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control.

5.0
2020-01-31 CVE-2019-12998 Elementsproject Unspecified vulnerability in Elementsproject C-Lightning

c-lightning before 0.7.1 allows attackers to trigger loss of funds because of Incorrect Access Control.

5.0
2020-01-31 CVE-2016-2032 Arubanetworks Improper Authentication vulnerability in Arubanetworks Airwave Network Management, Aruba Instant and Arubaos

A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information.

5.0
2020-01-31 CVE-2011-4117 Cpan Unspecified vulnerability in Cpan Batch::Batchrun 1.0.3

The Batch::BatchRun module 1.03 for Perl does not properly handle temporary files.

5.0
2020-01-31 CVE-2011-4116 Cpan Link Following vulnerability in Cpan File::Temp

_is_safe in the File::Temp module for Perl does not properly handle symlinks.

5.0
2020-01-31 CVE-2011-4088 Abrt Project
Fedoraproject
Redhat
Information Exposure vulnerability in multiple products

ABRT might allow attackers to obtain sensitive information from crash reports.

5.0
2020-01-31 CVE-2019-4720 IBM Allocation of Resources Without Limits OR Throttling vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request.

5.0
2020-01-31 CVE-2019-19550 Senior Information Exposure vulnerability in Senior Rubiweb 6.2.34.28/6.2.34.37

Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions.

5.0
2020-01-31 CVE-2020-7955 Hashicorp Information Exposure vulnerability in Hashicorp Consul

HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure.

5.0
2020-01-31 CVE-2020-7914 Jetbrains Information Exposure vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network.

5.0
2020-01-31 CVE-2020-7219 Hashicorp Resource Exhaustion vulnerability in Hashicorp Consul

HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service.

5.0
2020-01-31 CVE-2020-7218 Hashicorp Resource Exhaustion vulnerability in Hashicorp Nomad

HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service.

5.0
2020-01-30 CVE-2019-10782 Checkstyle XXE vulnerability in Checkstyle

All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity (XXE) Injection due to an incomplete fix for CVE-2019-9658.

5.0
2020-01-30 CVE-2020-5230 Apereo Injection vulnerability in Apereo Opencast

Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used.

5.0
2020-01-30 CVE-2015-8851 Node Uuid Project Insufficient Entropy vulnerability in Node-Uuid Project Node-Uuid

node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing.

5.0
2020-01-30 CVE-2020-5228 Apereo Missing Authorization vulnerability in Apereo Opencast

Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH.

5.0
2020-01-30 CVE-2020-7912 Jetbrains Exposure of Resource TO Wrong Sphere vulnerability in Jetbrains Youtrack

In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups.

5.0
2020-01-30 CVE-2020-7909 Jetbrains Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.

5.0
2020-01-30 CVE-2020-7906 Jetbrains Improper Verification of Cryptographic Signature vulnerability in Jetbrains Rider 2019.3.0

In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer.

5.0
2020-01-30 CVE-2020-7905 Jetbrains Information Exposure vulnerability in Jetbrains Intellij Idea

Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network.

5.0
2020-01-30 CVE-2013-1631 Veraxsystems Information Exposure vulnerability in Veraxsystems Network Management System

Verax NMS prior to 2.1.0 leaks connection details when any user executes a Repair Table action

5.0
2020-01-30 CVE-2013-1352 Veraxsystems USE of Hard-Coded Credentials vulnerability in Veraxsystems Network Management System

Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a JAR archive.

5.0
2020-01-30 CVE-2013-0291 Imagely Information Exposure vulnerability in Imagely Nextgen Gallery 1.9.10/1.9.11

NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability

5.0
2020-01-29 CVE-2020-3717 Magento Path Traversal vulnerability in Magento

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a path traversal vulnerability.

5.0
2020-01-29 CVE-2013-2574 Foscam Incorrect Authorization vulnerability in Foscam Fi8620 Firmware

An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information.

5.0
2020-01-29 CVE-2013-2572 TP Link USE of Hard-Coded Credentials vulnerability in Tp-Link products

A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.

5.0
2020-01-29 CVE-2013-2569 Zavio Improper Authentication vulnerability in Zavio F3105 Firmware and F312A Firmware

A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.

5.0
2020-01-29 CVE-2020-8416 Iktm Resource Exhaustion vulnerability in Iktm Bearftp 0.0.1/0.1.0

IKTeam BearFTP before 0.2.0 allows remote attackers to achieve denial of service via a large volume of connections to the PASV mode port.

5.0
2020-01-29 CVE-2013-2567 Zavio USE of Hard-Coded Credentials vulnerability in Zavio F3105 Firmware and F312A Firmware

An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.

5.0
2020-01-29 CVE-2020-2100 Jenkins Unspecified vulnerability in Jenkins

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.

5.0
2020-01-28 CVE-2020-5227 Feedgen Project XML Entity Expansion vulnerability in Feedgen Project Feedgen

Feedgen (python feedgen) before 0.9.0 is susceptible to XML Denial of Service attacks.

5.0
2020-01-28 CVE-2013-1603 Dlink USE of Hard-Coded Credentials vulnerability in Dlink products

An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream.

5.0
2020-01-28 CVE-2013-1602 Dlink Information Exposure vulnerability in Dlink products

An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams.

5.0
2020-01-28 CVE-2013-1601 Dlink Information Exposure vulnerability in Dlink products

An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information.

5.0
2020-01-28 CVE-2013-1600 Dlink Improper Authentication vulnerability in Dlink Dcs-2102 Firmware and Dcs-2121 Firmware

An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR.

5.0
2020-01-28 CVE-2019-4639 IBM USE of A Broken OR Risky Cryptographic Algorithm vulnerability in IBM Security Secret Server

IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2020-01-28 CVE-2015-8012 Lldpd Project Reachable Assertion vulnerability in Lldpd Project Lldpd

lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via a malformed packet.

5.0
2020-01-28 CVE-2020-1940 Apache Information Exposure vulnerability in Apache Jackrabbit OAK

The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability.

5.0
2020-01-28 CVE-2012-6609 Polycom Path Traversal vulnerability in Polycom HDX Video END Points and UC APL

Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a ..

5.0
2020-01-28 CVE-2014-2581 Smb4K Project
Fedoraproject
Insufficiently Protected Credentials vulnerability in multiple products

Smb4K before 1.1.1 allows remote attackers to obtain credentials via vectors related to the cuid option in the "Additional options" line edit.

5.0
2020-01-28 CVE-2013-6455 Mediawiki Information Exposure vulnerability in Mediawiki

The CentralAuth extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain usernames via vectors related to writing the names to the DOM of a page.

5.0
2020-01-28 CVE-2013-1895 Python
Fedoraproject
Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products

The py-bcrypt module before 0.3 for Python does not properly handle concurrent memory access, which allows attackers to bypass authentication via multiple authentication requests, which trigger the password hash to be overwritten.

5.0
2020-01-28 CVE-2019-5472 Gitlab Unspecified vulnerability in Gitlab

An authorization issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 that prevented owners and maintainer to delete epic comments.

5.0
2020-01-28 CVE-2019-5470 Gitlab Missing Authorization vulnerability in Gitlab

An information disclosure issue was discovered GitLab versions < 12.1.2, < 12.0.4, and < 11.11.6 in the security dashboard which could result in disclosure of vulnerability feedback information.

5.0
2020-01-28 CVE-2019-15590 Gitlab Information Exposure vulnerability in Gitlab

An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration

5.0
2020-01-28 CVE-2019-15583 Gitlab Information Exposure vulnerability in Gitlab

An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE).

5.0
2020-01-28 CVE-2019-15582 Gitlab Authorization Bypass Through User-Controlled KEY vulnerability in Gitlab

An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a maintainer to add any private group to a protected environment.

5.0
2020-01-28 CVE-2019-15581 Gitlab Authorization Bypass Through User-Controlled KEY vulnerability in Gitlab

An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group via merge request approval rules.

5.0
2020-01-28 CVE-2019-15579 Gitlab Information Exposure vulnerability in Gitlab

An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) where the assignee(s) of a confidential issue in a private project would be disclosed to a guest via milestones.

5.0
2020-01-28 CVE-2019-15578 Gitlab Information Exposure vulnerability in Gitlab

An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE).

5.0
2020-01-28 CVE-2020-1928 Apache Information Exposure vulnerability in Apache Nifi 1.10.0

An information disclosure vulnerability was found in Apache NiFi 1.10.0.

5.0
2020-01-27 CVE-2013-2499 Simplehrm Information Exposure vulnerability in Simplehrm 2.2/2.3

SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie.

5.0
2020-01-27 CVE-2013-2474 AWS DMS Path Traversal vulnerability in Aws-Dms AWS XMS 2.5

Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter.

5.0
2020-01-27 CVE-2020-5220 Sylius Information Exposure vulnerability in Sylius Syliusresourcebundle

Sylius ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header.

5.0
2020-01-27 CVE-2020-5207 Jetbrains Http Request Smuggling vulnerability in Jetbrains Ktor

In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator.

5.0
2020-01-27 CVE-2019-19823 Totolink
Realtek
Sapido
Ciktel
Kctvjeju
FG Products
Hiwifi
Tbroad
Coship
Iodata
HCN MAX C300N Project
Insufficiently Protected Credentials vulnerability in multiple products

A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file.

5.0
2020-01-27 CVE-2019-19822 Totolink
Realtek
Sapido
Ciktel
Kctvjeju
FG Products
Hiwifi
Tbroad
Coship
Iodata
HCN MAX C300N Project
Missing Authentication FOR Critical Function vulnerability in multiple products

A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords).

5.0
2020-01-27 CVE-2014-3979 Bytemark Denial of Service vulnerability in Bytemark Symbiosis 'pattern.rb'

Bytemark Symbiosis allows remote attackers to cause a denial of service via a crafted username, which triggers the firewall to blacklist the IP.

5.0
2020-01-27 CVE-2020-7238 Netty Http Request Smuggling vulnerability in Netty 4.1.43

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header.

5.0
2020-01-27 CVE-2013-4441 Pwgen Project Improper Restriction of Excessive Authentication Attempts vulnerability in Pwgen Project Pwgen 2.06

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

5.0
2020-01-27 CVE-2015-0294 GNU
Debian
Redhat
Improper Certificate Validation vulnerability in multiple products

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.

5.0
2020-01-27 CVE-2014-4156 Proxmox Information Exposure Through Discrepancy vulnerability in Proxmox Virtual Environment

Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability

5.0
2020-01-27 CVE-2013-5659 Info ZIP Out-Of-Bounds Write vulnerability in Info-Zip WIZ 5.0.3

Wiz 5.0.3 has a user mode write access violation

5.0
2020-01-27 CVE-2020-8009 Motu Path Traversal vulnerability in Motu AVB Firmware

AVB MOTU devices through 2020-01-22 allow /..

5.0
2020-01-31 CVE-2020-5232 ENS Domains Incorrect Authorization vulnerability in Ens.Domains Ethereum Name Service

A user who owns an ENS domain can set a trapdoor, allowing them to transfer ownership to another user, and later regain ownership without the new owners consent or awareness.

4.9
2020-01-30 CVE-2020-8095 Bitdefender Improper Input Validation vulnerability in Bitdefender Total Security 2020 24.0.12.69/24.0.20.116

A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device.

4.9
2020-01-31 CVE-2014-8321 Aircrack NG Out-Of-Bounds Write vulnerability in Aircrack-Ng

Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors.

4.6
2020-01-30 CVE-2015-0949 Dell
HP
Improper Privilege Management vulnerability in multiple products

The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver.

4.6
2020-01-30 CVE-2020-8093 Bitdefender Injection vulnerability in Bitdefender Antivirus

A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution

4.6
2020-01-29 CVE-2019-18634 Sudo Project
Debian
Out-Of-Bounds Write vulnerability in multiple products

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process.

4.6
2020-01-28 CVE-2019-4620 IBM Improper Input Validation vulnerability in IBM MQ Appliance

IBM MQ Appliance 8.0 and 9.0 LTS could allow a local attacker to bypass security restrictions caused by improper validation of environment variables.

4.6
2020-01-28 CVE-2020-5210 Nethack Classic Buffer Overflow vulnerability in Nethack

In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.

4.6
2020-01-28 CVE-2020-5209 Nethack Classic Buffer Overflow vulnerability in Nethack

In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.

4.6
2020-01-27 CVE-2014-7301 HP Incorrect Default Permissions vulnerability in HP SGI Tempo

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw.

4.6
2020-01-28 CVE-2014-3856 Fishshell Race Condition vulnerability in Fishshell Fish

The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.

4.4
2020-01-28 CVE-2014-2906 Fishshell Race Condition vulnerability in Fishshell Fish

The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name.

4.4
2020-01-27 CVE-2019-17099 Bitdefender Untrusted Search Path vulnerability in Bitdefender Endpoint Security Tools

An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the search path.

4.4
2020-01-27 CVE-2019-17100 Bitdefender Untrusted Search Path vulnerability in Bitdefender Total Security 2020

An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code.

4.4
2020-02-02 CVE-2020-8514 Maxum Cross-Site Scripting vulnerability in Maxum Rumpus 8.2.10

An issue was discovered in Rumpus 8.2.10 on macOS.

4.3
2020-02-02 CVE-2019-20446 Gnome
Opensuse
Fedoraproject
Debian
Canonical
Resource Exhaustion vulnerability in multiple products

In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing.

4.3
2020-02-01 CVE-2020-8512 Icewarp Cross-Site Scripting vulnerability in Icewarp Server 11.4.4.1

In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.

4.3
2020-01-31 CVE-2020-8505 Arox Cross-Site Request Forgery (CSRF) vulnerability in Arox School Management Software PHP/Mysql 20190314

School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user.

4.3
2020-01-31 CVE-2020-8504 Arox Cross-Site Request Forgery (CSRF) vulnerability in Arox School Management Software PHP/Mysql 20190314

School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrative user.

4.3
2020-01-31 CVE-2014-8338 Videowhisper Cross-Site Scripting vulnerability in Videowhisper Webcam 7.X1.7

Cross-site scripting (XSS) vulnerability in vwrooms/js/jsor-jcarousel/examples/special_textscroller.php in the VideoWhisper Webcam plugins for Drupal 7.x allows remote attackers to inject arbitrary web script or HTML via a URL to a crafted SVG file in the feed parameter.

4.3
2020-01-31 CVE-2014-3809 Nokia Cross-Site Scripting vulnerability in Nokia products

Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html.

4.3
2020-01-31 CVE-2013-3565 Videolan
Opensuse
Cross-Site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua.

4.3
2020-01-31 CVE-2014-2843 Infoware Cross-Site Scripting vulnerability in Infoware Mapsuite

Cross-site scripting (XSS) vulnerability in infoware MapSuite MapAPI 1.0.x before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2020-01-31 CVE-2020-5526 Fujixerox Improper Certificate Validation vulnerability in Fujixerox Apeosware Management Suite

The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2020-01-30 CVE-2013-4241 Hitmyserver Cross-Site Scripting vulnerability in Hitmyserver HMS Testimonials

Multiple cross-site scripting (XSS) vulnerabilities in the HMS Testimonials plugin before 2.0.11 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) image, (3) url, or (4) testimonial parameter to the Testimonial form (hms-testimonials-addnew page); (5) date_format parameter to the Settings - Default form (hms-testimonials-settings page); (6) name parameter in a Save action to the Settings - Custom Fields form (hms-testimonials-settings-fields page); or (7) name parameter in a Save action to the Settings - Template form (hms-testimonials-templates-new page).

4.3
2020-01-30 CVE-2013-2294 Viewgit Project Cross-Site Scripting vulnerability in Viewgit Project Viewgit

Multiple cross-site scripting (XSS) vulnerabilities in ViewGit before 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in templates/shortlog.php or (3) Heads table in plates/summary.php.

4.3
2020-01-30 CVE-2012-6133 Roundup Tracker Cross-Site Scripting vulnerability in Roundup-Tracker Roundup

Multiple cross-site scripting (XSS) vulnerabilities in Roundup before 1.4.20 allow remote attackers to inject arbitrary web script or HTML via the (1) @ok_message or (2) @error_message parameter to issue*.

4.3
2020-01-30 CVE-2014-3718 Exlibrisgroup Cross-Site Scripting vulnerability in Exlibrisgroup Aleph 500 18.1/20.0

Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/tag_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to inject arbitrary web script or HTML via the (1) find, (2) lib, or (3) sid parameter.

4.3
2020-01-30 CVE-2020-7913 Jetbrains Cross-Site Scripting vulnerability in Jetbrains Youtrack

JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description.

4.3
2020-01-30 CVE-2020-7911 Jetbrains Cross-Site Scripting vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS.

4.3
2020-01-30 CVE-2020-7908 Jetbrains Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages.

4.3
2020-01-30 CVE-2013-1351 Veraxsystems Authentication Bypass BY Capture-Replay vulnerability in Veraxsystems Network Management System

Verax NMS prior to 2.10 allows authentication via the encrypted password without knowing the cleartext password.

4.3
2020-01-30 CVE-2013-0739 Chamilo Cross-Site Scripting vulnerability in Chamilo 1.9.4

Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script.

4.3
2020-01-30 CVE-2013-0738 Chamilo Cross-Site Scripting vulnerability in Chamilo 1.9.4

Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php.

4.3
2020-01-29 CVE-2013-3320 Netapp Cross-Site Scripting vulnerability in Netapp Oncommand System Manager 2.0.2/2.1

Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote attackers to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields.

4.3
2020-01-29 CVE-2020-3758 Magento Cross-Site Scripting vulnerability in Magento

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability.

4.3
2020-01-29 CVE-2020-3715 Magento Cross-Site Scripting vulnerability in Magento

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability.

4.3
2020-01-29 CVE-2020-2105 Jenkins Improper Restriction of Rendered UI Layers OR Frames vulnerability in Jenkins

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.

4.3
2020-01-29 CVE-2019-7654 Wowza Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine 4.7.7/4.7.8

Wowza Streaming Engine 4.8.0 and earlier suffers from multiple CSRF vulnerabilities.

4.3
2020-01-28 CVE-2020-8425 Cups Easy Purchase Inventory Project Cross-Site Request Forgery (CSRF) vulnerability in Cups Easy (Purchase & Inventory) Project Cups Easy (Purchase & Inventory) 1.0

Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account deletion via userdelete.php.

4.3
2020-01-28 CVE-2020-5215 Google Improper Input Validation vulnerability in Google Tensorflow

In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode.

4.3
2020-01-28 CVE-2020-8421 Joomla Cross-Site Scripting vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.9.15.

4.3
2020-01-28 CVE-2014-8490 Tennisconnect Cross-Site Scripting vulnerability in Tennisconnect Components 9.927

Cross-site scripting (XSS) vulnerability in TennisConnect COMPONENTS 9.927 allows remote attackers to inject arbitrary web script or HTML via the pid parameter to index.cfm.

4.3
2020-01-28 CVE-2013-2714 Podpress Project Cross-Site Scripting vulnerability in Podpress Project Podpress 8.8.10.13

Cross-site Scripting (XSS) in WordPress podPress Plugin 8.8.10.13 could allow remote attackers to inject arbitrary web script or html via the 'playerID' parameter.

4.3
2020-01-28 CVE-2020-8315 Python Improper Input Validation vulnerability in Python

In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy.

4.3
2020-01-28 CVE-2019-4638 IBM Reliance ON Cookies Without Validation and Integrity Checking vulnerability in IBM Security Secret Server

IBM Security Secret Server 10.7 does not set the secure attribute on authorization tokens or session cookies.

4.3
2020-01-28 CVE-2019-4633 IBM Exposure of Resource TO Wrong Sphere vulnerability in IBM Security Secret Server

IBM Security Secret Server 10.7 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy.

4.3
2020-01-28 CVE-2019-4632 IBM Cross-Site Scripting vulnerability in IBM Security Secret Server

IBM Security Secret Server 10.7 is vulnerable to cross-site scripting.

4.3
2020-01-28 CVE-2019-4568 IBM
HP
Linux
Microsoft
Oracle
Improper Input Validation vulnerability in IBM MQ and MQ Appliance

IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel.

4.3
2020-01-28 CVE-2013-4865 Micasaverde Cross-Site Request Forgery (CSRF) vulnerability in Micasaverde Veralite Firmware 1.5.408

Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter.

4.3
2020-01-28 CVE-2014-3230 LWP Improper Certificate Validation vulnerability in Lwp::Protocol::Https Project Lwp::Protocol::Https 6.04/6.06

The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment variable.

4.3
2020-01-28 CVE-2013-0294 Pyrad Project
Fedoraproject
USE of Insufficiently Random Values vulnerability in multiple products

packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.

4.3
2020-01-28 CVE-2013-6451 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

Cross-site scripting (XSS) vulnerability in MediaWiki 1.19.9 before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via unspecified CSS values.

4.3
2020-01-28 CVE-2020-7997 Asus Cross-Site Scripting vulnerability in Asus Rt-Ac66U Firmware 3.0.0.4.37267

ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature.

4.3
2020-01-28 CVE-2019-15586 Gitlab Cross-Site Scripting vulnerability in Gitlab

A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin.

4.3
2020-01-28 CVE-2020-1933 Apache Cross-Site Scripting vulnerability in Apache Nifi

A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0.

4.3
2020-01-28 CVE-2019-20437 Wso2 Cross-Site Scripting vulnerability in Wso2 API Manager and Identity Server

An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0.

4.3
2020-01-28 CVE-2019-20436 Wso2 Cross-Site Scripting vulnerability in Wso2 API Manager and Identity Server

An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0.

4.3
2020-01-28 CVE-2019-10779 Gchq Cross-Site Scripting vulnerability in Gchq Stroom

All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting.

4.3
2020-01-28 CVE-2019-10770 Ratpack Cross-Site Scripting vulnerability in Ratpack 0.9.10

All versions of io.ratpack:ratpack-core from 0.9.10 inclusive and before 1.7.6 are vulnerable to Cross-site Scripting (XSS).

4.3
2020-01-27 CVE-2020-8091 Typo3 Cross-Site Scripting vulnerability in Typo3

svg.swf in TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.

4.3
2020-01-27 CVE-2012-6448 Cpanel Cross-Site Scripting vulnerability in Cpanel Webhost Manager 11.34.0

Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2020-01-27 CVE-2019-8947 Zimbra Cross-Site Scripting vulnerability in Zimbra Collaboration Server

Zimbra Collaboration 8.7.x - 8.8.11P2 contains non-persistent XSS.

4.3
2020-01-27 CVE-2019-8946 Zimbra Cross-Site Scripting vulnerability in Zimbra Collaboration Server

Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS.

4.3
2020-01-27 CVE-2019-8945 Zimbra Cross-Site Scripting vulnerability in Zimbra Collaboration Server

Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS.

4.3
2020-01-27 CVE-2019-15313 Zimbra Cross-Site Scripting vulnerability in Zimbra Collaboration Server

In Zimbra Collaboration before 8.8.15 Patch 1, there is a non-persistent XSS vulnerability.

4.3
2020-01-27 CVE-2014-5500 Synacor Cross-Site Scripting vulnerability in Synacor Zimbra Collaboration Server

Synacor Zimbra Collaboration before 8.0.8 has XSS.

4.3
2020-01-27 CVE-2013-4770 Eucalyptus Cross-Site Scripting vulnerability in Eucalyptus Management Console 4.0.0

Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2020-01-27 CVE-2015-3154 Zend Injection vulnerability in Zend Framework

CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email.

4.3
2020-01-27 CVE-2014-9481 Mediawiki Information Exposure vulnerability in Mediawiki

The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML.

4.3
2020-01-27 CVE-2019-6036 F Revocrm Cross-Site Scripting vulnerability in F-Revocrm 6.0/6.5

Cross-site scripting vulnerability in F-RevoCRM 6.0 to F-RevoCRM 6.5 patch6 (version 6 series) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2020-01-27 CVE-2017-14806 Suse Improper Certificate Validation vulnerability in Suse Studio Onsite and Susestudio-Ui-Server

A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections.

4.3
2020-01-27 CVE-2019-19143 TP Link Missing Authentication FOR Critical Function vulnerability in Tp-Link Tl-Wr849N Firmware 0.9.14.16

TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI.

4.1
2020-01-31 CVE-2020-8422 Zohocorp Insufficiently Protected Credentials vulnerability in Zohocorp Manageengine Remote Access Plus

An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine Remote Access Plus before 10.0.450.

4.0
2020-01-30 CVE-2020-5231 Apereo Incorrect Default Permissions vulnerability in Apereo Opencast

In Opencast before 7.6 and 8.1, users with the role ROLE_COURSE_ADMIN can use the user-utils endpoint to create new users not including the role ROLE_ADMIN.

4.0
2020-01-30 CVE-2013-4187 Flippy Project Information Exposure vulnerability in Flippy Project Flippy

The Flippy module 7.x-1.x before 7.x-1.2 for Drupal does not properly restrict access to nodes, which allows remote authenticated users with the permission to access content to read a link or alias to a restricted node.

4.0
2020-01-29 CVE-2020-2107 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Fortify 19.1.29

Jenkins Fortify Plugin 19.1.29 and earlier stores proxy server passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

4.0
2020-01-29 CVE-2020-2104 Jenkins Incorrect Authorization vulnerability in Jenkins

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.

4.0
2020-01-29 CVE-2020-2103 Jenkins Information Exposure vulnerability in Jenkins

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page.

4.0
2020-01-28 CVE-2019-4679 IBM Unspecified vulnerability in IBM Content Navigator 3.0.0

IBM Content Navigator 3.0CD could allow an authenticated user to gain information about the hosting operating system and version that could be used in further attacks against the system.

4.0
2020-01-28 CVE-2019-4637 IBM Unspecified vulnerability in IBM Security Secret Server

IBM Security Secret Server 10.7 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity.

4.0
2020-01-28 CVE-2019-4636 IBM Information Exposure Through AN Error Message vulnerability in IBM Security Secret Server

IBM Security Secret Server 10.7 could disclose sensitive information to an authenticated user from generated error messages.

4.0
2020-01-28 CVE-2019-4635 IBM Command Injection vulnerability in IBM Security Secret Server 10.7

IBM Security Secret Server 10.7 could allow a privileged user to perform unauthorized command injection due to imporoper input neutralization of special elements.

4.0
2020-01-28 CVE-2019-4614 IBM
Linux
Microsoft
Oracle
Improper Input Validation vulnerability in IBM MQ and MQ Appliance

IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Queue Manager could cause a SIGSEGV denial of service caused by converting an invalid message.

4.0
2020-01-28 CVE-2013-4861 Micasaverde Path Traversal vulnerability in Micasaverde Veralite Firmware 1.5.408

Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a ..

4.0
2020-01-28 CVE-2013-4582 Gitlab Inclusion of Functionality From Untrusted Control Sphere vulnerability in Gitlab and Gitlab-Shell

The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface.

4.0
2020-01-28 CVE-2019-5474 Gitlab Incorrect Authorization vulnerability in Gitlab

An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the merge request approval rules to be overridden without appropriate permissions.

4.0
2020-01-28 CVE-2019-5466 Gitlab Authorization Bypass Through User-Controlled KEY vulnerability in Gitlab

An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names.

4.0
2020-01-28 CVE-2019-5465 Gitlab Unspecified vulnerability in Gitlab

An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID.

4.0
2020-01-28 CVE-2020-1932 Apache Information Exposure vulnerability in Apache Superset

An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1.

4.0
2020-01-27 CVE-2020-5218 Sylius Http Request Smuggling vulnerability in Sylius

Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments.

4.0
2020-01-27 CVE-2014-8161 Postgresql
Debian
Information Exposure Through AN Error Message vulnerability in multiple products

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.

4.0

51 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-01-29 CVE-2020-8428 Linux USE After Free vulnerability in Linux Kernel

fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9.

3.6
2020-01-28 CVE-2012-6114 GIT Extras Project Link Following vulnerability in Git-Extras Project Git-Extras 1.7.0

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort.

3.6
2020-01-31 CVE-2020-8503 Biscom Authorization Bypass Through User-Controlled KEY vulnerability in Biscom Secure File Transfer

Biscom Secure File Transfer (SFT) 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference (IDOR) by an authenticated sender because of an error in a file-upload feature.

3.5
2020-01-30 CVE-2020-8498 Gistpress Project Cross-Site Scripting vulnerability in Gistpress Project Gistpress

XSS exists in the shortcode functionality of the GistPress plugin before 3.0.2 for WordPress via the includes/class-gistpress.php id parameter.

3.5
2020-01-30 CVE-2020-8496 Kronos Cross-Site Scripting vulnerability in Kronos web Time and Attendance

In Kronos Web Time and Attendance (webTA) 4.1.x and later 4.x versions before 5.0, there is a Stored XSS vulnerability by setting the Application Banner input field of the /ApplicationBanner page as an authenticated administrator.

3.5
2020-01-30 CVE-2020-8493 Kronos Cross-Site Scripting vulnerability in Kronos web Time and Attendance 3.8

A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affects 3.8.x and later 3.x versions before 4.0 via multiple input fields (Login Message, Banner Message, and Password Instructions) of the com.threeis.webta.H261configMenu servlet via an authenticated administrator.

3.5
2020-01-30 CVE-2020-7910 Jetbrains Cross-Site Scripting vulnerability in Jetbrains Teamcity

JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role.

3.5
2020-01-29 CVE-2020-2106 Jenkins Cross-Site Scripting vulnerability in Jenkins Code Coverage API

Jenkins Code Coverage API Plugin 1.1.2 and earlier does not escape the filename of the coverage report used in its view, resulting in a stored XSS vulnerability exploitable by users able to change job configurations.

3.5
2020-01-29 CVE-2020-2102 Jenkins Information Exposure Through Discrepancy vulnerability in Jenkins

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.

3.5
2020-01-29 CVE-2020-2101 Jenkins Information Exposure Through Discrepancy vulnerability in Jenkins

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.

3.5
2020-01-29 CVE-2019-7655 Wowza Cross-Site Scripting vulnerability in Wowza Streaming Engine 4.7.7/4.7.8

Wowza Streaming Engine 4.8.0 and earlier from multiple authenticated XSS vulnerabilities via the (1) customList%5B0%5D.value field in enginemanager/server/serversetup/edit_adv.htm of the Server Setup configuration or the (2) host field in enginemanager/j_spring_security_check of the login form.

3.5
2020-01-29 CVE-2013-0161 Havalite Cross-Site Scripting vulnerability in Havalite 1.1.7

Havalite CMS 1.1.7 has a stored XSS vulnerability

3.5
2020-01-29 CVE-2012-5776 Dokeos Cross-Site Scripting vulnerability in Dokeos 2.1.1

Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in main/auth/profile.php.

3.5
2020-01-28 CVE-2020-8426 Elementor Cross-Site Scripting vulnerability in Elementor Page Builder

The Elementor plugin before 2.8.5 for WordPress suffers from a reflected XSS vulnerability on the elementor-system-info page.

3.5
2020-01-28 CVE-2019-17338 Tibco Cross-Site Scripting vulnerability in Tibco Patterns - Search

The user interface component of TIBCO Software Inc.'s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks.

3.5
2020-01-28 CVE-2015-7851 NTP Path Traversal vulnerability in NTP

Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.

3.5
2020-01-28 CVE-2020-7934 Liferay Cross-Site Scripting vulnerability in Liferay Portal

In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue.

3.5
2020-01-28 CVE-2019-15607 Nodered Cross-Site Scripting vulnerability in Nodered Node-Red

A stored XSS vulnerability is present within node-red (version: <= 0.20.7) npm package, which is a visual tool for wiring the Internet of Things.

3.5
2020-01-28 CVE-2019-20439 Wso2 Cross-Site Scripting vulnerability in Wso2 API Manager 2.6.0

An issue was discovered in WSO2 API Manager 2.6.0.

3.5
2020-01-28 CVE-2019-20438 Wso2 Cross-Site Scripting vulnerability in Wso2 API Manager 2.6.0

An issue was discovered in WSO2 API Manager 2.6.0.

3.5
2020-01-28 CVE-2019-20435 Wso2 Cross-Site Scripting vulnerability in Wso2 API Manager 2.6.0

An issue was discovered in WSO2 API Manager 2.6.0.

3.5
2020-01-28 CVE-2019-20434 Wso2 Cross-Site Scripting vulnerability in Wso2 API Manager 2.6.0

An issue was discovered in WSO2 API Manager 2.6.0.

3.5
2020-01-28 CVE-2019-17651 Fortinet Cross-Site Scripting vulnerability in Fortinet Fortisiem

An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule in FortiSIEM version 5.2.5 and below may allow a remote authenticated attacker to perform a Stored Cross Site Scripting attack (XSS) by injecting malicious JavaScript code into the description field of a Device Maintenance schedule.

3.5
2020-01-28 CVE-2019-20443 Wso2 Cross-Site Scripting vulnerability in Wso2 API Manager, Enterprise Integrator and Identity Server

An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0.

3.5
2020-01-28 CVE-2019-20442 Wso2 Cross-Site Scripting vulnerability in Wso2 API Manager, Enterprise Integrator and Identity Server

An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0.

3.5
2020-01-28 CVE-2019-20441 Wso2 Cross-Site Scripting vulnerability in Wso2 API Manager 2.6.0

An issue was discovered in WSO2 API Manager 2.6.0.

3.5
2020-01-28 CVE-2019-20440 Wso2 Cross-Site Scripting vulnerability in Wso2 API Manager 2.6.0

An issue was discovered in WSO2 API Manager 2.6.0.

3.5
2020-01-27 CVE-2020-8090 A1 Cross-Site Scripting vulnerability in A1 Wlan BOX ADB Vv2220 Firmware

The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS (after a successful Administrator login).

3.5
2020-01-27 CVE-2019-12427 Zimbra Cross-Site Scripting vulnerability in Zimbra Collaboration Server

Zimbra Collaboration before 8.8.15 Patch 1 is vulnerable to a non-persistent XSS via the Admin Console.

3.5
2020-01-27 CVE-2019-11318 Synacor Cross-Site Scripting vulnerability in Synacor Zimbra Collaboration Server

Zimbra Collaboration before 8.8.12 Patch 1 has persistent XSS.

3.5
2020-01-27 CVE-2015-2249 Synacor Cross-Site Scripting vulnerability in Synacor Zimbra Collaboration Server

Zimbra Collaboration before 8.6.0 patch5 has XSS.

3.5
2020-01-27 CVE-2013-0286 Pinboard Project Cross-Site Scripting vulnerability in Pinboard Project Pinboard 1.0.6

Pinboard 1.0.6 theme for Wordpress has XSS.

3.5
2020-01-30 CVE-2019-17273 Netapp Improper Input Validation vulnerability in Netapp E-Series Santricity OS Controller

E-Series SANtricity OS Controller Software version 11.60.0 is susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in IPv6 environments.

3.3
2020-01-27 CVE-2006-7246 Gnome
Opensuse
Suse
Improper Certificate Validation vulnerability in multiple products

NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.

3.2
2020-01-31 CVE-2015-6815 Qemu
Fedoraproject
Novell
Canonical
Redhat
XEN
Infinite Loop vulnerability in multiple products

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.

2.7
2020-01-31 CVE-2013-5112 Evernote Improper Authentication vulnerability in Evernote

Evernote before 5.5.1 has insecure PIN storage

2.1
2020-01-30 CVE-2020-8092 Bitdefender Improper Privilege Management vulnerability in Bitdefender Antivirus

A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud.

2.1
2020-01-30 CVE-2020-8448 Ossec Null Pointer Dereference vulnerability in Ossec

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a denial of service (NULL pointer dereference) via crafted messages written directly to the analysisd UNIX domain socket by a local user.

2.1
2020-01-30 CVE-2020-8446 Ossec Path Traversal vulnerability in Ossec

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to path traversal (with write access) via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user.

2.1
2020-01-28 CVE-2020-0549 Intel Information Exposure vulnerability in Intel products

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

2.1
2020-01-28 CVE-2020-0548 Intel Information Exposure vulnerability in Intel products

Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

2.1
2020-01-27 CVE-2019-19539 HP Insufficiently Protected Credentials vulnerability in HP products

An issue was discovered in Idelji Web ViewPoint H01ABO-H01BY and L01ABP-L01ABZ, Web ViewPoint Plus H01AAG-H01AAQ and L01AAH-L01AAR, and Web ViewPoint Enterprise H01-H01AAE and L01-L01AAF.

2.1
2020-01-27 CVE-2019-17103 Bitdefender Incorrect Default Permissions vulnerability in Bitdefender Antivirus

An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for Mac allows an attacker to elevate permissions to read protected directories.

2.1
2020-01-27 CVE-2018-20105 Yast2 RMT Project
Opensuse
Suse
Information Exposure Through LOG Files vulnerability in multiple products

A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file.

2.1
2020-01-27 CVE-2020-8003 Virglrenderer Project Double Free vulnerability in Virglrenderer Project Virglrenderer

A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free.

2.1
2020-01-27 CVE-2020-8002 Virglrenderer Project Null Pointer Dereference vulnerability in Virglrenderer Project Virglrenderer

A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without previously providing a Compute Shader (CS).

2.1
2020-01-27 CVE-2019-20422 Linux Improper Handling of Exceptional Conditions vulnerability in Linux Kernel

In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db.

2.1
2020-01-31 CVE-2019-3016 Linux Race Condition vulnerability in Linux Kernel

In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest.

1.9
2020-01-31 CVE-2013-5113 Logmein Insufficiently Protected Credentials vulnerability in Logmein Lastpass

LastPass prior to 2.5.1 has an insecure PIN implementation.

1.9
2020-01-27 CVE-2019-11288 Pivotal Improper Privilege Management vulnerability in Pivotal TC Runtimes and TC Server

In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions prior to 7.0.99.B, 8.x versions prior to 8.5.47.A, and 9.x versions prior to 9.0.27.A, when a tc Runtime instance is configured with the JMX Socket Listener, a local attacker without access to the tc Runtime process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface.

1.9
2020-01-27 CVE-2018-19441 Neatorobotics USE of Insufficiently Random Values vulnerability in Neatorobotics Botvac Connected Firmware 2.2.0

An issue was discovered in Neato Botvac Connected 2.2.0.

1.9