Weekly Vulnerabilities Reports > February 17 to 23, 2020
Overview
274 new vulnerabilities reported during this period, including 63 critical vulnerabilities and 101 high severity vulnerabilities. This weekly summary report vulnerabilities in 584 products from 153 vendors including Huawei, Cisco, Debian, IBM, and Fedoraproject. Vulnerabilities are notably categorized as "Cross-site Scripting", "OS Command Injection", "Out-of-bounds Write", "SQL Injection", and "Cross-Site Request Forgery (CSRF)".
- 220 reported vulnerabilities are remotely exploitables.
- 28 reported vulnerabilities have public exploit available.
- 99 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 199 reported vulnerabilities are exploitable by an anonymous user.
- Huawei has the most reported vulnerabilities, with 22 reported vulnerabilities.
- Redhat has the most reported critical vulnerabilities, with 7 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
63 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-23 | CVE-2020-9355 | Networkmanager SSH Project Debian | danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalation because extra options are mishandled. | 9.8 |
2020-02-23 | CVE-2020-9352 | Smartclient | XXE vulnerability in Smartclient 12.0 An issue was discovered in SmartClient 12.0. | 9.8 |
2020-02-22 | CVE-2020-9039 | Couchbase | Incorrect Default Permissions vulnerability in Couchbase Server Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an endpoint that administrators can use for various tasks such as updating configuration and collecting performance profiles. | 9.8 |
2020-02-21 | CVE-2012-0828 | Xchat WDK Xchat Gnome | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP). | 9.8 |
2020-02-21 | CVE-2020-6841 | Dlink | OS Command Injection vulnerability in Dlink Dch-M225 Firmware 1.05B01 D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter. | 9.8 |
2020-02-21 | CVE-2016-4606 | Haxx | Unspecified vulnerability in Haxx Curl Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. | 9.8 |
2020-02-20 | CVE-2020-9015 | Arista | Unspecified vulnerability in Arista products Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly other products) allow attackers to bypass intended TACACS+ shell restrictions via a | character. | 9.8 |
2020-02-20 | CVE-2020-3765 | Adobe | Out-of-bounds Write vulnerability in Adobe After Effects Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds write vulnerability. | 9.8 |
2020-02-20 | CVE-2014-4650 | Python Redhat | Path Traversal vulnerability in multiple products The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator. | 9.8 |
2020-02-20 | CVE-2014-4657 | Redhat | Improper Input Validation vulnerability in Redhat Ansible The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. | 9.8 |
2020-02-20 | CVE-2014-3484 | Musl Libc | Out-of-bounds Write vulnerability in Musl-Libc Musl Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output. | 9.8 |
2020-02-20 | CVE-2014-4678 | Redhat Debian | Injection vulnerability in multiple products The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. | 9.8 |
2020-02-20 | CVE-2013-2018 | Berkeley | SQL Injection vulnerability in Berkeley Boinc Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
2020-02-19 | CVE-2020-6970 | Emerson | Out-of-bounds Write vulnerability in Emerson Openenterprise Scada Server 2.8.3/3.1/3.3.3 A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server. | 9.8 |
2020-02-19 | CVE-2020-3943 | Vmware | Unspecified vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured. | 9.8 |
2020-02-19 | CVE-2014-9614 | Netsweeper | Use of Hard-coded Credentials vulnerability in Netsweeper The Web Panel in Netsweeper before 4.0.5 has a default password of branding for the branding account, which makes it easier for remote attackers to obtain access via a request to webadmin/. | 9.8 |
2020-02-19 | CVE-2014-9613 | Netsweeper | SQL Injection vulnerability in Netsweeper Multiple SQL injection vulnerabilities in Netsweeper before 2.6.29.10 allow remote attackers to execute arbitrary SQL commands via the (1) login parameter to webadmin/auth/verification.php or (2) dpid parameter to webadmin/deny/index.php. | 9.8 |
2020-02-19 | CVE-2014-9612 | Netsweeper | SQL Injection vulnerability in Netsweeper SQL injection vulnerability in remotereporter/load_logfiles.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to execute arbitrary SQL commands via the server parameter. | 9.8 |
2020-02-19 | CVE-2020-6061 | Coturn Project Fedoraproject Debian Canonical | Out-of-bounds Read vulnerability in multiple products An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. | 9.8 |
2020-02-19 | CVE-2020-8441 | Jyaml Project | Deserialization of Untrusted Data vulnerability in Jyaml Project Jyaml JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load() function. | 9.8 |
2020-02-19 | CVE-2019-4640 | IBM | Origin Validation Error vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code. | 9.8 |
2020-02-19 | CVE-2014-2727 | Trustwave | OS Command Injection vulnerability in Trustwave Mailmarshal The STARTTLS implementation in MailMarshal before 7.2 allows plaintext command injection. | 9.8 |
2020-02-19 | CVE-2014-2228 | Talend | XML Entity Expansion vulnerability in Talend Restlet 1.1.10/2.1.7/2.2 The XStream extension in HP Fortify SCA before 2.2 RC3 allows remote attackers to execute arbitrary code via unsafe deserialization of XML messages. | 9.8 |
2020-02-19 | CVE-2016-1000005 | Type Confusion vulnerability in Facebook Hhvm mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. | 9.8 | |
2020-02-19 | CVE-2016-1000004 | Insufficient Verification of Data Authenticity vulnerability in Facebook Hhvm Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. | 9.8 | |
2020-02-19 | CVE-2014-3622 | PHP | Use After Free vulnerability in PHP 5.6.0 Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value. | 9.8 |
2020-02-19 | CVE-2019-20478 | Ruamel Yaml Project | Unspecified vulnerability in Ruamel.Yaml Project Ruamel.Yaml In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. | 9.8 |
2020-02-19 | CVE-2019-20477 | Pyyaml Fedoraproject | Deserialization of Untrusted Data vulnerability in multiple products PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. | 9.8 |
2020-02-18 | CVE-2020-7796 | Synacor | Server-Side Request Forgery (SSRF) vulnerability in Synacor Zimbra Collaboration Suite Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled. | 9.8 |
2020-02-18 | CVE-2015-7567 | Yeager | SQL Injection vulnerability in Yeager CMS 1.2.1 SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passwordreset&token" parameter. | 9.8 |
2020-02-18 | CVE-2019-10791 | Promise Probe Project | OS Command Injection vulnerability in Promise-Probe Project Promise-Probe promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. | 9.8 |
2020-02-18 | CVE-2014-3879 | Freebsd | Improper Authentication vulnerability in Freebsd OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include directive refers to a policy that does not exist, which causes the loaded policy chain to no be discarded and allows context-dependent attackers to bypass authentication via a login (1) without a password or (2) with an incorrect password. | 9.8 |
2020-02-18 | CVE-2013-6295 | Prestashop | Improper Privilege Management vulnerability in Prestashop 1.5.5.0 PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module | 9.8 |
2020-02-18 | CVE-2013-3323 | IBM | Improper Privilege Management vulnerability in IBM products A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access. | 9.8 |
2020-02-18 | CVE-2020-7450 | Freebsd | Out-of-bounds Write vulnerability in Freebsd 11.3/12.0/12.1 In FreeBSD 12.1-STABLE before r357213, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r357214, and 11.3-RELEASE before 11.3-RELEASE-p6, URL handling in libfetch with URLs containing username and/or password components is vulnerable to a heap buffer overflow allowing program misbehavior or malicious code execution. | 9.8 |
2020-02-18 | CVE-2019-5613 | Freebsd | Insufficient Verification of Data Authenticity vulnerability in Freebsd 12.0 In FreeBSD 12.0-RELEASE before 12.0-RELEASE-p13, a missing check in the ipsec packet processor allows reinjection of an old packet to be accepted by the ipsec endpoint. | 9.8 |
2020-02-18 | CVE-2014-4967 | Redhat | Injection vulnerability in Redhat Ansible Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing " src=" clause, (2) a trailing " temp=" clause, or (3) a trailing " validate=" clause accompanied by a shell command. | 9.8 |
2020-02-18 | CVE-2014-4966 | Redhat | Injection vulnerability in Redhat Ansible Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data. | 9.8 |
2020-02-18 | CVE-2015-6970 | Boschsecurity | XML Injection (aka Blind XPath Injection) vulnerability in Boschsecurity Nbn-498 Dinion2X Day/Night IP Cameras Firmware 4.54.0026 The web interface in Bosch Security Systems NBN-498 Dinion2X Day/Night IP Cameras with H.264 Firmware 4.54.0026 allows remote attackers to conduct XML injection attacks via the idstring parameter to rcp.xml. | 9.8 |
2020-02-18 | CVE-2014-4651 | Apache | Improper Input Validation vulnerability in Apache Jclouds 1.7.3 It was found that the jclouds scriptbuilder Statements class wrote a temporary file to a predictable location. | 9.8 |
2020-02-18 | CVE-2015-1425 | Jakweb | Improper Input Validation vulnerability in Jakweb Gecko CMS 2.2/2.3 JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities | 9.8 |
2020-02-18 | CVE-2020-8012 | Broadcom | Classic Buffer Overflow vulnerability in Broadcom Unified Infrastructure Management CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. | 9.8 |
2020-02-18 | CVE-2020-8010 | Broadcom | Unspecified vulnerability in Broadcom Unified Infrastructure Management CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. | 9.8 |
2020-02-17 | CVE-2014-8089 | Zend Redhat Fedoraproject | SQL Injection vulnerability in multiple products SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte. | 9.8 |
2020-02-17 | CVE-2014-4981 | Xorux | OS Command Injection vulnerability in Xorux Lpar2Rrd LPAR2RRD in 3.5 and earlier allows remote attackers to execute arbitrary commands due to insufficient input sanitization of the web GUI parameters. | 9.8 |
2020-02-17 | CVE-2020-1693 | Redhat | XXE vulnerability in Redhat Spacewalk 1.6/2.6 A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. | 9.8 |
2020-02-17 | CVE-2015-6922 | Kaseya | Improper Authentication vulnerability in Kaseya Virtual System Administrator Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 does not properly require authentication, which allows remote attackers to bypass authentication and (1) add an administrative account via crafted request to LocalAuth/setAccount.aspx or (2) write to and execute arbitrary files via a full pathname in the PathData parameter to ConfigTab/uploader.aspx. | 9.8 |
2020-02-17 | CVE-2013-3738 | Zabbix | Improper Input Validation vulnerability in Zabbix 2.0.6 A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code. | 9.8 |
2020-02-17 | CVE-2020-9006 | Sygnoos | Deserialization of Untrusted Data vulnerability in Sygnoos Popup Builder The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulnerable to SQL injection (in the sgImportPopups function in sg_popup_ajax.php) via PHP Deserialization on attacker-controlled data with the attachmentUrl POST variable. | 9.8 |
2020-02-17 | CVE-2020-8518 | Horde Fedoraproject Debian | Code Injection vulnerability in multiple products Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution. | 9.8 |
2020-02-17 | CVE-2020-8427 | Unitrends | SQL Injection vulnerability in Unitrends Backup In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass. | 9.8 |
2020-02-17 | CVE-2020-5531 | Mitsubishielectric | Unspecified vulnerability in Mitsubishielectric products Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller Module(Q24DHCCPU-V, Q24DHCCPU-VG User Ethernet port (CH1, CH2): First 5 digits of serial number 21121 or before), MELSEC iQ-R Series C Controller Module / C Intelligent Function Module(R12CCPU-V Ethernet port (CH1, CH2): First 2 digits of serial number 11 or before, and RD55UP06-V Ethernet port: First 2 digits of serial number 08 or before), and MELIPC Series MI5000(MI5122-VW Ethernet port (CH1): First 2 digits of serial number 03 or before, or the firmware version 03 or before) allow remote attackers to cause a denial of service and/or malware being executed via unspecified vectors. | 9.8 |
2020-02-17 | CVE-2020-9027 | Eltex CO | OS Command Injection vulnerability in Eltex-Co Ntp-2 Firmware and Ntp-Rg-1402G Firmware ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd. | 9.8 |
2020-02-17 | CVE-2020-9026 | Eltex CO | OS Command Injection vulnerability in Eltex-Co Ntp-2 Firmware and Ntp-Rg-1402G Firmware ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the PING field of the resource ping.cmd. | 9.8 |
2020-02-17 | CVE-2020-9024 | Iteris | Incorrect Permission Assignment for Critical Resource vulnerability in Iteris Vantage Velocity Firmware 2.3.1/2.4.2 Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl (executed as root by crond) and /root/loadperl.sh (executed as root at boot time) scripts. | 9.8 |
2020-02-17 | CVE-2020-9023 | Iteris | Weak Password Requirements vulnerability in Iteris Vantage Velocity Firmware 2.3.1/2.4.2 Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have two users that are not documented and are configured with weak passwords (User bluetooth, password bluetooth; User eclipse, password eclipse). | 9.8 |
2020-02-17 | CVE-2020-9021 | Postoaktraffic | OS Command Injection vulnerability in Postoaktraffic Awam Bluetooth Field Device Firmware Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system commands through timeconfig.py via shell metacharacters in the htmlNtpServer parameter. | 9.8 |
2020-02-17 | CVE-2020-9020 | Iteris | OS Command Injection vulnerability in Iteris Vantage Velocity Firmware 2.3.1/2.4.2/3.0 Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands into cgi-bin/timeconfig.py via shell metacharacters in the NTP Server field. | 9.8 |
2020-02-17 | CVE-2020-8768 | Phoenixcontact | Incorrect Permission Assignment for Critical Resource vulnerability in Phoenixcontact ILC 2050 Bi-L Firmware and ILC 2050 BI Firmware An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L before 1.2.3 devices. | 9.4 |
2020-02-20 | CVE-2020-8990 | Western Digital | Session Fixation vulnerability in Western Digital IBI and MY Cloud Home Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation. | 9.1 |
2020-02-19 | CVE-2020-3158 | Cisco | Use of Hard-coded Credentials vulnerability in Cisco Smart Software Manager On-Prem A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. | 9.1 |
2020-02-18 | CVE-2013-4454 | Getbutterfly | Improper Authentication vulnerability in Getbutterfly Portable-PHPmyadmin 1.4.1 WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities | 9.1 |
2020-02-17 | CVE-2014-7236 | Twiki | Injection vulnerability in Twiki Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome. | 9.1 |
101 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-22 | CVE-2020-9341 | Auieo | Cross-Site Request Forgery (CSRF) vulnerability in Auieo Candidats 2.1.0 CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the index.php?m=settings&a=addUser URI. | 8.8 |
2020-02-22 | CVE-2020-8813 | Cacti Fedoraproject Opmantek Opensuse Debian | OS Command Injection vulnerability in multiple products graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. | 8.8 |
2020-02-22 | CVE-2020-8862 | Dlink | Improper Authentication vulnerability in Dlink Dap-2610 Firmware This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers. | 8.8 |
2020-02-22 | CVE-2020-8861 | Dlink | Improper Authentication vulnerability in Dlink Dap-1330 Firmware 1.00.B21/1.10B01 This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1330 1.10B01 BETA Wi-Fi range extenders. | 8.8 |
2020-02-21 | CVE-2020-9330 | Xerox | Missing Authentication for Critical Function vulnerability in Xerox products Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. | 8.8 |
2020-02-21 | CVE-2020-5524 | NEC | OS Command Injection vulnerability in NEC products Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function. | 8.8 |
2020-02-20 | CVE-2020-5242 | Openhab | Incorrect Authorization vulnerability in Openhab openHAB before 2.5.2 allow a remote attacker to use REST calls to install the EXEC binding or EXEC transformation service and execute arbitrary commands on the system with the privileges of the user running openHAB. | 8.8 |
2020-02-20 | CVE-2019-4752 | IBM | SQL Injection vulnerability in IBM products IBM Emptoris Spend Analysis and IBM Emptoris Strategic Supply Management Platform 10.1.0.x, 10.1.1.x, and 10.1.3.x is vulnerable to SQL injection. | 8.8 |
2020-02-20 | CVE-2020-9273 | Proftpd Debian Fedoraproject Opensuse Siemens | Use After Free vulnerability in multiple products In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. | 8.8 |
2020-02-20 | CVE-2020-9308 | Libarchive Canonical Fedoraproject | Out-of-bounds Write vulnerability in multiple products archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact. | 8.8 |
2020-02-20 | CVE-2012-2629 | Axous | Cross-Site Request Forgery (CSRF) vulnerability in Axous 1.1.1 Multiple cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator account via an addnew action to admin/administrators_add.php; or (2) conduct cross-site scripting (XSS) attacks via the page_title parameter to admin/content_pages_edit.php; the (3) category_name[] parameter to admin/products_category.php; the (4) site_name, (5) seo_title, or (6) meta_keywords parameter to admin/settings_siteinfo.php; the (7) company_name, (8) address1, (9) address2, (10) city, (11) state, (12) country, (13) author_first_name, (14) author_last_name, (15) author_email, (16) contact_first_name, (17) contact_last_name, (18) contact_email, (19) general_email, (20) general_phone, (21) general_fax, (22) sales_email, (23) sales_phone, (24) support_email, or (25) support_phone parameter to admin/settings_company.php; or the (26) system_email, (27) sender_name, (28) smtp_server, (29) smtp_username, (30) smtp_password, or (31) order_notice_email parameter to admin/settings_email.php. | 8.8 |
2020-02-19 | CVE-2015-7747 | Canonical Fedoraproject Audio File Library Project | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c. | 8.8 |
2020-02-19 | CVE-2020-3114 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 8.8 |
2020-02-19 | CVE-2020-3112 | Cisco | Improper Privilege Management vulnerability in Cisco Data Center Network Manager A vulnerability in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to elevate privileges on the application. | 8.8 |
2020-02-19 | CVE-2019-12437 | Silverstripe | Cross-Site Request Forgery (CSRF) vulnerability in Silverstripe In SilverStripe through 4.3.3, the previous fix for SS-2018-007 does not completely mitigate the risk of CSRF in GraphQL mutations, | 8.8 |
2020-02-18 | CVE-2020-9270 | Icehrm | Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 26.2.0.Os ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php. | 8.8 |
2020-02-18 | CVE-2015-7505 | Netsurf Browser | Out-of-bounds Write vulnerability in Netsurf-Browser Libnsgif 0.1.2 Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file. | 8.8 |
2020-02-18 | CVE-2020-6844 | Topmanage | Cross-Site Request Forgery (CSRF) vulnerability in Topmanage OLK Webstore 2020 In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts. | 8.8 |
2020-02-18 | CVE-2013-4227 | Mozilla | Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Persona Cross-site request forgery (CSRF) vulnerability in the persona_xsrf_token function in persona.module in the Mozilla Persona module 7.x-1.x before 7.x-1.11 for Drupal allows remote attackers to hijack the authentication of aribitrary users via a security token that is not a string data type. | 8.8 |
2020-02-18 | CVE-2020-5530 | Realestateconnected | Cross-Site Request Forgery (CSRF) vulnerability in Realestateconnected Easy Property Listings Cross-site request forgery (CSRF) vulnerability in Easy Property Listings versions prior to 3.4 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
2020-02-18 | CVE-2020-1790 | Huawei | Command Injection vulnerability in Huawei Gaussdb 200 6.5.1 GaussDB 200 with version of 6.5.1 have a command injection vulnerability. | 8.8 |
2020-02-18 | CVE-2020-1811 | Huawei | Command Injection vulnerability in Huawei Gaussdb 200 6.5.1 GaussDB 200 with version of 6.5.1 have a command injection vulnerability. | 8.8 |
2020-02-17 | CVE-2015-8751 | Jasper Project | Integer Overflow or Wraparound vulnerability in Jasper Project Jasper 1.900.1/1.900.2/1.900.3 Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation. | 8.8 |
2020-02-17 | CVE-2020-7597 | Codecov | OS Command Injection vulnerability in Codecov codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js. | 8.8 |
2020-02-17 | CVE-2015-0258 | O DYN Debian Canonical | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a file with a (1) .php3, (2) .php4, (3) .php5, or (4) .phtml extension. | 8.8 |
2020-02-17 | CVE-2020-9043 | Wpcentral | Information Exposure vulnerability in Wpcentral The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key. | 8.8 |
2020-02-19 | CVE-2020-3944 | Vmware | Improper Authentication vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass. | 8.6 |
2020-02-19 | CVE-2019-1950 | Cisco | Insecure Default Initialization of Resource vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. | 8.4 |
2020-02-18 | CVE-2020-9265 | Ciprianmp | SQL Injection vulnerability in Ciprianmp PHPmychat-Plus 1.98 phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username. | 8.2 |
2020-02-18 | CVE-2019-18352 | Phoenixcontact | Unspecified vulnerability in Phoenixcontact products Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices before V2.90 and FL NAT 2304-2GC-2SFP devices before V2.90 when using MAC-based port security. | 8.2 |
2020-02-21 | CVE-2012-0063 | Tucaneando | Unspecified vulnerability in Tucaneando Tucan 0.3.10 Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan. | 8.1 |
2020-02-21 | CVE-2014-7914 | Incorrect Authorization vulnerability in Google Android btif/src/btif_dm.c in Android before 5.1 does not properly enforce the temporary nature of a Bluetooth pairing, which allows user-assisted remote attackers to bypass intended access restrictions via crafted Bluetooth packets after the tapping of a crafted NFC tag. | 8.1 | |
2020-02-22 | CVE-2020-8860 | Out-of-bounds Write vulnerability in Google Android This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. | 8.0 | |
2020-02-21 | CVE-2020-5534 | NEC | OS Command Injection vulnerability in NEC Aterm Wg2600Hs Firmware 1.3.2 Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. | 8.0 |
2020-02-21 | CVE-2020-5525 | NEC | OS Command Injection vulnerability in NEC products Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen. | 8.0 |
2020-02-21 | CVE-2012-1093 | Debian | Link Following vulnerability in Debian Linux and X11-Common The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation. | 7.8 |
2020-02-21 | CVE-2012-6277 | IBM Symantec HP | Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code." | 7.8 |
2020-02-21 | CVE-2019-19452 | Patriotmemory | Out-of-bounds Write vulnerability in Patriotmemory Viper RGB Driver 1.1 A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. | 7.8 |
2020-02-20 | CVE-2020-8601 | Trendmicro | Uncontrolled Search Path Element vulnerability in Trendmicro vulnerability Protection 2.0 Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory. | 7.8 |
2020-02-20 | CVE-2020-6968 | Honeywell | Improper Privilege Management vulnerability in Honeywell Inncom Inncontrol Firmware 3.0/3.21 Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files. | 7.8 |
2020-02-20 | CVE-2020-3764 | Adobe | Out-of-bounds Write vulnerability in Adobe Media Encoder 13.0.2/13.1/14.0 Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds write vulnerability. | 7.8 |
2020-02-20 | CVE-2019-19741 | EA | Unspecified vulnerability in EA Origin Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. | 7.8 |
2020-02-19 | CVE-2012-0055 | Linux Canonical | Missing Authorization vulnerability in multiple products OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions. | 7.8 |
2020-02-19 | CVE-2020-8959 | Westerndigital | Uncontrolled Search Path Element vulnerability in Westerndigital products Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 allows DLL Hijacking. | 7.8 |
2020-02-19 | CVE-2020-4204 | IBM | Classic Buffer Overflow vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. | 7.8 |
2020-02-18 | CVE-2020-1812 | Huawei | Improper Authentication vulnerability in Huawei P30 Firmware HUAWEI P30 smartphones with versions earlier than 10.0.0.173(C00E73R1P11) have an improper authentication vulnerability. | 7.8 |
2020-02-17 | CVE-2014-1947 | Imagemagick Suse | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030. | 7.8 |
2020-02-17 | CVE-2020-1704 | Redhat | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Service Mesh 1.0/1.0.7 An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. | 7.8 |
2020-02-17 | CVE-2020-9005 | Valvesoftware | Out-of-bounds Write vulnerability in Valvesoftware Dota 2 20200217/7.23E/7.23F meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote attackers to achieve code execution or denial of service by creating a gaming server with a crafted map, and inviting a victim to this server. | 7.8 |
2020-02-23 | CVE-2020-9354 | Smartclient | Path Traversal vulnerability in Smartclient 12.0 An issue was discovered in SmartClient 12.0. | 7.5 |
2020-02-23 | CVE-2020-9353 | Smartclient | Path Traversal vulnerability in Smartclient 12.0 An issue was discovered in SmartClient 12.0. | 7.5 |
2020-02-21 | CVE-2020-9327 | Sqlite Netapp Canonical Siemens Oracle | NULL Pointer Dereference vulnerability in multiple products In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. | 7.5 |
2020-02-21 | CVE-2020-7907 | Jetbrains | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Scala In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections. | 7.5 |
2020-02-21 | CVE-2019-19866 | Atos | Authorization Bypass Through User-Controlled Key vulnerability in Atos Unify Openscape UC web Client 10.0/9.0 Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. | 7.5 |
2020-02-21 | CVE-2020-5243 | UAP Core Project | Unspecified vulnerability in Uap-Core Project Uap-Core uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. | 7.5 |
2020-02-20 | CVE-2019-16302 | Linuxfoundation | Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0 An issue was discovered in Open Network Operating System (ONOS) 1.14. | 7.5 |
2020-02-20 | CVE-2019-16301 | Linuxfoundation | Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0 An issue was discovered in Open Network Operating System (ONOS) 1.14. | 7.5 |
2020-02-20 | CVE-2019-16300 | Linuxfoundation | Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0 An issue was discovered in Open Network Operating System (ONOS) 1.14. | 7.5 |
2020-02-20 | CVE-2019-16299 | Linuxfoundation | Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0 An issue was discovered in Open Network Operating System (ONOS) 1.14. | 7.5 |
2020-02-20 | CVE-2019-16298 | Linuxfoundation | Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0 An issue was discovered in Open Network Operating System (ONOS) 1.14. | 7.5 |
2020-02-20 | CVE-2019-16297 | Linuxfoundation | Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0 An issue was discovered in Open Network Operating System (ONOS) 1.14. | 7.5 |
2020-02-20 | CVE-2019-11189 | Opennetworking | Authentication Bypass by Spoofing vulnerability in Opennetworking Onos Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) in ONOS v2.0 and earlier allows attackers to bypass network access control via data plane packet injection. | 7.5 |
2020-02-20 | CVE-2020-9283 | Golang Debian | Improper Verification of Cryptographic Signature vulnerability in multiple products golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. | 7.5 |
2020-02-20 | CVE-2014-4019 | ZTE | Information Exposure vulnerability in ZTE Zxv10 W300 Firmware W300V1.0.0Azrdlk ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0. | 7.5 |
2020-02-20 | CVE-2015-4411 | Mongodb Fedoraproject | Resource Exhaustion vulnerability in multiple products The Moped::BSON::ObjecId.legal? method in mongodb/bson-ruby before 3.0.4 as used in rubygem-moped allows remote attackers to cause a denial of service (worker resource consumption) via a crafted string. | 7.5 |
2020-02-20 | CVE-2015-4410 | Moped Project Fedoraproject | Improper Input Validation vulnerability in multiple products The Moped::BSON::ObjecId.legal? method in rubygem-moped before commit dd5a7c14b5d2e466f7875d079af71ad19774609b allows remote attackers to cause a denial of service (worker resource consumption) or perform a cross-site scripting (XSS) attack via a crafted string. | 7.5 |
2020-02-20 | CVE-2020-9272 | Proftpd Siemens Opensuse | Out-of-bounds Read vulnerability in multiple products ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function. | 7.5 |
2020-02-20 | CVE-2012-5366 | Apple | Resource Exhaustion vulnerability in Apple mac OS X The IPv6 implementation in Apple Mac OS X (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. | 7.5 |
2020-02-20 | CVE-2012-5365 | Freebsd Netbsd | Resource Exhaustion vulnerability in multiple products The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. | 7.5 |
2020-02-20 | CVE-2012-5364 | Microsoft | Resource Exhaustion vulnerability in Microsoft products The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. | 7.5 |
2020-02-20 | CVE-2012-5363 | Freebsd Netbsd | Resource Exhaustion vulnerability in multiple products The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393. | 7.5 |
2020-02-20 | CVE-2012-5362 | Microsoft | Resource Exhaustion vulnerability in Microsoft products The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669. | 7.5 |
2020-02-19 | CVE-2020-3945 | Vmware | Unspecified vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. | 7.5 |
2020-02-19 | CVE-2020-6062 | Coturn Project Debian Fedoraproject Canonical | NULL Pointer Dereference vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. | 7.5 |
2020-02-19 | CVE-2020-4135 | IBM Netapp | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage. | 7.5 |
2020-02-19 | CVE-2012-6685 | Nokogiri Redhat | XML Entity Expansion vulnerability in multiple products Nokogiri before 1.5.4 is vulnerable to XXE attacks | 7.5 |
2020-02-19 | CVE-2011-2054 | Cisco | Improper Authentication vulnerability in Cisco products A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. | 7.5 |
2020-02-18 | CVE-2018-16994 | Phoenixcontact | Unspecified vulnerability in Phoenixcontact products An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix Contact). | 7.5 |
2020-02-18 | CVE-2020-9268 | Soplanning | SQL Injection vulnerability in Soplanning 1.45 SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring. | 7.5 |
2020-02-18 | CVE-2015-7507 | Netsurf Browser | Out-of-bounds Read vulnerability in Netsurf-Browser Libnsbmp 0.1.2 libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function. | 7.5 |
2020-02-18 | CVE-2020-8011 | Broadcom | NULL Pointer Dereference vulnerability in Broadcom Unified Infrastructure Management CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. | 7.5 |
2020-02-18 | CVE-2020-1816 | Huawei | Unspecified vulnerability in Huawei products Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. | 7.5 |
2020-02-18 | CVE-2020-1815 | Huawei | Memory Leak vulnerability in Huawei products Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. | 7.5 |
2020-02-17 | CVE-2020-1856 | Huawei | Unspecified vulnerability in Huawei products Huawei NGFW Module, NIP6300, NIP6600, Secospace USG6500, Secospace USG6600, and USG9500 versions V500R001C30, V500R001C60, and V500R005C00 have an information leakage vulnerability. | 7.5 |
2020-02-17 | CVE-2020-1841 | Huawei | Unspecified vulnerability in Huawei products Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6500 versions V100R001C00, V500R002C00, and V500R002C00SPC900; and TE60 versions V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00, and V600R019C00SPC100 have an information leak vulnerability. | 7.5 |
2020-02-17 | CVE-2020-1829 | Huawei | Double Free vulnerability in Huawei products Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. | 7.5 |
2020-02-17 | CVE-2020-1827 | Huawei | Improper Resource Shutdown or Release vulnerability in Huawei products Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. | 7.5 |
2020-02-17 | CVE-2020-1858 | Huawei | Unspecified vulnerability in Huawei products Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of service vulnerability. | 7.5 |
2020-02-17 | CVE-2020-1828 | Huawei | Out-of-bounds Read vulnerability in Huawei products Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. | 7.5 |
2020-02-17 | CVE-2019-10790 | Taffydb | Exposure of Resource to Wrong Sphere vulnerability in Taffydb Taffy 2.6.2 taffydb npm module, vulnerable in all versions up to and including 2.7.3, allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. | 7.5 |
2020-02-17 | CVE-2013-3722 | Opensips | Infinite Loop vulnerability in Opensips A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c. | 7.5 |
2020-02-17 | CVE-2020-8795 | Gitlab | Unspecified vulnerability in Gitlab In GitLab Enterprise Edition (EE) 12.5.0 through 12.7.5, sharing a group with a group could grant project access to unauthorized users. | 7.5 |
2020-02-17 | CVE-2020-9034 | Microchip | Unspecified vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices mishandle session validation, leading to unauthenticated creation, modification, or elimination of users. | 7.5 |
2020-02-22 | CVE-2020-9340 | Fauzantrif Election Project | SQL Injection vulnerability in Fauzantrif Election Project Fauzantrif Election 2.0 fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter. | 7.2 |
2020-02-21 | CVE-2020-6842 | Dlink | OS Command Injection vulnerability in Dlink Dch-M225 Firmware 1.05B01 D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name. | 7.2 |
2020-02-20 | CVE-2020-9318 | RED Gate | SQL Injection vulnerability in Red-Gate SQL Monitor Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. | 7.2 |
2020-02-19 | CVE-2012-6614 | Dlink | Missing Authorization vulnerability in Dlink Dsr-250N Firmware D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password. | 7.2 |
2020-02-18 | CVE-2020-9269 | Soplanning | SQL Injection vulnerability in Soplanning 1.45 SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by export_ical.php. | 7.2 |
2020-02-17 | CVE-2019-18998 | Hitachienergy | Authorization Bypass Through User-Controlled Key vulnerability in Hitachienergy Asset Suite 9.0.0/9.5.0/9.6.0 Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. | 7.1 |
2020-02-20 | CVE-2019-14688 | Trendmicro | Uncontrolled Search Path Element vulnerability in Trendmicro products Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. | 7.0 |
2020-02-20 | CVE-2011-0699 | Linux | Out-of-bounds Write vulnerability in Linux Kernel 2.6.37 Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value. | 7.0 |
107 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-20 | CVE-2020-6977 | GE | Unspecified vulnerability in GE products A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affected devices. | 6.8 |
2020-02-18 | CVE-2020-1842 | Huawei | Improper Authentication vulnerability in Huawei products Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. | 6.8 |
2020-02-18 | CVE-2020-1843 | Huawei | Unspecified vulnerability in Huawei products Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. | 6.8 |
2020-02-18 | CVE-2020-1789 | Huawei | Improper Authentication vulnerability in Huawei products Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. | 6.8 |
2020-02-19 | CVE-2020-3138 | Cisco | Improper Verification of Cryptographic Signature vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to install a malicious file when upgrading. | 6.7 |
2020-02-19 | CVE-2020-4230 | IBM | Unspecified vulnerability in IBM DB2 11.1/11.5 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 and 11.5 is vulnerable to an escalation of privilege when an authenticated local attacker with special permissions executes specially crafted Db2 commands. | 6.7 |
2020-02-21 | CVE-2013-4088 | Otrs | Information Exposure vulnerability in Otrs Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism. | 6.5 |
2020-02-21 | CVE-2013-3551 | Otrs | Information Exposure vulnerability in Otrs Kernel/Modules/AgentTicketPhone.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.20, 3.1.x before 3.1.16, and 3.2.x before 3.2.7, and OTRS ITSM 3.0.x before 3.0.8, 3.1.x before 3.1.9, and 3.2.x before 3.2.5 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism. | 6.5 |
2020-02-20 | CVE-2015-2923 | Freebsd | Improper Input Validation vulnerability in Freebsd The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. | 6.5 |
2020-02-19 | CVE-2020-7942 | Puppet | Improper Certificate Validation vulnerability in Puppet and Puppet Agent Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. | 6.5 |
2020-02-19 | CVE-2020-3153 | Cisco | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client 4.8.00175/4.8.01090 A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. | 6.5 |
2020-02-19 | CVE-2019-10797 | Wso2 | Unspecified vulnerability in Wso2 Transport-Http Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled. | 6.5 |
2020-02-19 | CVE-2020-4200 | IBM | Unspecified vulnerability in IBM DB2 10.5/11.1/11.5 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated attacker to send specially crafted commands to cause a denial of service. | 6.5 |
2020-02-19 | CVE-2020-4161 | IBM | Unspecified vulnerability in IBM DB2 11.5 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 could allow an authenticated attacker to cause a denial of service due to incorrect handling of certain commands. | 6.5 |
2020-02-19 | CVE-2019-4457 | IBM | Unspecified vulnerability in IBM Jazz Foundation IBM Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system. | 6.5 |
2020-02-18 | CVE-2020-9271 | Icehrm | Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 26.2.0.Os ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php. | 6.5 |
2020-02-18 | CVE-2020-9267 | Soplanning | Cross-Site Request Forgery (CSRF) vulnerability in Soplanning 1.45 SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajax_server.php. | 6.5 |
2020-02-18 | CVE-2020-9266 | Soplanning | Cross-Site Request Forgery (CSRF) vulnerability in Soplanning 1.45 SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajax_server.php. | 6.5 |
2020-02-18 | CVE-2013-4226 | Drupal | Missing Authorization vulnerability in Drupal Authenticated User Page Caching The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser. | 6.5 |
2020-02-18 | CVE-2015-7506 | Netsurf Browser | Out-of-bounds Read vulnerability in Netsurf-Browser Libnsgif 0.1.2 The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file. | 6.5 |
2020-02-17 | CVE-2020-1853 | Huawei | Path Traversal vulnerability in Huawei Gaussdb 200 6.5.1 GaussDB 200 with version of 6.5.1 have a path traversal vulnerability. | 6.5 |
2020-02-17 | CVE-2020-1692 | Moodle | Unspecified vulnerability in Moodle Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course. | 6.5 |
2020-02-17 | CVE-2020-9033 | Microchip | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to authlog.php. | 6.5 |
2020-02-17 | CVE-2020-9032 | Microchip | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to kernlog.php. | 6.5 |
2020-02-17 | CVE-2020-9031 | Microchip | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php. | 6.5 |
2020-02-17 | CVE-2020-9030 | Microchip | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to the syslog.php. | 6.5 |
2020-02-17 | CVE-2020-9029 | Microchip | Path Traversal vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php. | 6.5 |
2020-02-18 | CVE-2019-10795 | Undefsafe Project | Injection vulnerability in Undefsafe Project Undefsafe undefsafe before 2.0.3 is vulnerable to Prototype Pollution. | 6.3 |
2020-02-18 | CVE-2019-10794 | Component Flatten Project | Injection vulnerability in Component-Flatten Project Component-Flatten All versions of component-flatten are vulnerable to Prototype Pollution. | 6.3 |
2020-02-18 | CVE-2019-10793 | DOT Object Project | Injection vulnerability in Dot-Object Project Dot-Object dot-object before 2.1.3 is vulnerable to Prototype Pollution. | 6.3 |
2020-02-18 | CVE-2019-10792 | Bodymen Project | Injection vulnerability in Bodymen Project Bodymen bodymen before 1.1.1 is vulnerable to Prototype Pollution. | 6.3 |
2020-02-21 | CVE-2019-19865 | Atos | Cross-site Scripting vulnerability in Atos Unify Openscape UC web Client 1.0 Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS. | 6.1 |
2020-02-21 | CVE-2020-5533 | NEC | Cross-site Scripting vulnerability in NEC Aterm Wg2600Hs Firmware 1.3.2 Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2020-02-20 | CVE-2020-8960 | Westerndigital | Cross-site Scripting vulnerability in Westerndigital Mycloud.Com Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS. | 6.1 |
2020-02-20 | CVE-2012-3351 | Longtailvideo | Cross-site Scripting vulnerability in Longtailvideo JW Player Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript. | 6.1 |
2020-02-20 | CVE-2019-20479 | Openidc Debian Fedoraproject Opensuse | Open Redirect vulnerability in multiple products A flaw was found in mod_auth_openidc before version 2.4.1. | 6.1 |
2020-02-19 | CVE-2014-9617 | Netsweeper | Open Redirect vulnerability in Netsweeper Open redirect vulnerability in remotereporter/load_logfiles.php in Netsweeper before 4.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | 6.1 |
2020-02-19 | CVE-2020-3159 | Cisco | Cross-site Scripting vulnerability in Cisco Finesse A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 6.1 |
2020-02-19 | CVE-2020-3156 | Cisco | Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.6.0/2.7 A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks. | 6.1 |
2020-02-19 | CVE-2014-9615 | Netsweeper | Cross-site Scripting vulnerability in Netsweeper 4.0.4 Cross-site scripting (XSS) vulnerability in Netsweeper 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the url parameter to webadmin/deny/index.php. | 6.1 |
2020-02-19 | CVE-2014-9608 | Netsweeper | Cross-site Scripting vulnerability in Netsweeper Cross-site scripting (XSS) vulnerability in webadmin/policy/group_table_ajax.php/ in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | 6.1 |
2020-02-19 | CVE-2014-9607 | Netsweeper | Cross-site Scripting vulnerability in Netsweeper 4.0.3/4.0.4 Cross-site scripting (XSS) vulnerability in remotereporter/load_logfiles.php in Netsweeper 4.0.3 and 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | 6.1 |
2020-02-19 | CVE-2014-9606 | Netsweeper | Cross-site Scripting vulnerability in Netsweeper Multiple cross-site scripting (XSS) vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) server parameter to remotereporter/load_logfiles.php, (2) customctid parameter to webadmin/policy/category_table_ajax.php, (3) urllist parameter to webadmin/alert/alert.php, (4) QUERY_STRING to webadmin/ajaxfilemanager/ajax_get_file_listing.php, or (5) PATH_INFO to webadmin/policy/policy_table_ajax.php/. | 6.1 |
2020-02-19 | CVE-2015-0749 | Cisco | Cross-site Scripting vulnerability in Cisco Unified Communications Manager A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on the affected software. | 6.1 |
2020-02-18 | CVE-2013-2679 | Belkin | Cross-site Scripting vulnerability in Belkin Linksys E4200 Firmware 1.0.05 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) ping_ip, (3) ping_size, (4) submit_type, or (5) traceroute_ip parameter to apply.cgi or (6) new_workgroup or (7) submit_button parameter to storage/apply.cgi. | 6.1 |
2020-02-18 | CVE-2020-6845 | Topmanage | Cross-site Scripting vulnerability in Topmanage OLK Webstore 2020 An issue was discovered in TopManage OLK 2020. | 6.1 |
2020-02-18 | CVE-2020-1855 | Huawei | Unspecified vulnerability in Huawei products Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. | 6.1 |
2020-02-17 | CVE-2019-19325 | Silverstripe | Cross-site Scripting vulnerability in Silverstripe SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows Reflected XSS on the login form and custom forms. | 6.1 |
2020-02-17 | CVE-2015-5216 | Ipsilon Project | Cross-site Scripting vulnerability in Ipsilon-Project Ipsilon The Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly escape certain characters in a Python exception-message template, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via an HTTP response. | 6.1 |
2020-02-17 | CVE-2015-5215 | Ipsilon Project | Cross-site Scripting vulnerability in Ipsilon-Project Ipsilon The default configuration of the Jinja templating engine used in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not enable auto-escaping, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via template variables. | 6.1 |
2020-02-17 | CVE-2020-6850 | Miniorange | Cross-site Scripting vulnerability in Miniorange Saml SP Single Sign on Utilities.php in the miniorange-saml-20-single-sign-on plugin before 4.8.84 for WordPress allows XSS via a crafted SAML XML Response to wp-login.php. | 6.1 |
2020-02-17 | CVE-2020-9028 | Microchip | Cross-site Scripting vulnerability in Microchip products Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenance" screen (when creating a new user). | 6.1 |
2020-02-17 | CVE-2020-9025 | Iteris | Cross-site Scripting vulnerability in Iteris Vantage Velocity Firmware 2.4.2 Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script. | 6.1 |
2020-02-17 | CVE-2020-9022 | Cambiumnetworks | Cross-site Scripting vulnerability in Cambiumnetworks products An issue was discovered on Xirrus XR520, XR620, XR2436, and XH2-120 devices. | 6.1 |
2020-02-21 | CVE-2020-9329 | Gogs | Race Condition vulnerability in Gogs Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an internal/db/repo.go race condition. | 5.9 |
2020-02-21 | CVE-2013-3587 | F5 | Information Exposure vulnerability in F5 products The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929. | 5.9 |
2020-02-19 | CVE-2020-3163 | Cisco | Race Condition vulnerability in Cisco Unified Contact Center Enterprise A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.9 |
2020-02-19 | CVE-2020-3132 | Cisco | Resource Exhaustion vulnerability in Cisco Cloud Email Security and Email Security Appliance A vulnerability in the email message scanning feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a temporary denial of service (DoS) condition on an affected device. | 5.9 |
2020-02-22 | CVE-2020-9342 | F Secure | Interpretation Conflict vulnerability in F-Secure products The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. | 5.5 |
2020-02-21 | CVE-2012-0844 | Netsurf Browser Debian | Information Exposure vulnerability in multiple products Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar. | 5.5 |
2020-02-20 | CVE-2020-9320 | Avira | Unrestricted Upload of File with Dangerous Type vulnerability in Avira products Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. | 5.5 |
2020-02-20 | CVE-2011-4915 | Linux Canonical Debian | Information Exposure vulnerability in multiple products fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts. | 5.5 |
2020-02-20 | CVE-2014-4659 | Redhat | Insufficiently Protected Credentials vulnerability in Redhat Ansible Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format. | 5.5 |
2020-02-20 | CVE-2014-4658 | Redhat | Information Exposure vulnerability in Redhat Ansible The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file. | 5.5 |
2020-02-20 | CVE-2011-2498 | Linux Canonical | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages. | 5.5 |
2020-02-20 | CVE-2014-4660 | Redhat | Insufficiently Protected Credentials vulnerability in Redhat Ansible Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb http://user:pass@server:port/" format. | 5.5 |
2020-02-20 | CVE-2016-3182 | Uclouvain | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG before 2.1.1 allows attackers to cause a denial of service (memory corruption) via a crafted jpeg 2000 file. | 5.5 |
2020-02-18 | CVE-2020-9264 | Eset | Interpretation Conflict vulnerability in Eset products ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. | 5.5 |
2020-02-17 | CVE-2020-1857 | Huawei | Unspecified vulnerability in Huawei products Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. | 5.5 |
2020-02-17 | CVE-2020-7252 | Mcafee | Unquoted Search Path or Element vulnerability in Mcafee Data Exchange Layer Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer (DXL) Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files. | 5.5 |
2020-02-23 | CVE-2020-9350 | SAS | Cross-site Scripting vulnerability in SAS Visual Analytics 8.5 Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly. | 5.4 |
2020-02-22 | CVE-2020-9339 | Soplanning | Cross-site Scripting vulnerability in Soplanning 1.45 SOPlanning 1.45 allows XSS via the Name or Comment to status.php. | 5.4 |
2020-02-22 | CVE-2020-9338 | Soplanning | Cross-site Scripting vulnerability in Soplanning 1.45 SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field. | 5.4 |
2020-02-22 | CVE-2020-9336 | Fauzantrif Election Project | Cross-site Scripting vulnerability in Fauzantrif Election Project Fauzantrif Election 2.0 fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings -> Election -> "message if election is closed" field. | 5.4 |
2020-02-20 | CVE-2020-9003 | Machothemes | Cross-site Scripting vulnerability in Machothemes Modula Image Gallery A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. | 5.4 |
2020-02-19 | CVE-2020-3113 | Cisco | Cross-site Scripting vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 5.4 |
2020-02-19 | CVE-2019-17333 | Tibco | Cross-site Scripting vulnerability in Tibco EBX The Web server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. | 5.4 |
2020-02-19 | CVE-2020-8824 | Hitrontech | Cross-site Scripting vulnerability in Hitrontech Coda-4582U Firmware 7.1.1.30 Hitron CODA-4582U 7.1.1.30 devices allow XSS via a Managed Device name on the Wireless > Access Control > Add Managed Device screen. | 5.4 |
2020-02-19 | CVE-2019-4429 | IBM | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. | 5.4 |
2020-02-18 | CVE-2012-0718 | IBM | Unspecified vulnerability in IBM Tivoli Endpoint Manager 8.0 IBM Tivoli Endpoint Manager 8 does not set the HttpOnly flag on cookies. | 5.4 |
2020-02-17 | CVE-2019-12954 | Solarwinds | Cross-site Scripting vulnerability in Solarwinds products SolarWinds Network Performance Monitor (Orion Platform 2018, NPM 12.3, NetPath 1.1.3) allows XSS by authenticated users via a crafted onerror attribute of a VIDEO element in an action for an ALERT. | 5.4 |
2020-02-17 | CVE-2020-9038 | Joplin Project | Cross-site Scripting vulnerability in Joplin Project Joplin Joplin through 1.0.184 allows Arbitrary File Read via XSS. | 5.4 |
2020-02-23 | CVE-2020-9351 | Smartclient | Information Exposure Through an Error Message vulnerability in Smartclient 12.0 An issue was discovered in SmartClient 12.0. | 5.3 |
2020-02-21 | CVE-2020-5326 | Dell | Missing Authentication for Critical Function vulnerability in Dell products Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. | 5.3 |
2020-02-19 | CVE-2020-3160 | Cisco | Improper Input Validation vulnerability in Cisco Meeting Server A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for users of XMPP conferencing applications. | 5.3 |
2020-02-19 | CVE-2014-9609 | Netsweeper | Path Traversal vulnerability in Netsweeper Directory traversal vulnerability in webadmin/reporter/view_server_log.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to list directory contents via a .. | 5.3 |
2020-02-19 | CVE-2016-1000109 | Improper Initialization vulnerability in Facebook Hhvm HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. | 5.3 | |
2020-02-18 | CVE-2020-8633 | Synacor | Improper Preservation of Permissions vulnerability in Synacor Zimbra Collaboration Suite An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. | 5.3 |
2020-02-18 | CVE-2020-1814 | Huawei | Race Condition vulnerability in Huawei products Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. | 5.3 |
2020-02-18 | CVE-2020-1830 | Huawei | Out-of-bounds Read vulnerability in Huawei products Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. | 5.3 |
2020-02-17 | CVE-2020-7959 | Labvantage | Information Exposure Through Discrepancy vulnerability in Labvantage 8.3 LabVantage LIMS 8.3 does not properly maintain the confidentiality of database names. | 5.3 |
2020-02-17 | CVE-2013-7324 | Webkitgtk | Injection vulnerability in Webkitgtk Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. | 5.3 |
2020-02-21 | CVE-2019-18846 | Open Xchange | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.2 allows SSRF. | 5.0 |
2020-02-19 | CVE-2020-3154 | Cisco | SQL Injection vulnerability in Cisco Cloud web Security 5.2(0) A vulnerability in the web UI of Cisco Cloud Web Security (CWS) could allow an authenticated, remote attacker to execute arbitrary SQL queries. | 4.9 |
2020-02-17 | CVE-2015-4715 | Owncloud | Files or Directories Accessible to External Parties vulnerability in Owncloud The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server before 6.0.8, 7.x before 7.0.6, and 8.x before 8.0.4 when an external Dropbox storage has been mounted, allows remote administrators of Dropbox.com to read arbitrary files via an @ (at sign) character in unspecified POST values. | 4.9 |
2020-02-19 | CVE-2012-1932 | Wolfcms | Cross-site Scripting vulnerability in Wolfcms Wolf CMS A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting. | 4.8 |
2020-02-20 | CVE-2019-19694 | Trendmicro | Unspecified vulnerability in Trendmicro products The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or the entire product completely.. | 4.7 |
2020-02-20 | CVE-2014-7951 | Path Traversal vulnerability in Google Android 4.0.4 Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a .. | 4.6 | |
2020-02-18 | CVE-2020-1872 | Huawei | Unspecified vulnerability in Huawei P10 Plus Firmware Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E2R1P9T8), earlier than 9.1.0.252(C432E4R1P9T8), and earlier than 9.1.0.255(C576E6R1P8T8) have a digital balance bypass vulnerability. | 4.6 |
2020-02-18 | CVE-2020-1882 | Huawei | Unspecified vulnerability in Huawei products Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper authorization vulnerability. | 4.6 |
2020-02-21 | CVE-2020-5324 | Dell | Link Following vulnerability in Dell products Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. | 4.4 |
2020-02-20 | CVE-2019-4583 | IBM | Information Exposure Through an Error Message vulnerability in IBM Maximo Asset Management 7.6.0.10/7.6.1.1 IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. | 4.3 |
2020-02-19 | CVE-2019-12246 | Silverstripe | Cross-Site Request Forgery (CSRF) vulnerability in Silverstripe SilverStripe through 4.3.3 allows a Denial of Service on flush and development URL tools. | 4.3 |
2020-02-18 | CVE-2013-4228 | Organic Groups Project | Incorrect Authorization vulnerability in Organic Groups Project Organic Groups 7.X2.0/7.X2.1/7.X2.2 The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to guess node IDs, subscribe to, and read the content of arbitrary private groups via unspecified vectors. | 4.3 |
2020-02-18 | CVE-2013-5594 | Mozilla | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding | 4.3 |
2020-02-17 | CVE-2019-20474 | Zohocorp | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Remote Access Plus 10.0.447 An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. | 4.3 |
2020-02-17 | CVE-2019-12825 | Gitlab | Insecure Storage of Sensitive Information vulnerability in Gitlab Unauthorized Access to the Container Registry of other groups was discovered in GitLab Enterprise 12.0.0-pre. | 4.3 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-19 | CVE-2015-9543 | Openstack | Information Exposure vulnerability in Openstack Nova An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. | 3.3 |
2020-02-18 | CVE-2019-15875 | Freebsd | Improper Initialization vulnerability in Freebsd 11.3/12.0/12.1 In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump files may contain up to 20 bytes of kernel data previously stored on the stack. | 3.3 |
2020-02-18 | CVE-2020-1791 | Huawei | Unspecified vulnerability in Huawei Mate 20 Firmware HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. | 2.4 |