Weekly Vulnerabilities Reports > February 3 to 9, 2020

Overview

334 new vulnerabilities reported during this period, including 62 critical vulnerabilities and 131 high severity vulnerabilities. This weekly summary report vulnerabilities in 469 products from 175 vendors including Opensuse, Nextcloud, Canonical, IBM, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Out-of-bounds Write", "Improper Input Validation", and "Cross-Site Request Forgery (CSRF)".

  • 273 reported vulnerabilities are remotely exploitables.
  • 38 reported vulnerabilities have public exploit available.
  • 111 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 226 reported vulnerabilities are exploitable by an anonymous user.
  • Opensuse has the most reported vulnerabilities, with 22 reported vulnerabilities.
  • Debian has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

62 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-08 CVE-2015-5741 Golang
Redhat
HTTP Request Smuggling vulnerability in multiple products

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields.

9.8
2020-02-08 CVE-2014-8739 Jquery File Upload Project
Creative Solutions
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products

Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form (formerly Sexy Contact Form) before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute arbitrary code by uploading a PHP file with an PHP extension, then accessing it via a direct request to the file in files/, as exploited in the wild in October 2014.

9.8
2020-02-07 CVE-2020-6770 Bosch Deserialization of Untrusted Data vulnerability in Bosch products

Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system.

9.8
2020-02-07 CVE-2020-8796 Biscom Unspecified vulnerability in Biscom Secure File Transfer

Biscom Secure File Transfer (SFT) before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server.

9.8
2020-02-07 CVE-2013-3091 Belkin Improper Authentication vulnerability in Belkin N300 Firmware 1.00.06

An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using "Javascript debugging."

9.8
2020-02-07 CVE-2014-5091 Status2K Improper Input Validation vulnerability in Status2K

A vulnerability exits in Status2K 2.5 Server Monitoring Software via the multies parameter to includes/functions.php, which could let a malicious user execute arbitrary PHP code.

9.8
2020-02-07 CVE-2014-5087 Sphider
Sphider Plus
Sphiderpro
Improper Input Validation vulnerability in multiple products

A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote malicious user execute arbitrary code.

9.8
2020-02-07 CVE-2019-15606 Nodejs
Oracle
Debian
Redhat
Opensuse
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
9.8
2020-02-07 CVE-2019-15605 Nodejs
Debian
Fedoraproject
Opensuse
Redhat
Oracle
HTTP Request Smuggling vulnerability in multiple products

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

9.8
2020-02-07 CVE-2014-9530 Nwjs Unspecified vulnerability in Nwjs NW

A vulnerability exists in nw.js before 0.11.3 when calling nw methods from normal frames, which has an unspecified impact.

9.8
2020-02-07 CVE-2013-4335 Openpne XML Entity Expansion vulnerability in Openpne Opopensocialplugin

opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vulnerabilities

9.8
2020-02-07 CVE-2019-17268 Omniauth Weibo Oauth2 Project Code Injection vulnerability in Omniauth-Weibo-Oauth2 Project Omniauth-Weibo-Oauth2 0.4.6

The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.

9.8
2020-02-07 CVE-2013-4334 Tejimaya XXE vulnerability in Tejimaya Opwebapiplugin 0.1.0/0.4.0/0.5.1

opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities

9.8
2020-02-07 CVE-2019-10590 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

9.8
2020-02-07 CVE-2020-8656 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork 5.30

An issue was discovered in EyesOfNetwork 5.3.

9.8
2020-02-07 CVE-2020-8645 Simplejobscript SQL Injection vulnerability in Simplejobscript 1.65/1.66

An issue was discovered in Simplejobscript.com SJS through 1.66.

9.8
2020-02-06 CVE-2020-6760 Schmid Telecom OS Command Injection vulnerability in Schmid-Telecom ZI 620 V400 Firmware 090

Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping.

9.8
2020-02-06 CVE-2020-8657 Eyesofnetwork Use of Hard-coded Credentials vulnerability in Eyesofnetwork 5.30

An issue was discovered in EyesOfNetwork 5.3.

9.8
2020-02-06 CVE-2012-6306 Hcview Project Unspecified vulnerability in Hcview Project Hcview 1.4

A vulnerability exists in HCView (aka Hardcoreview) 1.4 due to a write access violation with a GIF file.

9.8
2020-02-06 CVE-2020-8772 Revmakx Missing Authorization vulnerability in Revmakx Infinitewp Client

The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php.

9.8
2020-02-06 CVE-2020-8771 Wptimecapsule Improper Authentication vulnerability in Wptimecapsule WP Time Capsule

The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass.

9.8
2020-02-06 CVE-2020-8636 Opservices Missing Authentication for Critical Function vulnerability in Opservices Opmon 9.3.2

An issue was discovered in OpServices OpMon 9.3.2 that allows Remote Code Execution .

9.8
2020-02-06 CVE-2019-10789 Curling Project OS Command Injection vulnerability in Curling Project Curling

All versions of curling.js are vulnerable to Command Injection via the run function.

9.8
2020-02-06 CVE-2013-4521 Nuxeo Deserialization of Untrusted Data vulnerability in Nuxeo 5.6.0/5.8.0

RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data.

9.8
2020-02-06 CVE-2015-2909 Netvu Improper Privilege Management vulnerability in Netvu products

Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote attackers to obtain access by leveraging situations in which this warning was not heeded.

9.8
2020-02-05 CVE-2011-1517 SAP Unspecified vulnerability in SAP Netweaver 7.0

SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function.

9.8
2020-02-05 CVE-2020-8644 Playsms Code Injection vulnerability in Playsms

PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.

9.8
2020-02-05 CVE-2013-2681 Cisco Improper Authentication vulnerability in Cisco Linksys E4200 Firmware 1.0.05

Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow remote attackers to gain unauthorized access.

9.8
2020-02-05 CVE-2019-20447 Jobberbase SQL Injection vulnerability in Jobberbase 2.0

Jobberbase 2.0 has SQL injection via the PATH_INFO to the jobs-in endpoint.

9.8
2020-02-05 CVE-2015-5628 Yokogawa Out-of-bounds Write vulnerability in Yokogawa products

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet.

9.8
2020-02-05 CVE-2015-5627 Yokogawa Out-of-bounds Write vulnerability in Yokogawa products

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (process outage) via a crafted packet.

9.8
2020-02-05 CVE-2015-5626 Yokogawa Out-of-bounds Write vulnerability in Yokogawa products

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (network-communications outage) via a crafted packet.

9.8
2020-02-05 CVE-2010-4815 Coppermine Gallery Improper Input Validation vulnerability in Coppermine-Gallery Coppermine Gallery

Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution.

9.8
2020-02-05 CVE-2020-6754 Dotcms Unrestricted Upload of File with Dangerous Type vulnerability in Dotcms

dotCMS before 5.2.4 is vulnerable to directory traversal, leading to incorrect access control.

9.8
2020-02-05 CVE-2020-6969 Automationdirect Insufficiently Protected Credentials vulnerability in Automationdirect products

It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations.

9.8
2020-02-05 CVE-2020-6174 Linuxfoundation Improper Verification of Cryptographic Signature vulnerability in Linuxfoundation the Update Framework

TUF (aka The Update Framework) through 0.12.1 has Improper Verification of a Cryptographic Signature.

9.8
2020-02-05 CVE-2020-8114 Gitlab Incorrect Default Permissions vulnerability in Gitlab

GitLab EE 8.9 and later through 12.7.2 has Insecure Permission

9.8
2020-02-04 CVE-2019-10788 DNT OS Command Injection vulnerability in DNT Im-Metadata

im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument.

9.8
2020-02-04 CVE-2019-10787 DNT OS Command Injection vulnerability in DNT Im-Resize

im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument.

9.8
2020-02-04 CVE-2019-10786 Network Manager Project OS Command Injection vulnerability in Network-Manager Project Network-Manager 1.0.0/1.0.1/1.0.2

network-manager through 1.0.2 allows remote attackers to execute arbitrary commands via the "execSync()" argument.

9.8
2020-02-04 CVE-2020-8125 Klona Project Improper Input Validation vulnerability in Klona Project Klona 1.0.0/1.1.0

Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona.

9.8
2020-02-04 CVE-2015-3613 Fortinet Improper Privilege Management vulnerability in Fortinet Fortimanager

A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page

9.8
2020-02-04 CVE-2019-4675 IBM Use of Hard-coded Credentials vulnerability in IBM Security Identity Manager 7.0.1

IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

9.8
2020-02-04 CVE-2013-7055 Dlink Insufficiently Protected Credentials vulnerability in Dlink Dir-100 Firmware 4.03B07

D-Link DIR-100 4.03B07 has PPTP and poe information disclosure

9.8
2020-02-04 CVE-2013-7052 Dlink Insufficiently Protected Credentials vulnerability in Dlink Dir-100 Firmware 4.03B07

D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script

9.8
2020-02-04 CVE-2012-5686 Zpanelcp Weak Password Recovery Mechanism for Forgotten Password vulnerability in Zpanelcp Zpanel 10.0.1

ZPanel 10.0.1 has insufficient entropy for its password reset process.

9.8
2020-02-04 CVE-2012-5618 Ushahidi Weak Password Recovery Mechanism for Forgotten Password vulnerability in Ushahidi

Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens.

9.8
2020-02-04 CVE-2020-5235 Nanopb Project Out-of-bounds Read vulnerability in Nanopb Project Nanopb

There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4.

9.8
2020-02-03 CVE-2020-8597 Point TO Point Protocol Project
Wago
Debian
Canonical
Classic Buffer Overflow vulnerability in multiple products

eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.

9.8
2020-02-03 CVE-2020-8592 Eginnovations SQL Injection vulnerability in Eginnovations EG Manager 7.1.2

eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet (aka the Forgot Password feature).

9.8
2020-02-03 CVE-2020-8591 Eginnovations Improper Authentication vulnerability in Eginnovations EG Manager 7.1.2

eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLoginServlet?uname=admin&upass=&accessKey=eGm0n1t0r request.

9.8
2020-02-03 CVE-2020-8547 Phplist Unspecified vulnerability in PHPlist 3.5.0

phpList 3.5.0 allows type juggling for admin login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.

9.8
2020-02-03 CVE-2020-8510 Phpabook Project Improper Authentication vulnerability in PHPabook Project PHPabook 0.9

An issue was discovered in phpABook 0.9 Intermediate.

9.8
2020-02-03 CVE-2020-7471 Djangoproject SQL Injection vulnerability in Djangoproject Django

Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter).

9.8
2020-02-03 CVE-2020-8508 Norman Out-of-bounds Write vulnerability in Norman Malware Cleaner 2.08.08

nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call arbitrary kernel functions because the passing of function pointers between user and kernel mode is mishandled.

9.8
2020-02-08 CVE-2011-3642 Flowplayer Cross-site Scripting vulnerability in Flowplayer Flash 3.2.15/3.2.16

Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2.7 through 3.2.16, as used in the News system (news) extension for TYPO3 and Mahara, allows remote attackers to inject arbitrary web script or HTML via the plugin configuration directive in a reference to an external domain plugin.

9.6
2020-02-04 CVE-2019-10784 Phppgadmin Project Cross-Site Request Forgery (CSRF) vulnerability in PHPpgadmin Project PHPpgadmin

phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application.

9.6
2020-02-07 CVE-2020-6769 Bosch Missing Authentication for Critical Function vulnerability in Bosch products

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway.

9.1
2020-02-07 CVE-2019-14063 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Out of bound access due to Invalid inputs to dapm mux settings which results into kernel failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9607, Nicobar, QCS405, Rennell, SA6155P, Saipan, SC8180X, SDM630, SDM636, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

9.1
2020-02-07 CVE-2019-14057 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

9.1
2020-02-05 CVE-2011-1151 Joomla SQL Injection vulnerability in Joomla Joomla! 1.6.0

Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters.

9.1
2020-02-04 CVE-2020-6058 Minisnmpd Project Out-of-bounds Read vulnerability in Minisnmpd Project Minisnmpd 1.4

An exploitable out-of-bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets.

9.1

131 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-08 CVE-2012-4512 KDE
Redhat
Type Confusion vulnerability in multiple products

The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."

8.8
2020-02-08 CVE-2015-3423 Netcracker SQL Injection vulnerability in Netcracker Resource Management System

Multiple SQL injection vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) ctrl, (2) h____%2427, (3) h____%2439, (4) param0, (5) param1, (6) param2, (7) param3, (8) param4, (9) filter_INSERT_COUNT, (10) filter_MINOR_FALLOUT, (11) filter_UPDATE_COUNT, (12) sort, or (13) sessid parameter.

8.8
2020-02-08 CVE-2014-2225 UI Cross-Site Request Forgery (CSRF) vulnerability in UI products

Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create a new admin user via a request to api/add/admin; (2) have unspecified impact via a request to api/add/wlanconf; change the guest (3) password, (4) authentication method, or (5) restricted subnets via a request to api/set/setting/guest_access; (6) block, (7) unblock, or (8) reconnect users by MAC address via a request to api/cmd/stamgr; change the syslog (9) server or (10) port via a request to api/set/setting/rsyslogd; (11) have unspecified impact via a request to api/set/setting/smtp; change the syslog (12) server, (13) port, or (14) authentication settings via a request to api/cmd/cfgmgr; or (15) change the Unifi Controller name via a request to api/set/setting/identity.

8.8
2020-02-07 CVE-2011-1085 Smoothwall Cross-Site Request Forgery (CSRF) vulnerability in Smoothwall Express 3.0

CSRF vulnerability in Smoothwall Express 3.

8.8
2020-02-07 CVE-2014-5468 Getrailo Improper Input Validation vulnerability in Getrailo Railo

A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a specially-crafted URL request to the thumbnail.cfm to specify a malicious PNG file, which could let a remote malicious user obtain sensitive information or execute arbitrary code.

8.8
2020-02-07 CVE-2014-5288 Kemptechnologies Cross-Site Request Forgery (CSRF) vulnerability in Kemptechnologies Load Master 7.116/7.118

A CSRF Vulnerability exists in Kemp Load Master before 7.0-18a via unspecified vectors in administrative pages.

8.8
2020-02-07 CVE-2014-7224 Google Improper Input Validation vulnerability in Google Android

A Code Execution vulnerability exists in Android prior to 4.4.0 related to the addJavascriptInterface method and the accessibility and accessibilityTraversal objects, which could let a remote malicious user execute arbitrary code.

8.8
2020-02-07 CVE-2013-3629 Ispconfig Unspecified vulnerability in Ispconfig 3.0.5.2

ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution

8.8
2020-02-07 CVE-2013-3628 Zabbix Injection vulnerability in Zabbix 2.0.9

Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability

8.8
2020-02-07 CVE-2013-3591 Vtiger Unrestricted Upload of File with Dangerous Type vulnerability in Vtiger CRM 5.3.0/5.4.0

vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability

8.8
2020-02-07 CVE-2013-2009 Automattic Unspecified vulnerability in Automattic WP Super Cache 1.2

WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution

8.8
2020-02-07 CVE-2020-8654 Eyesofnetwork OS Command Injection vulnerability in Eyesofnetwork 5.30

An issue was discovered in EyesOfNetwork 5.3.

8.8
2020-02-06 CVE-2013-3638 Boonex SQL Injection vulnerability in Boonex Dolphin

SQL injection vulnerability in Boonex Dolphin before 7.1.3 allows remote authenticated users to execute arbitrary SQL commands via the 'pathes' parameter in 'categories.php'.

8.8
2020-02-06 CVE-2013-3568 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Linksys Wrt110 Firmware

Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.

8.8
2020-02-06 CVE-2012-6307 Impulseadventure Unspecified vulnerability in Impulseadventure Jpegsnoop 1.5.2

A vulnerability exists in JPEGsnoop 1.5.2 due to an unspecified issue in JPEG file handling, which could let a malicious user execute arbitrary code

8.8
2020-02-06 CVE-2012-6297 DD WRT Cross-Site Request Forgery (CSRF) vulnerability in Dd-Wrt 24

Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service.

8.8
2020-02-06 CVE-2014-2030 Imagemagick
Canonical
Opensuse
Out-of-bounds Write vulnerability in multiple products

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.

8.8
2020-02-06 CVE-2014-1958 Imagemagick
Canonical
Opensuse
Classic Buffer Overflow vulnerability in multiple products

Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.

8.8
2020-02-06 CVE-2015-6000 Vtiger Unrestricted Upload of File with Dangerous Type vulnerability in Vtiger CRM

Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in test/logo/.

8.8
2020-02-06 CVE-2020-8658 Bestwebsoft Cross-Site Request Forgery (CSRF) vulnerability in Bestwebsoft Htaccess

The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF.

8.8
2020-02-06 CVE-2011-1597 Openvas Unrestricted Upload of File with Dangerous Type vulnerability in Openvas Manager 2.0.3

OpenVAS Manager v2.0.3 allows plugin remote code execution.

8.8
2020-02-05 CVE-2020-8641 Lotus Core CMS Project Path Traversal vulnerability in Lotus Core CMS Project Lotus Core CMS 1.0.1

Lotus Core CMS 1.0.1 allows authenticated Local File Inclusion of .php files via directory traversal in the index.php page_slug parameter.

8.8
2020-02-05 CVE-2011-0525 Batavi Cross-Site Request Forgery (CSRF) vulnerability in Batavi

Batavi before 1.0 has CSRF.

8.8
2020-02-05 CVE-2020-3119 Cisco Out-of-bounds Write vulnerability in Cisco Nx-Os

A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device.

8.8
2020-02-05 CVE-2020-3118 Cisco Out-of-bounds Write vulnerability in Cisco IOS XR

A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device.

8.8
2020-02-05 CVE-2020-3111 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone.

8.8
2020-02-05 CVE-2020-3110 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the Cisco Discovery Protocol implementation for the Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP Camera.

8.8
2020-02-05 CVE-2019-4613 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Planning Analytics 2.0

IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

8.8
2020-02-05 CVE-2020-5237 1UP Path Traversal vulnerability in 1UP Oneupuploaderbundle

Multiple relative path traversal vulnerabilities in the oneup/uploader-bundle before 1.9.3 and 2.1.5 allow remote attackers to upload, copy, and modify files on the filesystem (potentially leading to arbitrary code execution) via the (1) filename parameter to BlueimpController.php; the (2) dzchunkindex, (3) dzuuid, or (4) filename parameter to DropzoneController.php; the (5) qqpartindex, (6) qqfilename, or (7) qquuid parameter to FineUploaderController.php; the (8) x-file-id or (9) x-file-name parameter to MooUploadController.php; or the (10) name or (11) chunk parameter to PluploadController.php.

8.8
2020-02-05 CVE-2020-5208 Ipmitool Project
Debian
Fedoraproject
Opensuse
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side.
8.8
2020-02-04 CVE-2015-3611 Fortinet OS Command Injection vulnerability in Fortinet Fortimanager

A Command Injection vulnerability exists in FortiManager 5.2.1 and earlier and FortiManager 5.0.10 and earlier via unspecified vectors, which could let a malicious user run systems commands when executing a report.

8.8
2020-02-04 CVE-2013-7053 Dlink Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir-100 Firmware 4.03B07

D-Link DIR-100 4.03B07: cli.cgi CSRF

8.8
2020-02-04 CVE-2013-7051 Dlink Improper Authentication vulnerability in Dlink Dir-100 Firmware 4.03B07

D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters

8.8
2020-02-03 CVE-2019-9502 Synology
Broadcom
Out-of-bounds Write vulnerability in multiple products

The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow.

8.8
2020-02-03 CVE-2019-9501 Synology
Broadcom
Out-of-bounds Write vulnerability in multiple products

The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow.

8.8
2020-02-03 CVE-2020-3925 Changingtec Unspecified vulnerability in Changingtec Servisign 1.0.19.0617

A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arbitrary command on target system via malicious crafted scripts.

8.8
2020-02-04 CVE-2020-6059 Minisnmpd Project Integer Overflow or Wraparound vulnerability in Minisnmpd Project Minisnmpd 1.4

An exploitable out of bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets.

8.2
2020-02-08 CVE-2012-4381 Mediawiki Use of Hard-coded Credentials vulnerability in Mediawiki

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict function, could allow remote attackers to use old passwords for non-existing accounts in an external authentication system via unspecified vectors.

8.1
2020-02-05 CVE-2015-0102 IBM Improper Authentication vulnerability in IBM Workflow

IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

8.1
2020-02-05 CVE-2019-11516 Google Out-of-bounds Write vulnerability in Google Android

An issue was discovered in the Bluetooth component of the Cypress (formerly owned by Broadcom) Wireless IoT codebase.

8.1
2020-02-05 CVE-2013-0507 IBM Session Fixation vulnerability in IBM Infosphere Information Server

IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability

8.1
2020-02-04 CVE-2020-8121 Nextcloud Exposure of Resource to Wrong Sphere vulnerability in Nextcloud Server

A bug in Nextcloud Server 14.0.4 could expose more data in reshared link shares than intended by the sharer.

8.1
2020-02-04 CVE-2013-2678 Cisco Injection vulnerability in Cisco Linksys E4200 Firmware 1.0.05

Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter.

8.1
2020-02-04 CVE-2019-15613 Nextcloud
Opensuse
Insufficient Verification of Data Authenticity vulnerability in multiple products

A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.

8.0
2020-02-08 CVE-2019-11484 Whoopsie Project
Canonical
Integer Overflow or Wraparound vulnerability in multiple products

Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.

7.8
2020-02-08 CVE-2019-11481 Canonical
Apport Project
Link Following vulnerability in multiple products

Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges.

7.8
2020-02-08 CVE-2019-17136 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf 9.5.0.20723

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723.

7.8
2020-02-08 CVE-2019-17135 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf 9.5.0.20723

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723.

7.8
2020-02-08 CVE-2019-13334 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf 9.5.0.20723

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723.

7.8
2020-02-08 CVE-2019-13333 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf 9.5.0.20723

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723.

7.8
2020-02-07 CVE-2020-8808 Corsair Unspecified vulnerability in Corsair Icue 3.12.118/3.20.80/3.23.66

The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.

7.8
2020-02-07 CVE-2020-8126 UI OS Command Injection vulnerability in UI Edgeswitch

A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user (Privilege-1) to escalate privileges and became administrator (Privilege-15).

7.8
2020-02-07 CVE-2019-14088 Qualcomm Use After Free vulnerability in Qualcomm products

Possible use after free issue while CRM is accessing the link pointer from device private data due to lack of resource protection in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, MDM9206, MDM9207C, MDM9607, QCS605, SDM429W, SDX24, SM8150, SXR1130

7.8
2020-02-07 CVE-2019-14060 Qualcomm Access of Uninitialized Pointer vulnerability in Qualcomm products

Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due to lack of check of return value for read or write blob in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

7.8
2020-02-07 CVE-2019-14055 Qualcomm Use After Free vulnerability in Qualcomm products

Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR2130

7.8
2020-02-07 CVE-2019-14051 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm Mdm9206 Firmware and Mdm9607 Firmware

Subsequent additions performed during Module loading while allocating the memory would lead to integer overflow and then to buffer overflow in Snapdragon Industrial IOT in MDM9206, MDM9607

7.8
2020-02-07 CVE-2019-14049 Qualcomm Reachable Assertion vulnerability in Qualcomm products

Stage-2 fault will occur while writing to an ION system allocation which has been assigned to non-HLOS memory which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MSM8953, QCN7605, QCS605, SC8180X, SDA845, SDM429, SDM439, SDM450, SDM632, SDX20, SDX24, SDX55, SM8150, SXR1130

7.8
2020-02-07 CVE-2019-14046 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm Qcs605 Firmware, Sdm439 Firmware and Sdx24 Firmware

Out of bound access while allocating memory for an array in camera due to improper validation of elements parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM439, SDX24

7.8
2020-02-07 CVE-2019-14044 Qualcomm Use of Uninitialized Resource vulnerability in Qualcomm products

Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24

7.8
2020-02-07 CVE-2019-14041 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer with physical address information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

7.8
2020-02-07 CVE-2019-14040 Qualcomm Use After Free vulnerability in Qualcomm products

Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150, SXR1130

7.8
2020-02-07 CVE-2019-14002 Qualcomm Incorrect Default Permissions vulnerability in Qualcomm products

APKs without proper permission may bind to CallEnhancementService and can lead to unauthorized access to call status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6574AU, QCS605, QM215, SA6155P, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SM6150, SM8150, SM8250, SXR2130

7.8
2020-02-07 CVE-2019-10567 Qualcomm Unspecified vulnerability in Qualcomm products

There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could allow unintended GPU opcodes to be executed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

7.8
2020-02-07 CVE-2020-8655 Eyesofnetwork Improper Privilege Management vulnerability in Eyesofnetwork 5.30

An issue was discovered in EyesOfNetwork 5.3.

7.8
2020-02-06 CVE-2020-7954 Opservices Missing Authentication for Critical Function vulnerability in Opservices Opmon 9.3.2

An issue was discovered in OpServices OpMon 9.3.2.

7.8
2020-02-06 CVE-2019-15711 Fortinet Unspecified vulnerability in Fortinet Forticlient

A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to run system commands under root privilege via injecting specially crafted "ExportLogs" type IPC client requests to the fctsched process.

7.8
2020-02-06 CVE-2019-20406 Atlassian Uncontrolled Search Path Element vulnerability in Atlassian Confluence

The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path environmental variable variable to inject code & escalate their privileges via a DLL hijacking vulnerability.

7.8
2020-02-06 CVE-2019-20400 Atlassian Uncontrolled Search Path Element vulnerability in Atlassian Jira Server

The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability.

7.8
2020-02-05 CVE-2019-12180 Smartbear Unspecified vulnerability in Smartbear Readyapi and Soapui

An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5.

7.8
2020-02-04 CVE-2020-7221 Mariadb Link Following vulnerability in Mariadb

mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool.

7.8
2020-02-04 CVE-2019-19273 Google
Samsung
Out-of-bounds Write vulnerability in multiple products

On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations.

7.8
2020-02-08 CVE-2014-7863 Zohocorp Information Exposure vulnerability in Zohocorp products

The FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine Applications Manager before 11.9 build 11912, OpManager 8 through 11.5 build 11400, and IT360 10.5 and earlier does not properly restrict access, which allows remote attackers and remote authenticated users to (1) read arbitrary files via the fileName parameter in a copyfile operation or (2) obtain sensitive information via a directory listing in a listdirectory operation to servlet/FailOverHelperServlet.

7.5
2020-02-07 CVE-2019-19356 Netis Systems OS Command Injection vulnerability in Netis-Systems Wf2419 Firmware 1.2.31805/2.2.36123

Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page.

7.5
2020-02-07 CVE-2020-6768 Bosch Path Traversal vulnerability in Bosch products

A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server.

7.5
2020-02-07 CVE-2019-15604 Nodejs
Debian
Opensuse
Redhat
Oracle
Improper Certificate Validation vulnerability in multiple products

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

7.5
2020-02-07 CVE-2013-1202 Cisco Unspecified vulnerability in Cisco ACE Application Control Engine Module A2 3.6/3.6A

Cisco ACE A2(3.6) allows log retention DoS.

7.5
2020-02-07 CVE-2012-1567 Linuxmint Unspecified vulnerability in Linuxmint 20120319

LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate.

7.5
2020-02-07 CVE-2012-1566 Linuxmint Unspecified vulnerability in Linuxmint 20120319

LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny.

7.5
2020-02-06 CVE-2020-5319 Dell Improper Validation of Array Index vulnerability in Dell products

Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server.

7.5
2020-02-06 CVE-2020-5318 Dell Incorrect Authorization vulnerability in Dell EMC Isilon Onefs

Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contain a vulnerability in some configurations.

7.5
2020-02-06 CVE-2012-6309 Arctic Torrent Project Unspecified vulnerability in Arctic Torrent Project Arctic Torrent 1.4

A vulnerability exists in Arctic Torrent 1.4 via unspecified vectors in .torrent file handling, which could let a malicious user cause a Denial of Service.

7.5
2020-02-06 CVE-2020-7953 Opservices Missing Authentication for Critical Function vulnerability in Opservices Opmon 9.3.2

An issue was discovered in OpServices OpMon 9.3.2.

7.5
2020-02-06 CVE-2020-7920 Percona Infinite Loop vulnerability in Percona Monitoring and Management 2.2.0

pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2.1 allows unauthenticated denial of service.

7.5
2020-02-06 CVE-2020-5856 F5 Unspecified vulnerability in F5 products

On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specifically crafted traffic using the default 'xnet' driver, Virtual Edition instances hosted in Amazon Web Services (AWS) may experience a TMM restart.

7.5
2020-02-06 CVE-2013-4572 Mediawiki
Fedoraproject
Session Fixation vulnerability in multiple products

The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user.

7.5
2020-02-06 CVE-2013-4166 Gnome
Redhat
Information Exposure vulnerability in multiple products

The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers to obtain sensitive information.

7.5
2020-02-06 CVE-2019-20104 Atlassian XML Entity Expansion vulnerability in Atlassian Crowd

The OpenID client application in Atlassian Crowd before version 3.6.2, and from version 3.7.0 before 3.7.1 allows remote attackers to perform a Denial of Service attack via an XML Entity Expansion vulnerability.

7.5
2020-02-05 CVE-2013-2680 Cisco Cleartext Storage of Sensitive Information vulnerability in Cisco Linksys E4200 Firmware 1.0.05

Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information.

7.5
2020-02-05 CVE-2010-5304 Libvncserver Project
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message.

7.5
2020-02-05 CVE-2020-3123 Clamav
Canonical
Out-of-bounds Read vulnerability in multiple products

A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.

7.5
2020-02-05 CVE-2020-6833 Gitlab Unspecified vulnerability in Gitlab

An issue was discovered in GitLab EE 11.3 and later.

7.5
2020-02-05 CVE-2020-8507 Rogersmedia Cleartext Transmission of Sensitive Information vulnerability in Rogersmedia Citytv Video

The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends Unencrypted Analytics.

7.5
2020-02-05 CVE-2020-7978 Gitlab Unspecified vulnerability in Gitlab

GitLab EE 12.6 and later through 12.7.2 allows Denial of Service.

7.5
2020-02-05 CVE-2020-7972 Gitlab Incorrect Default Permissions vulnerability in Gitlab

GitLab EE 12.2 has Insecure Permissions (issue 2 of 2).

7.5
2020-02-05 CVE-2020-7969 Gitlab Unspecified vulnerability in Gitlab

GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure.

7.5
2020-02-05 CVE-2020-7968 Gitlab Missing Authorization vulnerability in Gitlab

GitLab EE 8.0 through 12.7.2 has Incorrect Access Control.

7.5
2020-02-05 CVE-2020-7966 Gitlab Path Traversal vulnerability in Gitlab

GitLab EE 11.11 and later through 12.7.2 allows Directory Traversal.

7.5
2020-02-05 CVE-2019-16204 Broadcom Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System

Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwords, common secrets or authentication keys used between the switch and an external server.

7.5
2020-02-05 CVE-2019-16203 Broadcom Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System

Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote ESRS server when these credentials are given as a command line option when configuring the ESRS client.

7.5
2020-02-05 CVE-2020-7216 Opensuse Memory Leak vulnerability in Opensuse Wicked

An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option.

7.5
2020-02-04 CVE-2019-12528 Squid Cache
Fedoraproject
Debian
Opensuse
Canonical
An issue was discovered in Squid before 4.10.
7.5
2020-02-04 CVE-2015-2802 HP Information Exposure vulnerability in HP products

An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information.

7.5
2020-02-04 CVE-2020-8517 Squid Cache
Opensuse
Canonical
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in Squid before 4.10.

7.5
2020-02-04 CVE-2020-8449 Squid Cache
Debian
Canonical
Opensuse
Fedoraproject
Exposure of Resource to Wrong Sphere vulnerability in multiple products

An issue was discovered in Squid before 4.10.

7.5
2020-02-04 CVE-2020-6060 Minisnmpd Project Out-of-bounds Write vulnerability in Minisnmpd Project Minisnmpd 1.4

A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections.

7.5
2020-02-04 CVE-2019-4540 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Directory Server

IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

7.5
2020-02-04 CVE-2019-9674 Python
Canonical
Netapp
Resource Exhaustion vulnerability in multiple products

Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.

7.5
2020-02-04 CVE-2013-2676 Brother Information Exposure vulnerability in Brother Mfc-9970Cdw Firmware 1.10

Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view private IP addresses and other sensitive information.

7.5
2020-02-04 CVE-2011-4937 Joomla Information Exposure vulnerability in Joomla Joomla!

Joomla! 1.7.1 has core information disclosure due to inadequate error checking.

7.5
2020-02-04 CVE-2011-3629 Joomla Inadequate Encryption Strength vulnerability in Joomla Joomla!

Joomla! core 1.7.1 allows information disclosure due to weak encryption

7.5
2020-02-04 CVE-2020-3938 Sysjust Server-Side Request Forgery (SSRF) vulnerability in Sysjust Syuan-Gu-Da-Shin

SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests.

7.5
2020-02-04 CVE-2020-3937 Sysjust SQL Injection vulnerability in Sysjust Syuan-Gu-Da-Shin

SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 20191223, allowing attackers to perform unwanted SQL queries and access arbitrary file in the database.

7.5
2020-02-03 CVE-2016-4676 Apple Information Exposure vulnerability in Apple mac OS X and Safari

A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information.

7.5
2020-02-03 CVE-2013-2674 Brother Information Exposure vulnerability in Brother Mfc-9970Cdw Firmware 1.10

Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view sensitive information from referrer logs due to inadequate handling of HTTP referrer headers.

7.5
2020-02-03 CVE-2019-16893 TP Link Missing Authentication for Critical Function vulnerability in Tp-Link Tp-Sg105E Firmware 1.0.0

The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request.

7.5
2020-02-03 CVE-2013-2672 Brother Insufficiently Protected Credentials vulnerability in Brother Mfc-9970Cdw Firmware 1.10

Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords.

7.5
2020-02-03 CVE-2013-2646 TP Link Unspecified vulnerability in Tp-Link Tl-Wr1043Nd Firmware V1120405

TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability.

7.5
2020-02-03 CVE-2020-8545 Circl Path Traversal vulnerability in Circl AIL Framework 2.8

Global.py in AIL framework 2.8 allows path traversal.

7.5
2020-02-03 CVE-2019-18193 Unisys Information Exposure Through Log Files vulnerability in Unisys Stealth

In Unisys Stealth (core) 3.4.108.0, 3.4.209.x, 4.0.027.x and 4.0.114, key material inadvertently logged under certain conditions.

7.5
2020-02-03 CVE-2020-3927 Changingtec Files or Directories Accessible to External Parties vulnerability in Changingtec Servisign 1.0.19.0617

An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter.

7.5
2020-02-03 CVE-2020-3926 Changingtec Files or Directories Accessible to External Parties vulnerability in Changingtec Servisign 1.0.19.0617

An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter.

7.5
2020-02-06 CVE-2016-9928 Mcabber
Canonical
Debian
Improper Privilege Management vulnerability in multiple products

MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets.

7.4
2020-02-04 CVE-2020-8450 Squid Cache
Canonical
Opensuse
Fedoraproject
Debian
Incorrect Calculation of Buffer Size vulnerability in multiple products

An issue was discovered in Squid before 4.10.

7.3
2020-02-04 CVE-2020-8116 DOT Prop Project Unspecified vulnerability in Dot-Prop Project Dot-Prop

Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.

7.3
2020-02-08 CVE-2015-2062 Huge IT SQL Injection vulnerability in Huge-It Slider

Multiple SQL injection vulnerabilities in the Huge-IT Slider (slider-image) plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popup_posts or edit_cat action in the sliders_huge_it_slider page to wp-admin/admin.php.

7.2
2020-02-04 CVE-2020-4163 IBM Unspecified vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp content and executed.

7.2
2020-02-04 CVE-2019-4541 IBM Unspecified vulnerability in IBM Security Directory Server

IBM Security Directory Server 6.4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity.

7.2
2020-02-07 CVE-2019-16155 Fortinet Unspecified vulnerability in Fortinet Forticlient

A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process.

7.1
2020-02-06 CVE-2020-8648 Linux
Debian
Opensuse
Netapp
Broadcom
Canonical
Use After Free vulnerability in multiple products

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

7.1
2020-02-07 CVE-2020-1708 Redhat Unspecified vulnerability in Redhat Openshift Container Platform

It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from 4.1 to, including 4.3, that multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root.

7.0
2020-02-07 CVE-2019-18988 Teamviewer Weak Password Requirements vulnerability in Teamviewer

TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations.

7.0

134 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-06 CVE-2014-8271 Tianocore Classic Buffer Overflow vulnerability in Tianocore Edk2

Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variable name.

6.8
2020-02-03 CVE-2013-2673 Brother Incorrect Authorization vulnerability in Brother Mfc-9970Cdw Firmware 1.10

Brother MFC-9970CDW 1.10 firmware L devices contain a security bypass vulnerability which allows physically proximate attackers to gain unauthorized access.

6.8
2020-02-08 CVE-2014-9127 Open School Information Exposure vulnerability in Open-School 2.2

Open-School Community Edition 2.2 does not properly restrict access to the export functionality, which allows remote authenticated users to obtain sensitive information via the r parameter with the value export to index.php.

6.5
2020-02-07 CVE-2020-1700 Ceph
Redhat
Opensuse
Canonical
Resource Exhaustion vulnerability in multiple products

A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects.

6.5
2020-02-06 CVE-2012-6341 Netgear Information Exposure vulnerability in Netgear Wgr614V7 Firmware and Wgr614V9 Firmware

An Information Disclosure vulnerability exists in the my config file in NEtGEAR WGR614 v7 and v9, which could let a malicious user recover all previously used passwords on the device, for both the control panel and WEP/WPA/WPA2, in plaintext.

6.5
2020-02-06 CVE-2020-6856 SOS Berlin XML Entity Expansion vulnerability in Sos-Berlin Jobscheduler 1.11/1.13.2

An XML External Entity (XEE) vulnerability exists in the JOC Cockpit component of SOS JobScheduler 1.12 and 1.13.2 allows attackers to read files from the server via an entity declaration in any of the XML documents that are used to specify the run-time settings of jobs and orders.

6.5
2020-02-06 CVE-2020-6855 SOS Berlin Infinite Loop vulnerability in Sos-Berlin Jobscheduler 1.11/1.13.2

A large or infinite loop vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to parameterize housekeeping jobs in a way that exhausts system resources and results in a denial of service.

6.5
2020-02-06 CVE-2020-6767 Bosch Path Traversal vulnerability in Bosch products

A path traversal vulnerability in the Bosch Video Management System (BVMS) FileTransferService allows an authenticated remote attacker to read arbitrary files from the Central Server.

6.5
2020-02-06 CVE-2019-17652 Fortinet Out-of-bounds Write vulnerability in Fortinet Forticlient

A stack buffer overflow vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to cause FortiClient processes running under root priviledge crashes via sending specially crafted "StartAvCustomScan" type IPC client requests to the fctsched process due the argv data not been well sanitized.

6.5
2020-02-06 CVE-2019-16152 Fortinet Improper Input Validation vulnerability in Fortinet Forticlient

A Denial of service (DoS) vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to cause FortiClient processes running under root privilege crashes via sending specially crafted IPC client requests to the fctsched process due the nanomsg not been correctly validated.

6.5
2020-02-06 CVE-2016-7524 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

6.5
2020-02-06 CVE-2016-7523 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

6.5
2020-02-06 CVE-2010-3917 Google Information Exposure vulnerability in Google Chrome

Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to obtain sensitive information via a crafted web site.

6.5
2020-02-06 CVE-2019-20401 Atlassian Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Server

Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configure a Jira instance, which has not yet finished being installed, via Cross-site request forgery (CSRF) vulnerabilities.

6.5
2020-02-05 CVE-2020-3120 Cisco Integer Overflow or Wraparound vulnerability in Cisco products

A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.

6.5
2020-02-05 CVE-2013-2675 Brother Improper Restriction of Rendered UI Layers or Frames vulnerability in Brother Mfc-9970Cdw Firmware 1.10

Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response (Clickjacking) vulnerability which could allow remote attackers to obtain sensitive information.

6.5
2020-02-05 CVE-2019-4670 IBM Unspecified vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper data representation.

6.5
2020-02-04 CVE-2020-8615 Themeum Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS

A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).

6.5
2020-02-04 CVE-2019-15621 Nextcloud Improper Preservation of Permissions vulnerability in Nextcloud Server

Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link.

6.5
2020-02-04 CVE-2020-5236 Agendaless Resource Exhaustion vulnerability in Agendaless Waitress 1.4.2

Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters.

6.5
2020-02-03 CVE-2020-5182 Cmsjunkie Improper Privilege Management vulnerability in Cmsjunkie J-Businessdirectory

The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing.

6.5
2020-02-03 CVE-2019-4732 IBM Untrusted Search Path vulnerability in IBM SDK and Websphere Application Server

IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client.

6.5
2020-02-03 CVE-2019-18567 HP Out-of-bounds Read vulnerability in HP Bromium 4.0.3.2060/4.1.7

Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an out of bound read results in race condition causing Kernel memory leaks or denial of service.

6.3
2020-02-08 CVE-2012-4029 Chamilo Cross-site Scripting vulnerability in Chamilo

Cross-site scripting (XSS) vulnerability in main/dropbox/index.php in Chamilo LMS before 1.8.8.6 allows remote attackers to inject arbitrary web script or HTML via the category_name parameter in an addsentcategory action.

6.1
2020-02-08 CVE-2014-9470 Fork CMS Cross-site Scripting vulnerability in Fork-Cms Fork CMS

Cross-site scripting (XSS) vulnerability in the loadForm function in Frontend/Modules/Search/Actions/Index.php in Fork CMS before 3.8.4 allows remote attackers to inject arbitrary web script or HTML via the q_widget parameter to en/search.

6.1
2020-02-08 CVE-2014-9126 Open School Cross-site Scripting vulnerability in Open-School 2.2

Multiple cross-site scripting (XSS) vulnerabilities in Open-School Community Edition 2.2 allow remote attackers to inject arbitrary web script or HTML via the YII_CSRF_TOKEN HTTP cookie or the StudentDocument, StudentCategories, StudentPreviousDatas parameters to index.php.

6.1
2020-02-07 CVE-2011-1086 Openfiler Cross-site Scripting vulnerability in Openfiler 2.3

Cross-site scripting (XSS) vulnerability in admin/system.html in Openfiler 2.3 allows remote attackers to inject arbitrary web script or HTML via the device parameter.

6.1
2020-02-07 CVE-2011-1084 Smoothwall Cross-site Scripting vulnerability in Smoothwall Express 3.0

A cross-site scripting (XSS) vulnerability in Smoothwall Express 3.

6.1
2020-02-07 CVE-2014-6413 Watchguard Cross-site Scripting vulnerability in Watchguard Fireware XTM 11.8.3

A Cross-site Scripting (XSS) vulnerability exists in WatchGuard XTM 11.8.3 via the poll_name parameter in the firewall/policy script.

6.1
2020-02-07 CVE-2020-8788 Synaptivemedical Cross-site Scripting vulnerability in Synaptivemedical Clearcanvas 3.0

Synaptive Medical ClearCanvas ImageServer 3.0 Alpha allows XSS (and HTML injection) via the Default.aspx UserName parameter.

6.1
2020-02-07 CVE-2013-2008 Automattic Cross-site Scripting vulnerability in Automattic WP Super Cache 1.3

WordPress Super Cache Plugin 1.3 has XSS.

6.1
2020-02-06 CVE-2013-2684 Cisco Cross-site Scripting vulnerability in Cisco Linksys E4200 Firmware 1.0.05

Cross-site Scripting (XSS) in Cisco Linksys E4200 1.0.05 Build 7 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1
2020-02-06 CVE-2014-2875 Keplerproject Improper Restriction of Excessive Authentication Attempts vulnerability in Keplerproject Cgilua

The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated based on OS time, which allows remote attackers to hijack arbitrary sessions via a brute force attack.

6.1
2020-02-06 CVE-2014-10400 Keplerproject Session Fixation vulnerability in Keplerproject Cgilua

The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions.

6.1
2020-02-06 CVE-2014-10399 Keplerproject Session Fixation vulnerability in Keplerproject Cgilua

The session.lua library in CGILua 5.1.x uses the same ID for each session, which allows remote attackers to hijack arbitrary sessions.

6.1
2020-02-06 CVE-2012-2593 Atmail Cross-site Scripting vulnerability in Atmail 6.4.0

Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.

6.1
2020-02-06 CVE-2020-5528 Sixapart Cross-site Scripting vulnerability in Sixapart Movable Type

Cross-site scripting vulnerability in Movable Type series (Movable Type 7 r.4603 and earlier (Movable Type 7), Movable Type 6.5.2 and earlier (Movable Type 6.5), Movable Type Advanced 7 r.4603 and earlier (Movable Type Advanced 7), Movable Type Advanced 6.5.2 and earlier (Movable Type Advanced 6.5), Movable Type Premium 1.26 and earlier (Movable Type Premium), and Movable Type Premium Advanced 1.26 and earlier (Movable Type Premium Advanced)) allows remote attackers to inject arbitrary web script or HTML in the block editor and the rich text editor via a specially crafted URL.

6.1
2020-02-06 CVE-2020-8647 Linux
Debian
Opensuse
Use After Free vulnerability in multiple products

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.

6.1
2020-02-05 CVE-2011-1150 Bbpress Cross-site Scripting vulnerability in Bbpress 1.0.2

bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter.

6.1
2020-02-05 CVE-2011-1069 Phpshop Cross-site Scripting vulnerability in PHPshop 0.8.1

PHPShop through 0.8.1 has XSS.

6.1
2020-02-05 CVE-2011-1009 Vanillaforums Cross-site Scripting vulnerability in Vanillaforums Vanilla

Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php via the p parameter.

6.1
2020-02-05 CVE-2019-20173 Auth0 Cross-site Scripting vulnerability in Auth0 Login BY Auth0 3.11.0/3.11.1/3.11.2

The Auth0 wp-auth0 plugin 3.11.x before 3.11.3 for WordPress allows XSS via a wle parameter associated with wp-login.php.

6.1
2020-02-05 CVE-2010-4662 Pmwiki Cross-site Scripting vulnerability in Pmwiki

PmWiki before 2.2.21 has XSS.

6.1
2020-02-05 CVE-2020-7973 Gitlab Cross-site Scripting vulnerability in Gitlab

GitLab through 12.7.2 allows XSS.

6.1
2020-02-05 CVE-2020-7971 Gitlab Cross-site Scripting vulnerability in Gitlab

GitLab EE 11.0 and later through 12.7.2 allows XSS.

6.1
2020-02-04 CVE-2020-8120 Nextcloud Cross-site Scripting vulnerability in Nextcloud Server 16.0.1

A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16.0.1 was discovered in the svg generation.

6.1
2020-02-04 CVE-2020-8115 Revive Adserver Cross-site Scripting vulnerability in Revive-Adserver Revive Adserver

A reflected XSS vulnerability has been discovered in the publicly accessible afr.php delivery script of Revive Adserver <= 5.0.3 by Jacopo Tediosi.

6.1
2020-02-04 CVE-2019-15615 Nextcloud Improper Authentication vulnerability in Nextcloud

A wrong check for the system time in the Android App 3.9.0 causes a bypass of the lock protection when changing the time of the system to the past.

6.1
2020-02-04 CVE-2019-4548 IBM Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Security Directory Server

IBM Security Directory Server 6.4.0 could allow a remote attacker to hijack the clicking action of the victim.

6.1
2020-02-04 CVE-2013-7054 Dlink Cross-site Scripting vulnerability in Dlink Dir-100 Firmware 4.03B07

D-Link DIR-100 4.03B07: cli.cgi XSS

6.1
2020-02-04 CVE-2020-3939 Sysjust Cross-site Scripting vulnerability in Sysjust Syuan-Gu-Da-Shin

SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Cross-Site Scripting(XSS), personal information may be leaked to attackers via the vulnerability.

6.1
2020-02-03 CVE-2019-20174 Auth0 Cross-site Scripting vulnerability in Auth0 Lock

Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used with an untrusted placeholder.

6.1
2020-02-03 CVE-2020-8549 Wpchill Cross-site Scripting vulnerability in Wpchill Strong Testimonials

Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPress can result in an attacker performing malicious actions such as stealing session tokens.

6.1
2020-02-03 CVE-2020-8548 Masscode Cross-site Scripting vulnerability in Masscode 1.0.0

massCode 1.0.0-alpha.6 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true).

6.1
2020-02-03 CVE-2013-2623 Telaen Project Cross-site Scripting vulnerability in Telaen Project Telaen

Cross-site Scripting (XSS) in Telaen before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the "f_email" parameter in index.php.

6.1
2020-02-03 CVE-2013-2622 Uebimiau Cross-site Scripting vulnerability in Uebimiau 2.7.11

Cross-site Scripting (XSS) in UebiMiau 2.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the "selected_theme" parameter in error.php.

6.1
2020-02-03 CVE-2013-2621 Telaen Project Open Redirect vulnerability in Telaen Project Telaen

Open Redirection Vulnerability in the redir.php script in Telaen before 1.3.1 allows remote attackers to redirect victims to arbitrary websites via a crafted URL.

6.1
2020-02-07 CVE-2019-13163 Fujitsu Inadequate Encryption Strength vulnerability in Fujitsu products

The Fujitsu TLS library allows a man-in-the-middle attack.

5.9
2020-02-07 CVE-2013-3096 Dlink Improper Authentication vulnerability in Dlink Dir865L Firmware 1.03

D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability.

5.9
2020-02-06 CVE-2020-5720 Mikrotik Path Traversal vulnerability in Mikrotik Winbox 3.18/3.20

MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions.

5.9
2020-02-06 CVE-2020-5854 F5 Unspecified vulnerability in F5 products

On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under certain circumstances when using the connector profile if a specific sequence of connections are made.

5.9
2020-02-06 CVE-2020-8649 Linux
Opensuse
Debian
Use After Free vulnerability in multiple products

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.

5.9
2020-02-04 CVE-2019-15612 Nextcloud Session Fixation vulnerability in Nextcloud Server

A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the password of the user is reset.

5.9
2020-02-03 CVE-2019-11251 Kubernetes Link Following vulnerability in Kubernetes

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation.

5.7
2020-02-06 CVE-2020-8608 Libslirp Project
Debian
Opensuse
Classic Buffer Overflow vulnerability in multiple products

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

5.6
2020-02-05 CVE-2011-0220 Apple Improper Input Validation vulnerability in Apple Bonjour

Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet.

5.5
2020-02-05 CVE-2020-8632 Canonical
Opensuse
Debian
Weak Password Requirements vulnerability in multiple products

In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.

5.5
2020-02-05 CVE-2020-8631 Canonical
Opensuse
Debian
Use of Insufficiently Random Values vulnerability in multiple products

cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.

5.5
2020-02-03 CVE-2020-4224 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Storediq

IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links.

5.5
2020-02-03 CVE-2019-19119 Paessler Insufficiently Protected Credentials vulnerability in Paessler Prtg Network Monitor

An issue was discovered in PRTG 7.x through 19.4.53.

5.5
2020-02-08 CVE-2015-2207 Netcracker Cross-site Scripting vulnerability in Netcracker Resource Management System

Multiple cross-site scripting (XSS) vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to inject arbitrary web script or HTML via the (1) ctrl, (2) t90001_0_theform_selection, (3) _scroll, (4) tableName, (5) parent, (6) circuit, (7) return, (8) xname, or (9) mpTransactionId parameter.

5.4
2020-02-08 CVE-2015-1394 10Web Cross-site Scripting vulnerability in 10Web Photo Gallery

Multiple cross-site scripting (XSS) vulnerabilities in the Photo Gallery plugin before 1.2.11 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) sort_by, (2) sort_order, (3) items_view, (4) dir, (5) clipboard_task, (6) clipboard_files, (7) clipboard_src, or (8) clipboard_dest parameters in an addImages action to wp-admin/admin-ajax.php.

5.4
2020-02-07 CVE-2020-8812 Bludit Cross-site Scripting vulnerability in Bludit 3.10.0

Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor.

5.4
2020-02-07 CVE-2013-3067 Linksys Cross-site Scripting vulnerability in Linksys Wrt310N Firmware 2.0.0.1

Linksys WRT310Nv2 2.0.0.1 is vulnerable to XSS.

5.4
2020-02-07 CVE-2020-1768 Otrs Insufficient Session Expiration vulnerability in Otrs

The external frontend system uses numerous background calls to the backend.

5.4
2020-02-07 CVE-2013-3637 Projectpier Cross-site Scripting vulnerability in Projectpier 0.8.8

ProjectPier 0.8.8 does not use the Secure flag for cookies

5.4
2020-02-07 CVE-2013-3636 Projectpier Cross-site Scripting vulnerability in Projectpier 0.8.8

ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly cookie flag

5.4
2020-02-07 CVE-2013-3635 Projectpier Cross-site Scripting vulnerability in Projectpier 0.8.8

ProjectPier 0.8.8 has stored XSS

5.4
2020-02-05 CVE-2020-6854 SOS Berlin Cross-site Scripting vulnerability in Sos-Berlin Jobscheduler 1.11/1.13.2

A cross-site scripting (XSS) vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to inject arbitrary web script or HTML via JSON properties available from the REST API.

5.4
2020-02-04 CVE-2019-15617 Nextcloud Unspecified vulnerability in Nextcloud Server

A missing check in Nextcloud Server 17.0.0 allowed an attacker to set up a new second factor when trying to login.

5.4
2020-02-04 CVE-2019-15614 Nextcloud Cross-site Scripting vulnerability in Nextcloud

Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files.

5.4
2020-02-04 CVE-2015-3612 Fortinet Cross-site Scripting vulnerability in Fortinet Fortimanager

A Cross-site Scripting (XSS) vulnerability exists in FortiManager 5.2.1 and earlier and 5.0.10 and earlier via an unspecified parameter in the FortiWeb auto update service page.

5.4
2020-02-04 CVE-2019-4451 IBM Cross-site Scripting vulnerability in IBM Security Identity Manager

IBM Security Identity Manager 6.0.0 is vulnerable to cross-site scripting.

5.4
2020-02-04 CVE-2019-19968 Pandorafms Cross-site Scripting vulnerability in Pandorafms Pandora FMS 742

PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components.

5.4
2020-02-07 CVE-2014-5278 Docker Unspecified vulnerability in Docker

A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs.

5.3
2020-02-07 CVE-2010-4658 Status Injection vulnerability in Status Statusnet 2010

statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks.

5.3
2020-02-06 CVE-2013-3564 Videolan Information Exposure vulnerability in Videolan VLC Media Player

The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating.

5.3
2020-02-06 CVE-2013-2683 Cisco Information Exposure vulnerability in Cisco Linksys E4200 Firmware 1.0.05

Cisco Linksys E4200 1.0.05 Build 7 devices contain an Information Disclosure Vulnerability which allows remote attackers to obtain private IP addresses and other sensitive information.

5.3
2020-02-06 CVE-2019-19800 Zohocorp Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Applications Manager 14.0

Zoho ManageEngine Applications Manager 14 before 14520 allows a remote unauthenticated attacker to disclose OS file names via FailOverHelperServlet.

5.3
2020-02-06 CVE-2019-12426 Apache Unspecified vulnerability in Apache Ofbiz

an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06

5.3
2020-02-06 CVE-2019-20403 Atlassian Unspecified vulnerability in Atlassian Jira Server

The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to determine if a Jira project key exists or not via an information disclosure vulnerability.

5.3
2020-02-05 CVE-2020-8506 Corusent Cleartext Transmission of Sensitive Information vulnerability in Corusent Global TV

The Global TV application 2.3.2 for Android and 4.7.5 for iOS sends Unencrypted Analytics.

5.3
2020-02-05 CVE-2020-7977 Gitlab Incorrect Default Permissions vulnerability in Gitlab

GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions.

5.3
2020-02-05 CVE-2020-7976 Gitlab Unspecified vulnerability in Gitlab

GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Control.

5.3
2020-02-05 CVE-2020-7974 Gitlab Unspecified vulnerability in Gitlab

GitLab EE 10.1 through 12.7.2 allows Information Disclosure.

5.3
2020-02-05 CVE-2020-7979 Gitlab Incorrect Default Permissions vulnerability in Gitlab

GitLab EE 8.9 and later through 12.7.2 has Insecure Permission

5.3
2020-02-04 CVE-2020-8124 URL Parse Project Improper Input Validation vulnerability in Url-Parse Project Url-Parse

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

5.3
2020-02-04 CVE-2019-15623 Nextcloud
Suse
Opensuse
Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.
5.3
2020-02-04 CVE-2019-4562 IBM Information Exposure vulnerability in IBM Security Directory Server

IBM Security Directory Server 6.4.0 stores sensitive information in URLs.

5.3
2020-02-04 CVE-2019-4551 IBM Missing Authentication for Critical Function vulnerability in IBM Security Directory Server

IBM Security Directory Server 6.4.0 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas.

5.3
2020-02-04 CVE-2019-4550 IBM Unspecified vulnerability in IBM Security Directory Server

IBM Security Directory Server 6.4.0 is deployed with active debugging code that can create unintended entry points.

5.3
2020-02-04 CVE-2013-1422 Webcalendar Project Information Exposure Through Discrepancy vulnerability in Webcalendar Project Webcalendar

webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user").

5.3
2020-02-04 CVE-2011-4912 Joomla Incorrect Permission Assignment for Critical Resource vulnerability in Joomla Joomla!

Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass.

5.3
2020-02-03 CVE-2013-2631 Tinywebgallery Information Exposure vulnerability in Tinywebgallery

TinyWebGallery (TWG) 1.8.9 and earlier contains a full path disclosure vulnerability which allows remote attackers to obtain sensitive information through the parameters "twg_browserx" and "twg_browsery" in the page image.php.

5.3
2020-02-03 CVE-2013-2624 Telaen Project Information Exposure vulnerability in Telaen Project Telaen

Telean before 1.3.1 contains a full path disclosure vulnerability which could allow remote attackers to obtain sensitive information through a specially crafted URL request.

5.3
2020-02-03 CVE-2014-8328 Dynamic Content Elements Project Information Exposure vulnerability in Dynamic Content Elements Project Dynamic Content Elements

The default configuration in the Dynamic Content Elements (dce) extension before 0.11.5 for TYPO3 allows remote attackers to obtain sensitive installation environment information by reading the update check request.

5.3
2020-02-04 CVE-2020-8118 Nextcloud
Novell
Opensuse
Server-Side Request Forgery (SSRF) vulnerability in multiple products

An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.

5.0
2020-02-07 CVE-2013-0192 Simplemachines Information Exposure vulnerability in Simplemachines Simple Machines Forum

File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config.

4.9
2020-02-06 CVE-2019-20402 Atlassian Unspecified vulnerability in Atlassian Jira

Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an improper authorization vulnerability.

4.9
2020-02-04 CVE-2020-8123 Strapi Resource Exhaustion vulnerability in Strapi

A denial of service exists in strapi v3.0.0-beta.18.3 and earlier that can be abused in the admin console using admin rights can lead to arbitrary restart of the application.

4.9
2020-02-04 CVE-2019-15624 Nextcloud
Opensuse
Suse
Improper Input Validation vulnerability in multiple products

Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.

4.9
2020-02-04 CVE-2019-15611 Nextcloud Unspecified vulnerability in Nextcloud

Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g.

4.9
2020-02-04 CVE-2019-4674 IBM Path Traversal vulnerability in IBM Security Identity Manager 7.0.1

IBM Security Identity Manager 7.0.1 could allow a remote attacker to traverse directories on the system.

4.9
2020-02-06 CVE-2020-5317 Dell Cross-site Scripting vulnerability in Dell EMC Elastic Cloud Storage 3.4.0.0

Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability.

4.8
2020-02-05 CVE-2020-3149 Cisco Cross-site Scripting vulnerability in Cisco Identity Services Engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack on an affected device.

4.8
2020-02-05 CVE-2019-15253 Cisco Cross-site Scripting vulnerability in Cisco DNA Center

A vulnerability in the web-based management interface of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

4.8
2020-02-04 CVE-2019-15619 Nextcloud Cross-site Scripting vulnerability in Nextcloud Talk

Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project.

4.8
2020-02-04 CVE-2019-15618 Nextcloud Cross-site Scripting vulnerability in Nextcloud Server

Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting the updater from a malicious location.

4.8
2020-02-08 CVE-2019-11482 Canonical
Apport Project
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products

Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.

4.7
2020-02-06 CVE-2012-6340 Netgear Improper Authentication vulnerability in Netgear Wgr614V7 Firmware and Wgr614V9 Firmware

An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002.

4.6
2020-02-08 CVE-2012-5570 Basic Webmail Project Information Exposure vulnerability in Basic Webmail Project Basic Webmail 6.X1.0/6.X1.1/6.X1.X

The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses.

4.3
2020-02-07 CVE-2020-8811 Bludit Missing Authorization vulnerability in Bludit 3.10.0

ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated users to change other users' profile pictures.

4.3
2020-02-06 CVE-2020-5855 F5 Unspecified vulnerability in F5 Big-Ip Access Policy Manager

When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client for Windows, unauthorized users who have physical access to an authorized user's machine can get shell access under unprivileged user.

4.3
2020-02-06 CVE-2019-20405 Atlassian Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Server

The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to turn the JMX monitoring flag off or on via a Cross-site request forgery (CSRF) vulnerability.

4.3
2020-02-06 CVE-2019-20404 Atlassian Unspecified vulnerability in Atlassian Jira Data Center and Jira Server

The API in Atlassian Jira Server and Data Center before version 8.6.0 allows authenticated remote attackers to determine project titles they do not have access to via an improper authorization vulnerability.

4.3
2020-02-06 CVE-2019-20106 Atlassian Incorrect Default Permissions vulnerability in Atlassian products

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control bug.

4.3
2020-02-05 CVE-2013-2682 Cisco Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Linksys E4200 Firmware 1.0.05

Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information.

4.3
2020-02-05 CVE-2020-7967 Gitlab Incorrect Default Permissions vulnerability in Gitlab

GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2).

4.3
2020-02-04 CVE-2020-8122 Nextcloud Improper Input Validation vulnerability in Nextcloud Server

A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of a share they received.

4.3
2020-02-04 CVE-2020-8119 Nextcloud Incorrect Authorization vulnerability in Nextcloud Server

Improper authorization in Nextcloud server 17.0.0 causes leaking of previews and files when a file-drop share link is opened via the gallery app.

4.3
2020-02-04 CVE-2020-8117 Nextcloud Improper Preservation of Permissions vulnerability in Nextcloud Server

Improper preservation of permissions in Nextcloud Server 14.0.3 causes the event details to be leaked when sharing a non-public event.

4.3
2020-02-04 CVE-2019-15616 Nextcloud Injection vulnerability in Nextcloud Server

Dangling remote share attempts in Nextcloud 16 allow a DNS pollution when running long.

4.3
2020-02-04 CVE-2019-15610 Nextcloud Unspecified vulnerability in Nextcloud Circles

Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle.

4.3
2020-02-03 CVE-2020-7993 Prototypejs Missing Authorization vulnerability in Prototypejs Prototype 1.6.0.1

Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation (on behalf of other user accounts) via a modified email ID field.

4.3

7 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-05 CVE-2019-4616 IBM Missing Encryption of Sensitive Data vulnerability in IBM Cloud Automation Manager 3.2.1.0

IBM Cloud Automation Manager 3.2.1.0 does not set the secure attribute on authorization tokens or session cookies.

3.5
2020-02-08 CVE-2019-11485 Apport Project
Canonical
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
3.3
2020-02-08 CVE-2019-11483 Apport Project
Canonical
Sander Bos discovered Apport mishandled crash dumps originating from containers.
3.3
2020-02-06 CVE-2016-1544 Nghttp2
Fedoraproject
Resource Exhaustion vulnerability in multiple products

nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion).

3.3
2020-02-05 CVE-2019-15126 Apple
Broadcom
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products

An issue was discovered on Broadcom Wi-Fi client devices.

3.1
2020-02-04 CVE-2019-15620 Nextcloud Unspecified vulnerability in Nextcloud Talk

Improper access control in Nextcloud Talk 6.0.3 leaks the existance and the name of private conversations when linked them to another shared item via the projects feature.

2.7
2020-02-04 CVE-2019-15622 Nextcloud SQL Injection vulnerability in Nextcloud

Not strictly enough sanitization in the Nextcloud Android app 3.6.0 allowed an attacker to get content information from protected tables when using custom queries.

2.4