Weekly Vulnerabilities Reports > February 17 to 23, 2020

Overview

274 new vulnerabilities reported during this period, including 63 critical vulnerabilities and 101 high severity vulnerabilities. This weekly summary report vulnerabilities in 584 products from 153 vendors including Huawei, Cisco, Debian, IBM, and Fedoraproject. Vulnerabilities are notably categorized as "Cross-site Scripting", "OS Command Injection", "Out-of-bounds Write", "SQL Injection", and "Cross-Site Request Forgery (CSRF)".

  • 220 reported vulnerabilities are remotely exploitables.
  • 28 reported vulnerabilities have public exploit available.
  • 99 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 199 reported vulnerabilities are exploitable by an anonymous user.
  • Huawei has the most reported vulnerabilities, with 22 reported vulnerabilities.
  • Redhat has the most reported critical vulnerabilities, with 7 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

63 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-23 CVE-2020-9355 Networkmanager SSH Project
Debian
danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalation because extra options are mishandled.
9.8
2020-02-23 CVE-2020-9352 Smartclient XXE vulnerability in Smartclient 12.0

An issue was discovered in SmartClient 12.0.

9.8
2020-02-22 CVE-2020-9039 Couchbase Incorrect Default Permissions vulnerability in Couchbase Server

Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an endpoint that administrators can use for various tasks such as updating configuration and collecting performance profiles.

9.8
2020-02-21 CVE-2012-0828 Xchat WDK
Xchat
Gnome
Out-of-bounds Write vulnerability in multiple products

Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP).

9.8
2020-02-21 CVE-2020-6841 Dlink OS Command Injection vulnerability in Dlink Dch-M225 Firmware 1.05B01

D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.

9.8
2020-02-21 CVE-2016-4606 Haxx Unspecified vulnerability in Haxx Curl

Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions.

9.8
2020-02-20 CVE-2020-9015 Arista Unspecified vulnerability in Arista products

Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly other products) allow attackers to bypass intended TACACS+ shell restrictions via a | character.

9.8
2020-02-20 CVE-2020-3765 Adobe Out-of-bounds Write vulnerability in Adobe After Effects

Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds write vulnerability.

9.8
2020-02-20 CVE-2014-4650 Python
Redhat
Path Traversal vulnerability in multiple products

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.

9.8
2020-02-20 CVE-2014-4657 Redhat Improper Input Validation vulnerability in Redhat Ansible

The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.

9.8
2020-02-20 CVE-2014-3484 Musl Libc Out-of-bounds Write vulnerability in Musl-Libc Musl

Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output.

9.8
2020-02-20 CVE-2014-4678 Redhat
Debian
Injection vulnerability in multiple products

The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.

9.8
2020-02-20 CVE-2013-2018 Berkeley SQL Injection vulnerability in Berkeley Boinc

Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

9.8
2020-02-19 CVE-2020-6970 Emerson Out-of-bounds Write vulnerability in Emerson Openenterprise Scada Server 2.8.3/3.1/3.3.3

A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server.

9.8
2020-02-19 CVE-2020-3943 Vmware Unspecified vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured.

9.8
2020-02-19 CVE-2014-9614 Netsweeper Use of Hard-coded Credentials vulnerability in Netsweeper

The Web Panel in Netsweeper before 4.0.5 has a default password of branding for the branding account, which makes it easier for remote attackers to obtain access via a request to webadmin/.

9.8
2020-02-19 CVE-2014-9613 Netsweeper SQL Injection vulnerability in Netsweeper

Multiple SQL injection vulnerabilities in Netsweeper before 2.6.29.10 allow remote attackers to execute arbitrary SQL commands via the (1) login parameter to webadmin/auth/verification.php or (2) dpid parameter to webadmin/deny/index.php.

9.8
2020-02-19 CVE-2014-9612 Netsweeper SQL Injection vulnerability in Netsweeper

SQL injection vulnerability in remotereporter/load_logfiles.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to execute arbitrary SQL commands via the server parameter.

9.8
2020-02-19 CVE-2020-6061 Coturn Project
Fedoraproject
Debian
Canonical
Out-of-bounds Read vulnerability in multiple products

An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests.

9.8
2020-02-19 CVE-2020-8441 Jyaml Project Deserialization of Untrusted Data vulnerability in Jyaml Project Jyaml

JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load() function.

9.8
2020-02-19 CVE-2019-4640 IBM Origin Validation Error vulnerability in IBM Security Secret Server

IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code.

9.8
2020-02-19 CVE-2014-2727 Trustwave OS Command Injection vulnerability in Trustwave Mailmarshal

The STARTTLS implementation in MailMarshal before 7.2 allows plaintext command injection.

9.8
2020-02-19 CVE-2014-2228 Talend XML Entity Expansion vulnerability in Talend Restlet 1.1.10/2.1.7/2.2

The XStream extension in HP Fortify SCA before 2.2 RC3 allows remote attackers to execute arbitrary code via unsafe deserialization of XML messages.

9.8
2020-02-19 CVE-2016-1000005 Facebook Type Confusion vulnerability in Facebook Hhvm

mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in.

9.8
2020-02-19 CVE-2016-1000004 Facebook Insufficient Verification of Data Authenticity vulnerability in Facebook Hhvm

Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom.

9.8
2020-02-19 CVE-2014-3622 PHP Use After Free vulnerability in PHP 5.6.0

Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.

9.8
2020-02-19 CVE-2019-20478 Ruamel Yaml Project Unspecified vulnerability in Ruamel.Yaml Project Ruamel.Yaml

In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument.

9.8
2020-02-19 CVE-2019-20477 Pyyaml
Fedoraproject
Deserialization of Untrusted Data vulnerability in multiple products

PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module.

9.8
2020-02-18 CVE-2020-7796 Synacor Server-Side Request Forgery (SSRF) vulnerability in Synacor Zimbra Collaboration Suite

Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled.

9.8
2020-02-18 CVE-2015-7567 Yeager SQL Injection vulnerability in Yeager CMS 1.2.1

SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passwordreset&token" parameter.

9.8
2020-02-18 CVE-2019-10791 Promise Probe Project OS Command Injection vulnerability in Promise-Probe Project Promise-Probe

promise-probe before 0.10.0 allows remote attackers to perform a command injection attack.

9.8
2020-02-18 CVE-2014-3879 Freebsd Improper Authentication vulnerability in Freebsd

OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include directive refers to a policy that does not exist, which causes the loaded policy chain to no be discarded and allows context-dependent attackers to bypass authentication via a login (1) without a password or (2) with an incorrect password.

9.8
2020-02-18 CVE-2013-6295 Prestashop Improper Privilege Management vulnerability in Prestashop 1.5.5.0

PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module

9.8
2020-02-18 CVE-2013-3323 IBM Improper Privilege Management vulnerability in IBM products

A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.

9.8
2020-02-18 CVE-2020-7450 Freebsd Out-of-bounds Write vulnerability in Freebsd 11.3/12.0/12.1

In FreeBSD 12.1-STABLE before r357213, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r357214, and 11.3-RELEASE before 11.3-RELEASE-p6, URL handling in libfetch with URLs containing username and/or password components is vulnerable to a heap buffer overflow allowing program misbehavior or malicious code execution.

9.8
2020-02-18 CVE-2019-5613 Freebsd Insufficient Verification of Data Authenticity vulnerability in Freebsd 12.0

In FreeBSD 12.0-RELEASE before 12.0-RELEASE-p13, a missing check in the ipsec packet processor allows reinjection of an old packet to be accepted by the ipsec endpoint.

9.8
2020-02-18 CVE-2014-4967 Redhat Injection vulnerability in Redhat Ansible

Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing " src=" clause, (2) a trailing " temp=" clause, or (3) a trailing " validate=" clause accompanied by a shell command.

9.8
2020-02-18 CVE-2014-4966 Redhat Injection vulnerability in Redhat Ansible

Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data.

9.8
2020-02-18 CVE-2015-6970 Boschsecurity XML Injection (aka Blind XPath Injection) vulnerability in Boschsecurity Nbn-498 Dinion2X Day/Night IP Cameras Firmware 4.54.0026

The web interface in Bosch Security Systems NBN-498 Dinion2X Day/Night IP Cameras with H.264 Firmware 4.54.0026 allows remote attackers to conduct XML injection attacks via the idstring parameter to rcp.xml.

9.8
2020-02-18 CVE-2014-4651 Apache Improper Input Validation vulnerability in Apache Jclouds 1.7.3

It was found that the jclouds scriptbuilder Statements class wrote a temporary file to a predictable location.

9.8
2020-02-18 CVE-2015-1425 Jakweb Improper Input Validation vulnerability in Jakweb Gecko CMS 2.2/2.3

JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities

9.8
2020-02-18 CVE-2020-8012 Broadcom Classic Buffer Overflow vulnerability in Broadcom Unified Infrastructure Management

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component.

9.8
2020-02-18 CVE-2020-8010 Broadcom Unspecified vulnerability in Broadcom Unified Infrastructure Management

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component.

9.8
2020-02-17 CVE-2014-8089 Zend
Redhat
Fedoraproject
SQL Injection vulnerability in multiple products

SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte.

9.8
2020-02-17 CVE-2014-4981 Xorux OS Command Injection vulnerability in Xorux Lpar2Rrd

LPAR2RRD in 3.5 and earlier allows remote attackers to execute arbitrary commands due to insufficient input sanitization of the web GUI parameters.

9.8
2020-02-17 CVE-2020-1693 Redhat XXE vulnerability in Redhat Spacewalk 1.6/2.6

A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint.

9.8
2020-02-17 CVE-2015-6922 Kaseya Improper Authentication vulnerability in Kaseya Virtual System Administrator

Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 does not properly require authentication, which allows remote attackers to bypass authentication and (1) add an administrative account via crafted request to LocalAuth/setAccount.aspx or (2) write to and execute arbitrary files via a full pathname in the PathData parameter to ConfigTab/uploader.aspx.

9.8
2020-02-17 CVE-2013-3738 Zabbix Improper Input Validation vulnerability in Zabbix 2.0.6

A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code.

9.8
2020-02-17 CVE-2020-9006 Sygnoos Deserialization of Untrusted Data vulnerability in Sygnoos Popup Builder

The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulnerable to SQL injection (in the sgImportPopups function in sg_popup_ajax.php) via PHP Deserialization on attacker-controlled data with the attachmentUrl POST variable.

9.8
2020-02-17 CVE-2020-8518 Horde
Fedoraproject
Debian
Code Injection vulnerability in multiple products

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.

9.8
2020-02-17 CVE-2020-8427 Unitrends SQL Injection vulnerability in Unitrends Backup

In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass.

9.8
2020-02-17 CVE-2020-5531 Mitsubishielectric Unspecified vulnerability in Mitsubishielectric products

Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller Module(Q24DHCCPU-V, Q24DHCCPU-VG User Ethernet port (CH1, CH2): First 5 digits of serial number 21121 or before), MELSEC iQ-R Series C Controller Module / C Intelligent Function Module(R12CCPU-V Ethernet port (CH1, CH2): First 2 digits of serial number 11 or before, and RD55UP06-V Ethernet port: First 2 digits of serial number 08 or before), and MELIPC Series MI5000(MI5122-VW Ethernet port (CH1): First 2 digits of serial number 03 or before, or the firmware version 03 or before) allow remote attackers to cause a denial of service and/or malware being executed via unspecified vectors.

9.8
2020-02-17 CVE-2020-9027 Eltex CO OS Command Injection vulnerability in Eltex-Co Ntp-2 Firmware and Ntp-Rg-1402G Firmware

ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd.

9.8
2020-02-17 CVE-2020-9026 Eltex CO OS Command Injection vulnerability in Eltex-Co Ntp-2 Firmware and Ntp-Rg-1402G Firmware

ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the PING field of the resource ping.cmd.

9.8
2020-02-17 CVE-2020-9024 Iteris Incorrect Permission Assignment for Critical Resource vulnerability in Iteris Vantage Velocity Firmware 2.3.1/2.4.2

Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl (executed as root by crond) and /root/loadperl.sh (executed as root at boot time) scripts.

9.8
2020-02-17 CVE-2020-9023 Iteris Weak Password Requirements vulnerability in Iteris Vantage Velocity Firmware 2.3.1/2.4.2

Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have two users that are not documented and are configured with weak passwords (User bluetooth, password bluetooth; User eclipse, password eclipse).

9.8
2020-02-17 CVE-2020-9021 Postoaktraffic OS Command Injection vulnerability in Postoaktraffic Awam Bluetooth Field Device Firmware

Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system commands through timeconfig.py via shell metacharacters in the htmlNtpServer parameter.

9.8
2020-02-17 CVE-2020-9020 Iteris OS Command Injection vulnerability in Iteris Vantage Velocity Firmware 2.3.1/2.4.2/3.0

Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands into cgi-bin/timeconfig.py via shell metacharacters in the NTP Server field.

9.8
2020-02-17 CVE-2020-8768 Phoenixcontact Incorrect Permission Assignment for Critical Resource vulnerability in Phoenixcontact ILC 2050 Bi-L Firmware and ILC 2050 BI Firmware

An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L before 1.2.3 devices.

9.4
2020-02-20 CVE-2020-8990 Western Digital Session Fixation vulnerability in Western Digital IBI and MY Cloud Home

Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation.

9.1
2020-02-19 CVE-2020-3158 Cisco Use of Hard-coded Credentials vulnerability in Cisco Smart Software Manager On-Prem

A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account.

9.1
2020-02-18 CVE-2013-4454 Getbutterfly Improper Authentication vulnerability in Getbutterfly Portable-PHPmyadmin 1.4.1

WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities

9.1
2020-02-17 CVE-2014-7236 Twiki Injection vulnerability in Twiki

Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome.

9.1

101 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-22 CVE-2020-9341 Auieo Cross-Site Request Forgery (CSRF) vulnerability in Auieo Candidats 2.1.0

CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the index.php?m=settings&a=addUser URI.

8.8
2020-02-22 CVE-2020-8813 Cacti
Fedoraproject
Opmantek
Opensuse
Debian
OS Command Injection vulnerability in multiple products

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.

8.8
2020-02-22 CVE-2020-8862 Dlink Improper Authentication vulnerability in Dlink Dap-2610 Firmware

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers.

8.8
2020-02-22 CVE-2020-8861 Dlink Improper Authentication vulnerability in Dlink Dap-1330 Firmware 1.00.B21/1.10B01

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1330 1.10B01 BETA Wi-Fi range extenders.

8.8
2020-02-21 CVE-2020-9330 Xerox Missing Authentication for Critical Function vulnerability in Xerox products

Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address.

8.8
2020-02-21 CVE-2020-5524 NEC OS Command Injection vulnerability in NEC products

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function.

8.8
2020-02-20 CVE-2020-5242 Openhab Incorrect Authorization vulnerability in Openhab

openHAB before 2.5.2 allow a remote attacker to use REST calls to install the EXEC binding or EXEC transformation service and execute arbitrary commands on the system with the privileges of the user running openHAB.

8.8
2020-02-20 CVE-2019-4752 IBM SQL Injection vulnerability in IBM products

IBM Emptoris Spend Analysis and IBM Emptoris Strategic Supply Management Platform 10.1.0.x, 10.1.1.x, and 10.1.3.x is vulnerable to SQL injection.

8.8
2020-02-20 CVE-2020-9273 Proftpd
Debian
Fedoraproject
Opensuse
Siemens
Use After Free vulnerability in multiple products

In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel.

8.8
2020-02-20 CVE-2020-9308 Libarchive
Canonical
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact.

8.8
2020-02-20 CVE-2012-2629 Axous Cross-Site Request Forgery (CSRF) vulnerability in Axous 1.1.1

Multiple cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator account via an addnew action to admin/administrators_add.php; or (2) conduct cross-site scripting (XSS) attacks via the page_title parameter to admin/content_pages_edit.php; the (3) category_name[] parameter to admin/products_category.php; the (4) site_name, (5) seo_title, or (6) meta_keywords parameter to admin/settings_siteinfo.php; the (7) company_name, (8) address1, (9) address2, (10) city, (11) state, (12) country, (13) author_first_name, (14) author_last_name, (15) author_email, (16) contact_first_name, (17) contact_last_name, (18) contact_email, (19) general_email, (20) general_phone, (21) general_fax, (22) sales_email, (23) sales_phone, (24) support_email, or (25) support_phone parameter to admin/settings_company.php; or the (26) system_email, (27) sender_name, (28) smtp_server, (29) smtp_username, (30) smtp_password, or (31) order_notice_email parameter to admin/settings_email.php.

8.8
2020-02-19 CVE-2015-7747 Canonical
Fedoraproject
Audio File Library Project
Classic Buffer Overflow vulnerability in multiple products

Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c.

8.8
2020-02-19 CVE-2020-3114 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Network Manager

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.

8.8
2020-02-19 CVE-2020-3112 Cisco Improper Privilege Management vulnerability in Cisco Data Center Network Manager

A vulnerability in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to elevate privileges on the application.

8.8
2020-02-19 CVE-2019-12437 Silverstripe Cross-Site Request Forgery (CSRF) vulnerability in Silverstripe

In SilverStripe through 4.3.3, the previous fix for SS-2018-007 does not completely mitigate the risk of CSRF in GraphQL mutations,

8.8
2020-02-18 CVE-2020-9270 Icehrm Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 26.2.0.Os

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php.

8.8
2020-02-18 CVE-2015-7505 Netsurf Browser Out-of-bounds Write vulnerability in Netsurf-Browser Libnsgif 0.1.2

Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file.

8.8
2020-02-18 CVE-2020-6844 Topmanage Cross-Site Request Forgery (CSRF) vulnerability in Topmanage OLK Webstore 2020

In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts.

8.8
2020-02-18 CVE-2013-4227 Mozilla Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Persona

Cross-site request forgery (CSRF) vulnerability in the persona_xsrf_token function in persona.module in the Mozilla Persona module 7.x-1.x before 7.x-1.11 for Drupal allows remote attackers to hijack the authentication of aribitrary users via a security token that is not a string data type.

8.8
2020-02-18 CVE-2020-5530 Realestateconnected Cross-Site Request Forgery (CSRF) vulnerability in Realestateconnected Easy Property Listings

Cross-site request forgery (CSRF) vulnerability in Easy Property Listings versions prior to 3.4 allows remote attackers to hijack the authentication of administrators via unspecified vectors.

8.8
2020-02-18 CVE-2020-1790 Huawei Command Injection vulnerability in Huawei Gaussdb 200 6.5.1

GaussDB 200 with version of 6.5.1 have a command injection vulnerability.

8.8
2020-02-18 CVE-2020-1811 Huawei Command Injection vulnerability in Huawei Gaussdb 200 6.5.1

GaussDB 200 with version of 6.5.1 have a command injection vulnerability.

8.8
2020-02-17 CVE-2015-8751 Jasper Project Integer Overflow or Wraparound vulnerability in Jasper Project Jasper 1.900.1/1.900.2/1.900.3

Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.

8.8
2020-02-17 CVE-2020-7597 Codecov OS Command Injection vulnerability in Codecov

codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js.

8.8
2020-02-17 CVE-2015-0258 O DYN
Debian
Canonical
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products

Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a file with a (1) .php3, (2) .php4, (3) .php5, or (4) .phtml extension.

8.8
2020-02-17 CVE-2020-9043 Wpcentral Information Exposure vulnerability in Wpcentral

The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.

8.8
2020-02-19 CVE-2020-3944 Vmware Improper Authentication vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass.

8.6
2020-02-19 CVE-2019-1950 Cisco Insecure Default Initialization of Resource vulnerability in Cisco IOS XE

A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device.

8.4
2020-02-18 CVE-2020-9265 Ciprianmp SQL Injection vulnerability in Ciprianmp PHPmychat-Plus 1.98

phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username.

8.2
2020-02-18 CVE-2019-18352 Phoenixcontact Unspecified vulnerability in Phoenixcontact products

Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices before V2.90 and FL NAT 2304-2GC-2SFP devices before V2.90 when using MAC-based port security.

8.2
2020-02-21 CVE-2012-0063 Tucaneando Unspecified vulnerability in Tucaneando Tucan 0.3.10

Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan.

8.1
2020-02-21 CVE-2014-7914 Google Incorrect Authorization vulnerability in Google Android

btif/src/btif_dm.c in Android before 5.1 does not properly enforce the temporary nature of a Bluetooth pairing, which allows user-assisted remote attackers to bypass intended access restrictions via crafted Bluetooth packets after the tapping of a crafted NFC tag.

8.1
2020-02-22 CVE-2020-8860 Google Out-of-bounds Write vulnerability in Google Android

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets.

8.0
2020-02-21 CVE-2020-5534 NEC OS Command Injection vulnerability in NEC Aterm Wg2600Hs Firmware 1.3.2

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.

8.0
2020-02-21 CVE-2020-5525 NEC OS Command Injection vulnerability in NEC products

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.

8.0
2020-02-21 CVE-2012-1093 Debian Link Following vulnerability in Debian Linux and X11-Common

The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.

7.8
2020-02-21 CVE-2012-6277 IBM
Symantec
HP
Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code."
7.8
2020-02-21 CVE-2019-19452 Patriotmemory Out-of-bounds Write vulnerability in Patriotmemory Viper RGB Driver 1.1

A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040.

7.8
2020-02-20 CVE-2020-8601 Trendmicro Uncontrolled Search Path Element vulnerability in Trendmicro vulnerability Protection 2.0

Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory.

7.8
2020-02-20 CVE-2020-6968 Honeywell Improper Privilege Management vulnerability in Honeywell Inncom Inncontrol Firmware 3.0/3.21

Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files.

7.8
2020-02-20 CVE-2020-3764 Adobe Out-of-bounds Write vulnerability in Adobe Media Encoder 13.0.2/13.1/14.0

Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds write vulnerability.

7.8
2020-02-20 CVE-2019-19741 EA Unspecified vulnerability in EA Origin

Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248.

7.8
2020-02-19 CVE-2012-0055 Linux
Canonical
Missing Authorization vulnerability in multiple products

OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.

7.8
2020-02-19 CVE-2020-8959 Westerndigital Uncontrolled Search Path Element vulnerability in Westerndigital products

Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 allows DLL Hijacking.

7.8
2020-02-19 CVE-2020-4204 IBM Classic Buffer Overflow vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges.

7.8
2020-02-18 CVE-2020-1812 Huawei Improper Authentication vulnerability in Huawei P30 Firmware

HUAWEI P30 smartphones with versions earlier than 10.0.0.173(C00E73R1P11) have an improper authentication vulnerability.

7.8
2020-02-17 CVE-2014-1947 Imagemagick
Suse
Out-of-bounds Write vulnerability in multiple products

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.

7.8
2020-02-17 CVE-2020-1704 Redhat Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Service Mesh 1.0/1.0.7

An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container.

7.8
2020-02-17 CVE-2020-9005 Valvesoftware Out-of-bounds Write vulnerability in Valvesoftware Dota 2 20200217/7.23E/7.23F

meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote attackers to achieve code execution or denial of service by creating a gaming server with a crafted map, and inviting a victim to this server.

7.8
2020-02-23 CVE-2020-9354 Smartclient Path Traversal vulnerability in Smartclient 12.0

An issue was discovered in SmartClient 12.0.

7.5
2020-02-23 CVE-2020-9353 Smartclient Path Traversal vulnerability in Smartclient 12.0

An issue was discovered in SmartClient 12.0.

7.5
2020-02-21 CVE-2020-9327 Sqlite
Netapp
Canonical
Siemens
Oracle
NULL Pointer Dereference vulnerability in multiple products

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.

7.5
2020-02-21 CVE-2020-7907 Jetbrains Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Scala

In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections.

7.5
2020-02-21 CVE-2019-19866 Atos Authorization Bypass Through User-Controlled Key vulnerability in Atos Unify Openscape UC web Client 10.0/9.0

Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information.

7.5
2020-02-21 CVE-2020-5243 UAP Core Project Unspecified vulnerability in Uap-Core Project Uap-Core

uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings.

7.5
2020-02-20 CVE-2019-16302 Linuxfoundation Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0

An issue was discovered in Open Network Operating System (ONOS) 1.14.

7.5
2020-02-20 CVE-2019-16301 Linuxfoundation Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0

An issue was discovered in Open Network Operating System (ONOS) 1.14.

7.5
2020-02-20 CVE-2019-16300 Linuxfoundation Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0

An issue was discovered in Open Network Operating System (ONOS) 1.14.

7.5
2020-02-20 CVE-2019-16299 Linuxfoundation Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0

An issue was discovered in Open Network Operating System (ONOS) 1.14.

7.5
2020-02-20 CVE-2019-16298 Linuxfoundation Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0

An issue was discovered in Open Network Operating System (ONOS) 1.14.

7.5
2020-02-20 CVE-2019-16297 Linuxfoundation Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0

An issue was discovered in Open Network Operating System (ONOS) 1.14.

7.5
2020-02-20 CVE-2019-11189 Opennetworking Authentication Bypass by Spoofing vulnerability in Opennetworking Onos

Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) in ONOS v2.0 and earlier allows attackers to bypass network access control via data plane packet injection.

7.5
2020-02-20 CVE-2020-9283 Golang
Debian
Improper Verification of Cryptographic Signature vulnerability in multiple products

golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package.

7.5
2020-02-20 CVE-2014-4019 ZTE Information Exposure vulnerability in ZTE Zxv10 W300 Firmware W300V1.0.0Azrdlk

ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0.

7.5
2020-02-20 CVE-2015-4411 Mongodb
Fedoraproject
Resource Exhaustion vulnerability in multiple products

The Moped::BSON::ObjecId.legal? method in mongodb/bson-ruby before 3.0.4 as used in rubygem-moped allows remote attackers to cause a denial of service (worker resource consumption) via a crafted string.

7.5
2020-02-20 CVE-2015-4410 Moped Project
Fedoraproject
Improper Input Validation vulnerability in multiple products

The Moped::BSON::ObjecId.legal? method in rubygem-moped before commit dd5a7c14b5d2e466f7875d079af71ad19774609b allows remote attackers to cause a denial of service (worker resource consumption) or perform a cross-site scripting (XSS) attack via a crafted string.

7.5
2020-02-20 CVE-2020-9272 Proftpd
Siemens
Opensuse
Out-of-bounds Read vulnerability in multiple products

ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.

7.5
2020-02-20 CVE-2012-5366 Apple Resource Exhaustion vulnerability in Apple mac OS X

The IPv6 implementation in Apple Mac OS X (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.

7.5
2020-02-20 CVE-2012-5365 Freebsd
Netbsd
Resource Exhaustion vulnerability in multiple products

The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.

7.5
2020-02-20 CVE-2012-5364 Microsoft Resource Exhaustion vulnerability in Microsoft products

The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.

7.5
2020-02-20 CVE-2012-5363 Freebsd
Netbsd
Resource Exhaustion vulnerability in multiple products

The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.

7.5
2020-02-20 CVE-2012-5362 Microsoft Resource Exhaustion vulnerability in Microsoft products

The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669.

7.5
2020-02-19 CVE-2020-3945 Vmware Unspecified vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View.

7.5
2020-02-19 CVE-2020-6062 Coturn Project
Debian
Fedoraproject
Canonical
NULL Pointer Dereference vulnerability in multiple products

An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests.

7.5
2020-02-19 CVE-2020-4135 IBM
Netapp
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage.
7.5
2020-02-19 CVE-2012-6685 Nokogiri
Redhat
XML Entity Expansion vulnerability in multiple products

Nokogiri before 1.5.4 is vulnerable to XXE attacks

7.5
2020-02-19 CVE-2011-2054 Cisco Improper Authentication vulnerability in Cisco products

A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct.

7.5
2020-02-18 CVE-2018-16994 Phoenixcontact Unspecified vulnerability in Phoenixcontact products

An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix Contact).

7.5
2020-02-18 CVE-2020-9268 Soplanning SQL Injection vulnerability in Soplanning 1.45

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring.

7.5
2020-02-18 CVE-2015-7507 Netsurf Browser Out-of-bounds Read vulnerability in Netsurf-Browser Libnsbmp 0.1.2

libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.

7.5
2020-02-18 CVE-2020-8011 Broadcom NULL Pointer Dereference vulnerability in Broadcom Unified Infrastructure Management

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component.

7.5
2020-02-18 CVE-2020-1816 Huawei Unspecified vulnerability in Huawei products

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability.

7.5
2020-02-18 CVE-2020-1815 Huawei Memory Leak vulnerability in Huawei products

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability.

7.5
2020-02-17 CVE-2020-1856 Huawei Unspecified vulnerability in Huawei products

Huawei NGFW Module, NIP6300, NIP6600, Secospace USG6500, Secospace USG6600, and USG9500 versions V500R001C30, V500R001C60, and V500R005C00 have an information leakage vulnerability.

7.5
2020-02-17 CVE-2020-1841 Huawei Unspecified vulnerability in Huawei products

Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6500 versions V100R001C00, V500R002C00, and V500R002C00SPC900; and TE60 versions V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00, and V600R019C00SPC100 have an information leak vulnerability.

7.5
2020-02-17 CVE-2020-1829 Huawei Double Free vulnerability in Huawei products

Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly.

7.5
2020-02-17 CVE-2020-1827 Huawei Improper Resource Shutdown or Release vulnerability in Huawei products

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability.

7.5
2020-02-17 CVE-2020-1858 Huawei Unspecified vulnerability in Huawei products

Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of service vulnerability.

7.5
2020-02-17 CVE-2020-1828 Huawei Out-of-bounds Read vulnerability in Huawei products

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message.

7.5
2020-02-17 CVE-2019-10790 Taffydb Exposure of Resource to Wrong Sphere vulnerability in Taffydb Taffy 2.6.2

taffydb npm module, vulnerable in all versions up to and including 2.7.3, allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB.

7.5
2020-02-17 CVE-2013-3722 Opensips Infinite Loop vulnerability in Opensips

A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c.

7.5
2020-02-17 CVE-2020-8795 Gitlab Unspecified vulnerability in Gitlab

In GitLab Enterprise Edition (EE) 12.5.0 through 12.7.5, sharing a group with a group could grant project access to unauthorized users.

7.5
2020-02-17 CVE-2020-9034 Microchip Unspecified vulnerability in Microchip products

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices mishandle session validation, leading to unauthenticated creation, modification, or elimination of users.

7.5
2020-02-22 CVE-2020-9340 Fauzantrif Election Project SQL Injection vulnerability in Fauzantrif Election Project Fauzantrif Election 2.0

fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.

7.2
2020-02-21 CVE-2020-6842 Dlink OS Command Injection vulnerability in Dlink Dch-M225 Firmware 1.05B01

D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name.

7.2
2020-02-20 CVE-2020-9318 RED Gate SQL Injection vulnerability in Red-Gate SQL Monitor

Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI.

7.2
2020-02-19 CVE-2012-6614 Dlink Missing Authorization vulnerability in Dlink Dsr-250N Firmware

D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password.

7.2
2020-02-18 CVE-2020-9269 Soplanning SQL Injection vulnerability in Soplanning 1.45

SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by export_ical.php.

7.2
2020-02-17 CVE-2019-18998 Hitachienergy Authorization Bypass Through User-Controlled Key vulnerability in Hitachienergy Asset Suite 9.0.0/9.5.0/9.6.0

Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects.

7.1
2020-02-20 CVE-2019-14688 Trendmicro Uncontrolled Search Path Element vulnerability in Trendmicro products

Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation.

7.0
2020-02-20 CVE-2011-0699 Linux Out-of-bounds Write vulnerability in Linux Kernel 2.6.37

Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.

7.0

107 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-20 CVE-2020-6977 GE Unspecified vulnerability in GE products

A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affected devices.

6.8
2020-02-18 CVE-2020-1842 Huawei Improper Authentication vulnerability in Huawei products

Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability.

6.8
2020-02-18 CVE-2020-1843 Huawei Unspecified vulnerability in Huawei products

Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability.

6.8
2020-02-18 CVE-2020-1789 Huawei Improper Authentication vulnerability in Huawei products

Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability.

6.8
2020-02-19 CVE-2020-3138 Cisco Improper Verification of Cryptographic Signature vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure

A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to install a malicious file when upgrading.

6.7
2020-02-19 CVE-2020-4230 IBM Unspecified vulnerability in IBM DB2 11.1/11.5

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 and 11.5 is vulnerable to an escalation of privilege when an authenticated local attacker with special permissions executes specially crafted Db2 commands.

6.7
2020-02-21 CVE-2013-4088 Otrs Information Exposure vulnerability in Otrs

Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism.

6.5
2020-02-21 CVE-2013-3551 Otrs Information Exposure vulnerability in Otrs

Kernel/Modules/AgentTicketPhone.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.20, 3.1.x before 3.1.16, and 3.2.x before 3.2.7, and OTRS ITSM 3.0.x before 3.0.8, 3.1.x before 3.1.9, and 3.2.x before 3.2.5 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism.

6.5
2020-02-20 CVE-2015-2923 Freebsd Improper Input Validation vulnerability in Freebsd

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

6.5
2020-02-19 CVE-2020-7942 Puppet Improper Certificate Validation vulnerability in Puppet and Puppet Agent

Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure.

6.5
2020-02-19 CVE-2020-3153 Cisco Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client 4.8.00175/4.8.01090

A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges.

6.5
2020-02-19 CVE-2019-10797 Wso2 Unspecified vulnerability in Wso2 Transport-Http

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled.

6.5
2020-02-19 CVE-2020-4200 IBM Unspecified vulnerability in IBM DB2 10.5/11.1/11.5

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated attacker to send specially crafted commands to cause a denial of service.

6.5
2020-02-19 CVE-2020-4161 IBM Unspecified vulnerability in IBM DB2 11.5

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 could allow an authenticated attacker to cause a denial of service due to incorrect handling of certain commands.

6.5
2020-02-19 CVE-2019-4457 IBM Unspecified vulnerability in IBM Jazz Foundation

IBM Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system.

6.5
2020-02-18 CVE-2020-9271 Icehrm Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 26.2.0.Os

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php.

6.5
2020-02-18 CVE-2020-9267 Soplanning Cross-Site Request Forgery (CSRF) vulnerability in Soplanning 1.45

SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajax_server.php.

6.5
2020-02-18 CVE-2020-9266 Soplanning Cross-Site Request Forgery (CSRF) vulnerability in Soplanning 1.45

SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajax_server.php.

6.5
2020-02-18 CVE-2013-4226 Drupal Missing Authorization vulnerability in Drupal Authenticated User Page Caching

The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser.

6.5
2020-02-18 CVE-2015-7506 Netsurf Browser Out-of-bounds Read vulnerability in Netsurf-Browser Libnsgif 0.1.2

The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file.

6.5
2020-02-17 CVE-2020-1853 Huawei Path Traversal vulnerability in Huawei Gaussdb 200 6.5.1

GaussDB 200 with version of 6.5.1 have a path traversal vulnerability.

6.5
2020-02-17 CVE-2020-1692 Moodle Unspecified vulnerability in Moodle

Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.

6.5
2020-02-17 CVE-2020-9033 Microchip Path Traversal vulnerability in Microchip products

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to authlog.php.

6.5
2020-02-17 CVE-2020-9032 Microchip Path Traversal vulnerability in Microchip products

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to kernlog.php.

6.5
2020-02-17 CVE-2020-9031 Microchip Path Traversal vulnerability in Microchip products

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php.

6.5
2020-02-17 CVE-2020-9030 Microchip Path Traversal vulnerability in Microchip products

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to the syslog.php.

6.5
2020-02-17 CVE-2020-9029 Microchip Path Traversal vulnerability in Microchip products

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php.

6.5
2020-02-18 CVE-2019-10795 Undefsafe Project Injection vulnerability in Undefsafe Project Undefsafe

undefsafe before 2.0.3 is vulnerable to Prototype Pollution.

6.3
2020-02-18 CVE-2019-10794 Component Flatten Project Injection vulnerability in Component-Flatten Project Component-Flatten

All versions of component-flatten are vulnerable to Prototype Pollution.

6.3
2020-02-18 CVE-2019-10793 DOT Object Project Injection vulnerability in Dot-Object Project Dot-Object

dot-object before 2.1.3 is vulnerable to Prototype Pollution.

6.3
2020-02-18 CVE-2019-10792 Bodymen Project Injection vulnerability in Bodymen Project Bodymen

bodymen before 1.1.1 is vulnerable to Prototype Pollution.

6.3
2020-02-21 CVE-2019-19865 Atos Cross-site Scripting vulnerability in Atos Unify Openscape UC web Client 1.0

Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS.

6.1
2020-02-21 CVE-2020-5533 NEC Cross-site Scripting vulnerability in NEC Aterm Wg2600Hs Firmware 1.3.2

Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1
2020-02-20 CVE-2020-8960 Westerndigital Cross-site Scripting vulnerability in Westerndigital Mycloud.Com

Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS.

6.1
2020-02-20 CVE-2012-3351 Longtailvideo Cross-site Scripting vulnerability in Longtailvideo JW Player

Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript.

6.1
2020-02-20 CVE-2019-20479 Openidc
Debian
Fedoraproject
Opensuse
Open Redirect vulnerability in multiple products

A flaw was found in mod_auth_openidc before version 2.4.1.

6.1
2020-02-19 CVE-2014-9617 Netsweeper Open Redirect vulnerability in Netsweeper

Open redirect vulnerability in remotereporter/load_logfiles.php in Netsweeper before 4.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.

6.1
2020-02-19 CVE-2020-3159 Cisco Cross-site Scripting vulnerability in Cisco Finesse

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software.

6.1
2020-02-19 CVE-2020-3156 Cisco Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.6.0/2.7

A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks.

6.1
2020-02-19 CVE-2014-9615 Netsweeper Cross-site Scripting vulnerability in Netsweeper 4.0.4

Cross-site scripting (XSS) vulnerability in Netsweeper 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the url parameter to webadmin/deny/index.php.

6.1
2020-02-19 CVE-2014-9608 Netsweeper Cross-site Scripting vulnerability in Netsweeper

Cross-site scripting (XSS) vulnerability in webadmin/policy/group_table_ajax.php/ in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

6.1
2020-02-19 CVE-2014-9607 Netsweeper Cross-site Scripting vulnerability in Netsweeper 4.0.3/4.0.4

Cross-site scripting (XSS) vulnerability in remotereporter/load_logfiles.php in Netsweeper 4.0.3 and 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the url parameter.

6.1
2020-02-19 CVE-2014-9606 Netsweeper Cross-site Scripting vulnerability in Netsweeper

Multiple cross-site scripting (XSS) vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) server parameter to remotereporter/load_logfiles.php, (2) customctid parameter to webadmin/policy/category_table_ajax.php, (3) urllist parameter to webadmin/alert/alert.php, (4) QUERY_STRING to webadmin/ajaxfilemanager/ajax_get_file_listing.php, or (5) PATH_INFO to webadmin/policy/policy_table_ajax.php/.

6.1
2020-02-19 CVE-2015-0749 Cisco Cross-site Scripting vulnerability in Cisco Unified Communications Manager

A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on the affected software.

6.1
2020-02-18 CVE-2013-2679 Belkin Cross-site Scripting vulnerability in Belkin Linksys E4200 Firmware 1.0.05

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) ping_ip, (3) ping_size, (4) submit_type, or (5) traceroute_ip parameter to apply.cgi or (6) new_workgroup or (7) submit_button parameter to storage/apply.cgi.

6.1
2020-02-18 CVE-2020-6845 Topmanage Cross-site Scripting vulnerability in Topmanage OLK Webstore 2020

An issue was discovered in TopManage OLK 2020.

6.1
2020-02-18 CVE-2020-1855 Huawei Unspecified vulnerability in Huawei products

Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability.

6.1
2020-02-17 CVE-2019-19325 Silverstripe Cross-site Scripting vulnerability in Silverstripe

SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows Reflected XSS on the login form and custom forms.

6.1
2020-02-17 CVE-2015-5216 Ipsilon Project Cross-site Scripting vulnerability in Ipsilon-Project Ipsilon

The Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly escape certain characters in a Python exception-message template, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via an HTTP response.

6.1
2020-02-17 CVE-2015-5215 Ipsilon Project Cross-site Scripting vulnerability in Ipsilon-Project Ipsilon

The default configuration of the Jinja templating engine used in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not enable auto-escaping, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via template variables.

6.1
2020-02-17 CVE-2020-6850 Miniorange Cross-site Scripting vulnerability in Miniorange Saml SP Single Sign on

Utilities.php in the miniorange-saml-20-single-sign-on plugin before 4.8.84 for WordPress allows XSS via a crafted SAML XML Response to wp-login.php.

6.1
2020-02-17 CVE-2020-9028 Microchip Cross-site Scripting vulnerability in Microchip products

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenance" screen (when creating a new user).

6.1
2020-02-17 CVE-2020-9025 Iteris Cross-site Scripting vulnerability in Iteris Vantage Velocity Firmware 2.4.2

Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script.

6.1
2020-02-17 CVE-2020-9022 Cambiumnetworks Cross-site Scripting vulnerability in Cambiumnetworks products

An issue was discovered on Xirrus XR520, XR620, XR2436, and XH2-120 devices.

6.1
2020-02-21 CVE-2020-9329 Gogs Race Condition vulnerability in Gogs

Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an internal/db/repo.go race condition.

5.9
2020-02-21 CVE-2013-3587 F5 Information Exposure vulnerability in F5 products

The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929.

5.9
2020-02-19 CVE-2020-3163 Cisco Race Condition vulnerability in Cisco Unified Contact Center Enterprise

A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

5.9
2020-02-19 CVE-2020-3132 Cisco Resource Exhaustion vulnerability in Cisco Cloud Email Security and Email Security Appliance

A vulnerability in the email message scanning feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a temporary denial of service (DoS) condition on an affected device.

5.9
2020-02-22 CVE-2020-9342 F Secure Interpretation Conflict vulnerability in F-Secure products

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive.

5.5
2020-02-21 CVE-2012-0844 Netsurf Browser
Debian
Information Exposure vulnerability in multiple products

Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar.

5.5
2020-02-20 CVE-2020-9320 Avira Unrestricted Upload of File with Dangerous Type vulnerability in Avira products

Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive.

5.5
2020-02-20 CVE-2011-4915 Linux
Canonical
Debian
Information Exposure vulnerability in multiple products

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

5.5
2020-02-20 CVE-2014-4659 Redhat Insufficiently Protected Credentials vulnerability in Redhat Ansible

Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format.

5.5
2020-02-20 CVE-2014-4658 Redhat Information Exposure vulnerability in Redhat Ansible

The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.

5.5
2020-02-20 CVE-2011-2498 Linux
Canonical
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

5.5
2020-02-20 CVE-2014-4660 Redhat Insufficiently Protected Credentials vulnerability in Redhat Ansible

Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb http://user:pass@server:port/" format.

5.5
2020-02-20 CVE-2016-3182 Uclouvain Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg

The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG before 2.1.1 allows attackers to cause a denial of service (memory corruption) via a crafted jpeg 2000 file.

5.5
2020-02-18 CVE-2020-9264 Eset Interpretation Conflict vulnerability in Eset products

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive.

5.5
2020-02-17 CVE-2020-1857 Huawei Unspecified vulnerability in Huawei products

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability.

5.5
2020-02-17 CVE-2020-7252 Mcafee Unquoted Search Path or Element vulnerability in Mcafee Data Exchange Layer

Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer (DXL) Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.

5.5
2020-02-23 CVE-2020-9350 SAS Cross-site Scripting vulnerability in SAS Visual Analytics 8.5

Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly.

5.4
2020-02-22 CVE-2020-9339 Soplanning Cross-site Scripting vulnerability in Soplanning 1.45

SOPlanning 1.45 allows XSS via the Name or Comment to status.php.

5.4
2020-02-22 CVE-2020-9338 Soplanning Cross-site Scripting vulnerability in Soplanning 1.45

SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.

5.4
2020-02-22 CVE-2020-9336 Fauzantrif Election Project Cross-site Scripting vulnerability in Fauzantrif Election Project Fauzantrif Election 2.0

fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings -> Election -> "message if election is closed" field.

5.4
2020-02-20 CVE-2020-9003 Machothemes Cross-site Scripting vulnerability in Machothemes Modula Image Gallery

A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress.

5.4
2020-02-19 CVE-2020-3113 Cisco Cross-site Scripting vulnerability in Cisco Data Center Network Manager

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface.

5.4
2020-02-19 CVE-2019-17333 Tibco Cross-site Scripting vulnerability in Tibco EBX

The Web server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks.

5.4
2020-02-19 CVE-2020-8824 Hitrontech Cross-site Scripting vulnerability in Hitrontech Coda-4582U Firmware 7.1.1.30

Hitron CODA-4582U 7.1.1.30 devices allow XSS via a Managed Device name on the Wireless > Access Control > Add Managed Device screen.

5.4
2020-02-19 CVE-2019-4429 IBM Cross-site Scripting vulnerability in IBM products

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting.

5.4
2020-02-18 CVE-2012-0718 IBM Unspecified vulnerability in IBM Tivoli Endpoint Manager 8.0

IBM Tivoli Endpoint Manager 8 does not set the HttpOnly flag on cookies.

5.4
2020-02-17 CVE-2019-12954 Solarwinds Cross-site Scripting vulnerability in Solarwinds products

SolarWinds Network Performance Monitor (Orion Platform 2018, NPM 12.3, NetPath 1.1.3) allows XSS by authenticated users via a crafted onerror attribute of a VIDEO element in an action for an ALERT.

5.4
2020-02-17 CVE-2020-9038 Joplin Project Cross-site Scripting vulnerability in Joplin Project Joplin

Joplin through 1.0.184 allows Arbitrary File Read via XSS.

5.4
2020-02-23 CVE-2020-9351 Smartclient Information Exposure Through an Error Message vulnerability in Smartclient 12.0

An issue was discovered in SmartClient 12.0.

5.3
2020-02-21 CVE-2020-5326 Dell Missing Authentication for Critical Function vulnerability in Dell products

Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu.

5.3
2020-02-19 CVE-2020-3160 Cisco Improper Input Validation vulnerability in Cisco Meeting Server

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for users of XMPP conferencing applications.

5.3
2020-02-19 CVE-2014-9609 Netsweeper Path Traversal vulnerability in Netsweeper

Directory traversal vulnerability in webadmin/reporter/view_server_log.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to list directory contents via a ..

5.3
2020-02-19 CVE-2016-1000109 Facebook Improper Initialization vulnerability in Facebook Hhvm

HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

5.3
2020-02-18 CVE-2020-8633 Synacor Improper Preservation of Permissions vulnerability in Synacor Zimbra Collaboration Suite

An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7.

5.3
2020-02-18 CVE-2020-1814 Huawei Race Condition vulnerability in Huawei products

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability.

5.3
2020-02-18 CVE-2020-1830 Huawei Out-of-bounds Read vulnerability in Huawei products

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message.

5.3
2020-02-17 CVE-2020-7959 Labvantage Information Exposure Through Discrepancy vulnerability in Labvantage 8.3

LabVantage LIMS 8.3 does not properly maintain the confidentiality of database names.

5.3
2020-02-17 CVE-2013-7324 Webkitgtk Injection vulnerability in Webkitgtk

Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript.

5.3
2020-02-21 CVE-2019-18846 Open Xchange Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite

OX App Suite through 7.10.2 allows SSRF.

5.0
2020-02-19 CVE-2020-3154 Cisco SQL Injection vulnerability in Cisco Cloud web Security 5.2(0)

A vulnerability in the web UI of Cisco Cloud Web Security (CWS) could allow an authenticated, remote attacker to execute arbitrary SQL queries.

4.9
2020-02-17 CVE-2015-4715 Owncloud Files or Directories Accessible to External Parties vulnerability in Owncloud

The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server before 6.0.8, 7.x before 7.0.6, and 8.x before 8.0.4 when an external Dropbox storage has been mounted, allows remote administrators of Dropbox.com to read arbitrary files via an @ (at sign) character in unspecified POST values.

4.9
2020-02-19 CVE-2012-1932 Wolfcms Cross-site Scripting vulnerability in Wolfcms Wolf CMS

A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting.

4.8
2020-02-20 CVE-2019-19694 Trendmicro Unspecified vulnerability in Trendmicro products

The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or the entire product completely..

4.7
2020-02-20 CVE-2014-7951 Google Path Traversal vulnerability in Google Android 4.0.4

Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a ..

4.6
2020-02-18 CVE-2020-1872 Huawei Unspecified vulnerability in Huawei P10 Plus Firmware

Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E2R1P9T8), earlier than 9.1.0.252(C432E4R1P9T8), and earlier than 9.1.0.255(C576E6R1P8T8) have a digital balance bypass vulnerability.

4.6
2020-02-18 CVE-2020-1882 Huawei Unspecified vulnerability in Huawei products

Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper authorization vulnerability.

4.6
2020-02-21 CVE-2020-5324 Dell Link Following vulnerability in Dell products

Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability.

4.4
2020-02-20 CVE-2019-4583 IBM Information Exposure Through an Error Message vulnerability in IBM Maximo Asset Management 7.6.0.10/7.6.1.1

IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks.

4.3
2020-02-19 CVE-2019-12246 Silverstripe Cross-Site Request Forgery (CSRF) vulnerability in Silverstripe

SilverStripe through 4.3.3 allows a Denial of Service on flush and development URL tools.

4.3
2020-02-18 CVE-2013-4228 Organic Groups Project Incorrect Authorization vulnerability in Organic Groups Project Organic Groups 7.X2.0/7.X2.1/7.X2.2

The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to guess node IDs, subscribe to, and read the content of arbitrary private groups via unspecified vectors.

4.3
2020-02-18 CVE-2013-5594 Mozilla Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox

Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding

4.3
2020-02-17 CVE-2019-20474 Zohocorp Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Remote Access Plus 10.0.447

An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447.

4.3
2020-02-17 CVE-2019-12825 Gitlab Insecure Storage of Sensitive Information vulnerability in Gitlab

Unauthorized Access to the Container Registry of other groups was discovered in GitLab Enterprise 12.0.0-pre.

4.3

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-19 CVE-2015-9543 Openstack Information Exposure vulnerability in Openstack Nova

An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0.

3.3
2020-02-18 CVE-2019-15875 Freebsd Improper Initialization vulnerability in Freebsd 11.3/12.0/12.1

In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump files may contain up to 20 bytes of kernel data previously stored on the stack.

3.3
2020-02-18 CVE-2020-1791 Huawei Unspecified vulnerability in Huawei Mate 20 Firmware

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability.

2.4