Weekly Vulnerabilities Reports > February 24 to March 1, 2020
Overview
238 new vulnerabilities reported during this period, including 37 critical vulnerabilities and 111 high severity vulnerabilities. This weekly summary report vulnerabilities in 225 products from 105 vendors including Apple, Fedoraproject, Debian, Opensuse, and IBM. Vulnerabilities are notably categorized as "OS Command Injection", "Cross-site Scripting", "Out-of-bounds Write", "Out-of-bounds Read", and "Improper Input Validation".
- 176 reported vulnerabilities are remotely exploitables.
- 10 reported vulnerabilities have public exploit available.
- 82 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 163 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 45 reported vulnerabilities.
- IBM has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
37 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-25 | CVE-2015-0565 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Native Client 2015 NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. | 10.0 | |
2020-02-25 | CVE-2019-5138 | Moxa | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. | 9.9 |
2020-02-28 | CVE-2019-10804 | Serial Number Project | OS Command Injection vulnerability in Serial-Number Project Serial-Number serial-number through 1.3.0 allows execution of arbritary commands. | 9.8 |
2020-02-28 | CVE-2019-10803 | Push DIR Project | OS Command Injection vulnerability in Push-Dir Project Push-Dir push-dir through 0.4.1 allows execution of arbritary commands. | 9.8 |
2020-02-28 | CVE-2019-10802 | Mangoraft | OS Command Injection vulnerability in Mangoraft Giting giting version prior to 0.0.8 allows execution of arbritary commands. | 9.8 |
2020-02-28 | CVE-2019-10801 | Enpeem Project | OS Command Injection vulnerability in Enpeem Project Enpeem enpeem through 2.2.0 allows execution of arbitrary commands. | 9.8 |
2020-02-28 | CVE-2020-9465 | Eyesofnetwork | SQL Injection vulnerability in Eyesofnetwork An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. | 9.8 |
2020-02-28 | CVE-2020-8132 | PDF Image Project | Improper Input Validation vulnerability in Pdf-Image Project Pdf-Image Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input. | 9.8 |
2020-02-28 | CVE-2019-15609 | Kill Port Process Project | OS Command Injection vulnerability in Kill-Port-Process Project Kill-Port-Process The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability. | 9.8 |
2020-02-27 | CVE-2020-3924 | Tonnet | Command Injection vulnerability in Tonnet products DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. | 9.8 |
2020-02-27 | CVE-2020-3923 | Tonnet | Improper Authentication vulnerability in Tonnet products DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, contain misconfigured authentication mechanism. | 9.8 |
2020-02-26 | CVE-2019-17275 | Netapp | Unspecified vulnerability in Netapp Oncommand Cloud Manager OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers. | 9.8 |
2020-02-26 | CVE-2019-19994 | Seling | OS Command Injection vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 9.8 |
2020-02-26 | CVE-2020-9406 | Iblsoft | Code Injection vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service. | 9.8 |
2020-02-25 | CVE-2020-9398 | Ispconfig | SQL Injection vulnerability in Ispconfig ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection. | 9.8 |
2020-02-25 | CVE-2016-11020 | Kunena | Unrestricted Upload of File with Dangerous Type vulnerability in Kunena Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. | 9.8 |
2020-02-25 | CVE-2020-8794 | Opensmtpd Canonical Fedoraproject Debian | Out-of-bounds Read vulnerability in multiple products OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. | 9.8 |
2020-02-24 | CVE-2020-1938 | Apache Fedoraproject Oracle Debian Opensuse Blackberry Netapp | When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. | 9.8 |
2020-02-24 | CVE-2020-9374 | TP Link | OS Command Injection vulnerability in Tp-Link Tl-Wr849N Firmware 0.9.14.16 On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature. | 9.8 |
2020-02-24 | CVE-2019-12511 | Netgear | OS Command Injection vulnerability in Netgear Nighthawk X10-R9000 Firmware 1.0.4.24 In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. | 9.8 |
2020-02-24 | CVE-2018-14705 | Drobo | Improper Authentication vulnerability in Drobo 5N2 Firmware 4.0.5 In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. | 9.8 |
2020-02-24 | CVE-2019-10796 | RPI Project | OS Command Injection vulnerability in RPI Project RPI 0.0.1/0.0.2/0.0.3 rpi through 0.0.3 allows execution of arbritary commands. | 9.8 |
2020-02-24 | CVE-2020-9366 | GNU | Out-of-bounds Write vulnerability in GNU Screen A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. | 9.8 |
2020-02-24 | CVE-2020-4222 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |
2020-02-24 | CVE-2020-4213 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |
2020-02-24 | CVE-2020-4212 | IBM | Improper Input Validation vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |
2020-02-24 | CVE-2020-4211 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |
2020-02-24 | CVE-2020-4210 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |
2020-02-24 | CVE-2019-20481 | Miele | Improper Authentication vulnerability in Miele XGW 3000 Zigbee Gateway Firmware In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. | 9.8 |
2020-02-24 | CVE-2019-18183 | Pacman Project Fedoraproject | OS Command Injection vulnerability in multiple products pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. | 9.8 |
2020-02-24 | CVE-2019-18182 | Pacman Project Fedoraproject | OS Command Injection vulnerability in multiple products pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function. | 9.8 |
2020-02-27 | CVE-2020-9434 | LUA Openssl Project | Improper Certificate Validation vulnerability in Lua-Openssl Project Lua-Openssl 0.7.71 openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values. | 9.1 |
2020-02-27 | CVE-2020-9433 | LUA Openssl Project | Improper Certificate Validation vulnerability in Lua-Openssl Project Lua-Openssl 0.7.71 openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values. | 9.1 |
2020-02-27 | CVE-2020-9432 | LUA Openssl Project | Improper Certificate Validation vulnerability in Lua-Openssl Project Lua-Openssl 0.7.71 openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values. | 9.1 |
2020-02-27 | CVE-2020-7061 | PHP Tenable | Out-of-bounds Read vulnerability in multiple products In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. | 9.1 |
2020-02-27 | CVE-2020-7043 | Openfortivpn Project Fedoraproject Opensuse | Improper Certificate Validation vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. | 9.1 |
2020-02-24 | CVE-2019-12510 | Netgear | Insufficient Verification of Data Authenticity vulnerability in Netgear Nighthawk X10-R9000 Firmware 1.0.4.24 In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API ("/soap/server_sa") by supplying a malicious X-Forwarded-For header of the device's LAN IP address (192.168.1.1) in every request. | 9.1 |
111 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-28 | CVE-2020-9449 | Justblab | Use of Insufficiently Random Values vulnerability in Justblab products An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS (client), and BlaB! WS Pro (client) version 19.11 allows an attacker (with a guest or user session cookie) to escalate privileges by retrieving the cookie salt value and creating a valid session cookie for an arbitrary user or admin. | 8.8 |
2020-02-28 | CVE-2020-9463 | Centreon | OS Command Injection vulnerability in Centreon 19.10 Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request. | 8.8 |
2020-02-27 | CVE-2020-6418 | Google Fedoraproject Redhat Debian | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-02-27 | CVE-2020-6407 | Out-of-bounds Write vulnerability in Google Chrome Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2020-02-27 | CVE-2020-6386 | Google Fedoraproject Redhat Debian | Use After Free vulnerability in multiple products Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-02-27 | CVE-2020-6384 | Google Fedoraproject Redhat Debian | Use After Free vulnerability in multiple products Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-02-27 | CVE-2020-6383 | Google Fedoraproject Redhat Debian | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-02-27 | CVE-2020-3868 | Apple Opensuse | Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. | 8.8 |
2020-02-27 | CVE-2020-3865 | Apple Opensuse | Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. | 8.8 |
2020-02-27 | CVE-2020-3846 | Apple | Improper Input Validation vulnerability in Apple products A buffer overflow was addressed with improved size validation. | 8.8 |
2020-02-27 | CVE-2020-3843 | Apple | Out-of-bounds Write vulnerability in Apple Iphone OS and Watchos A memory corruption issue was addressed with improved input validation. | 8.8 |
2020-02-27 | CVE-2020-3825 | Apple | Out-of-bounds Write vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. | 8.8 |
2020-02-27 | CVE-2020-5402 | Cloudfoundry | Cross-Site Request Forgery (CSRF) vulnerability in Cloudfoundry Cf-Deployment In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers. | 8.8 |
2020-02-27 | CVE-2015-5686 | Puppet | Improper Restriction of Rendered UI Layers or Frames vulnerability in Puppet Enterprise Parts of the Puppet Enterprise Console 3.x were found to be susceptible to clickjacking and CSRF (Cross-Site Request Forgery) attacks. | 8.8 |
2020-02-26 | CVE-2020-3172 | Cisco | Improper Input Validation vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. | 8.8 |
2020-02-26 | CVE-2019-19988 | Seling | Out-of-bounds Write vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 8.8 |
2020-02-25 | CVE-2020-9394 | Supsystic | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Pricing Table BY Supsystic 1.8.0/1.8.1 An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. | 8.8 |
2020-02-25 | CVE-2019-5162 | Moxa | Unspecified vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
2020-02-25 | CVE-2019-5153 | Moxa | Out-of-bounds Write vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
2020-02-25 | CVE-2019-5143 | Moxa | Use of Externally-Controlled Format String vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
2020-02-25 | CVE-2019-5141 | Moxa | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
2020-02-25 | CVE-2019-5140 | Moxa | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
2020-02-25 | CVE-2019-5136 | Moxa | Unspecified vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
2020-02-24 | CVE-2020-1937 | Apache | SQL Injection vulnerability in Apache Kylin Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries. | 8.8 |
2020-02-24 | CVE-2020-5245 | Dropwizard Oracle | Injection vulnerability in multiple products Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2. | 8.8 |
2020-02-24 | CVE-2020-5187 | Dnnsoftware | Path Traversal vulnerability in Dnnsoftware Dotnetnuke DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2). | 8.8 |
2020-02-24 | CVE-2019-20480 | Miele | Cross-Site Request Forgery (CSRF) vulnerability in Miele XGW 3000 Zigbee Gateway Firmware In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website visited by an authenticated admin user or a malicious mail is allowed to make arbitrary changes in the "admin panel" because there is no CSRF protection. | 8.8 |
2020-02-24 | CVE-2019-15299 | Centreon | Improper Authentication vulnerability in Centreon web An issue was discovered in Centreon Web through 19.04.3. | 8.8 |
2020-02-28 | CVE-2019-7007 | Avaya | Path Traversal vulnerability in Avaya Aura Conferencing 9.0/9.1.9.0 A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. | 8.6 |
2020-02-26 | CVE-2020-3175 | Cisco | Resource Exhaustion vulnerability in Cisco Nx-Os 6.2(1) A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
2020-02-28 | CVE-2019-4301 | Hcltech | Unspecified vulnerability in Hcltech Self-Service Application 3.0.0 BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML. | 8.4 |
2020-02-26 | CVE-2020-3165 | Cisco | Use of Hard-coded Credentials vulnerability in Cisco Nx-Os A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. | 8.2 |
2020-02-24 | CVE-2019-10799 | Compile Sass Project | OS Command Injection vulnerability in Compile-Sass Project Compile-Sass compile-sass prior to 1.0.5 allows execution of arbritary commands. | 8.2 |
2020-02-27 | CVE-2017-6363 | Libgd | Out-of-bounds Read vulnerability in Libgd In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. | 8.1 |
2020-02-25 | CVE-2020-8810 | Gurux | Path Traversal vulnerability in Gurux Device Language Message Specification Director 8.0.7/8.2.2002.1201/8.5.1803.0601 An issue was discovered in Gurux GXDLMS Director through 8.5.1905.1301. | 8.1 |
2020-02-25 | CVE-2020-8809 | Gurux | Download of Code Without Integrity Check vulnerability in Gurux Device Language Message Specification Director 8.0.7/8.2.2002.1201/8.5.1803.0601 Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. | 8.1 |
2020-02-25 | CVE-2020-8819 | Cardgate | Origin Validation Error vulnerability in Cardgate Payments An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. | 8.1 |
2020-02-25 | CVE-2020-8818 | Cardgate Adobe | Origin Validation Error vulnerability in multiple products An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. | 8.1 |
2020-02-25 | CVE-2020-9017 | Litecart | Improper Neutralization of Formula Elements in a CSV File vulnerability in Litecart LiteCart through 2.2.1 allows CSV injection via a customer's profile. | 8.0 |
2020-02-28 | CVE-2020-1844 | Huawei | Unspecified vulnerability in Huawei Pcmanager 10.0.1.36/9.0.1.50/9.1.3.1 PCManager with versions earlier than 10.0.5.51 have a privilege escalation vulnerability in Huawei PCManager products. | 7.8 |
2020-02-28 | CVE-2020-9442 | Openvpn | Improper Preservation of Permissions vulnerability in Openvpn Connect OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. | 7.8 |
2020-02-27 | CVE-2020-3878 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 7.8 |
2020-02-27 | CVE-2020-3871 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved memory handling. | 7.8 |
2020-02-27 | CVE-2020-3870 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 7.8 |
2020-02-27 | CVE-2020-3860 | Apple | Out-of-bounds Write vulnerability in Apple Iphone OS A memory corruption issue was addressed with improved input validation. | 7.8 |
2020-02-27 | CVE-2020-3858 | Apple | Out-of-bounds Write vulnerability in Apple Iphone OS A memory corruption issue was addressed with improved memory handling. | 7.8 |
2020-02-27 | CVE-2020-3857 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved memory handling. | 7.8 |
2020-02-27 | CVE-2020-3856 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved input validation. | 7.8 |
2020-02-27 | CVE-2020-3854 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved memory handling. | 7.8 |
2020-02-27 | CVE-2020-3853 | Apple | Type Confusion vulnerability in Apple products A type confusion issue was addressed with improved memory handling. | 7.8 |
2020-02-27 | CVE-2020-3845 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved memory handling. | 7.8 |
2020-02-27 | CVE-2020-3842 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved memory handling. | 7.8 |
2020-02-27 | CVE-2020-3840 | Apple | Off-by-one Error vulnerability in Apple products An off by one issue existed in the handling of racoon configuration files. | 7.8 |
2020-02-27 | CVE-2020-3838 | Apple | Incorrect Default Permissions vulnerability in Apple products The issue was addressed with improved permissions logic. | 7.8 |
2020-02-27 | CVE-2020-3837 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved memory handling. | 7.8 |
2020-02-27 | CVE-2020-3834 | Apple | Out-of-bounds Write vulnerability in Apple Watchos A memory corruption issue was addressed with improved state management. | 7.8 |
2020-02-27 | CVE-2020-3829 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved bounds checking. | 7.8 |
2020-02-27 | CVE-2020-3827 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. | 7.8 |
2020-02-27 | CVE-2020-3826 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 7.8 |
2020-02-26 | CVE-2019-17274 | Netapp | Insecure Default Initialization of Resource vulnerability in Netapp products NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access. | 7.8 |
2020-02-26 | CVE-2020-3173 | Cisco | OS Command Injection vulnerability in Cisco UCS Manager A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. | 7.8 |
2020-02-26 | CVE-2020-3171 | Cisco | OS Command Injection vulnerability in Cisco Fxos and UCS Manager A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. | 7.8 |
2020-02-26 | CVE-2020-3167 | Cisco | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). | 7.8 |
2020-02-25 | CVE-2019-4000 | Druva | Code Injection vulnerability in Druva Insync 6.5.0 Improper neutralization of directives in dynamically evaluated code in Druva inSync Mac OS Client 6.5.0 allows a local, authenticated attacker to execute arbitrary Python expressions with root privileges. | 7.8 |
2020-02-25 | CVE-2019-3999 | Druva | OS Command Injection vulnerability in Druva Insync Client 6.5.0 Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges. | 7.8 |
2020-02-24 | CVE-2020-9363 | Sophos | Interpretation Conflict vulnerability in Sophos products The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. | 7.8 |
2020-02-24 | CVE-2020-9362 | Quickheal | Interpretation Conflict vulnerability in Quickheal products The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. | 7.8 |
2020-02-24 | CVE-2019-20044 | ZSH Fedoraproject Debian Apple | Improper Check for Dropped Privileges vulnerability in multiple products In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. | 7.8 |
2020-02-28 | CVE-2019-10805 | Sideralis | Exposure of Resource to Wrong Sphere vulnerability in Sideralis Valib.Js 2.0.0 valib through 2.0.0 allows Internal Property Tampering. | 7.5 |
2020-02-28 | CVE-2018-21035 | QT | Allocation of Resources Without Limits or Throttling vulnerability in QT In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. | 7.5 |
2020-02-28 | CVE-2019-19943 | Pablosoftwaresolutions | Double Free vulnerability in Pablosoftwaresolutions Quick 'N Easy web Server 3.3.8 The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. | 7.5 |
2020-02-28 | CVE-2020-1881 | Huawei | Unspecified vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. | 7.5 |
2020-02-28 | CVE-2020-1876 | Huawei | Out-of-bounds Write vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. | 7.5 |
2020-02-28 | CVE-2020-1873 | Huawei | Out-of-bounds Read vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. | 7.5 |
2020-02-28 | CVE-2020-1860 | Huawei | Unspecified vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. | 7.5 |
2020-02-28 | CVE-2020-5247 | Ruby Lang Puma Debian Fedoraproject | In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. | 7.5 |
2020-02-28 | CVE-2019-10064 | W1 FI Debian | Insufficient Entropy vulnerability in multiple products hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. | 7.5 |
2020-02-28 | CVE-2019-8741 | Apple | Infinite Loop vulnerability in Apple products A denial of service issue was addressed with improved input validation. | 7.5 |
2020-02-27 | CVE-2020-9431 | Wireshark Opensuse Fedoraproject Debian | Memory Leak vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. | 7.5 |
2020-02-27 | CVE-2020-9430 | Wireshark Fedoraproject Opensuse Debian | Improper Input Validation vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. | 7.5 |
2020-02-27 | CVE-2020-9429 | Wireshark Opensuse | NULL Pointer Dereference vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. | 7.5 |
2020-02-27 | CVE-2020-9428 | Wireshark Debian Fedoraproject Opensuse | Out-of-bounds Read vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. | 7.5 |
2020-02-27 | CVE-2020-7062 | PHP Opensuse Debian Canonical | NULL Pointer Dereference vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash. | 7.5 |
2020-02-27 | CVE-2020-3877 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X and Watchos An out-of-bounds read was addressed with improved input validation. | 7.5 |
2020-02-27 | CVE-2017-6371 | Synchro | Unspecified vulnerability in Synchro BBS 3.16C Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header. | 7.5 |
2020-02-26 | CVE-2019-18238 | Moxa | Cleartext Storage of Sensitive Information vulnerability in Moxa products In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account. | 7.5 |
2020-02-26 | CVE-2020-3168 | Cisco | Resource Exhaustion vulnerability in Cisco Nx-Os 5.2(1)Sv3(4.1A) A vulnerability in the Secure Login Enhancements capability of Cisco Nexus 1000V Switch for VMware vSphere could allow an unauthenticated, remote attacker to cause an affected Nexus 1000V Virtual Supervisor Module (VSM) to become inaccessible to users through the CLI. | 7.5 |
2020-02-26 | CVE-2020-9274 | Pureftpd Debian Fedoraproject Canonical | Access of Uninitialized Pointer vulnerability in multiple products An issue was discovered in Pure-FTPd 1.0.49. | 7.5 |
2020-02-26 | CVE-2019-19989 | Seling | Missing Authorization vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 7.5 |
2020-02-26 | CVE-2019-19986 | Seling | SQL Injection vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 7.5 |
2020-02-25 | CVE-2015-5201 | Redhat | Missing Authentication for Critical Function vulnerability in Redhat products VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors. | 7.5 |
2020-02-25 | CVE-2019-5148 | Moxa | Integer Underflow (Wrap or Wraparound) vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. | 7.5 |
2020-02-25 | CVE-2019-5137 | Moxa | Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13 The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13. | 7.5 |
2020-02-25 | CVE-2019-4557 | IBM | Inadequate Encryption Strength vulnerability in IBM Qradar Advisor 1.1/2.5.0 IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2020-02-25 | CVE-2020-9385 | Zint | NULL Pointer Dereference vulnerability in Zint 2.7.1 A NULL Pointer Dereference exists in libzint in Zint 2.7.1 because multiple + characters are mishandled in add_on in upcean.c, when called from eanx in upcean.c during EAN barcode generation. | 7.5 |
2020-02-24 | CVE-2020-9381 | Totaljs | Incorrect Authorization vulnerability in Totaljs Total.Js CMS 13.0.0 controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a POST to the /admin/api/widgets/ URI. | 7.5 |
2020-02-24 | CVE-2020-9369 | Sympa Fedoraproject Debian | Resource Exhaustion vulnerability in multiple products Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of notifications to listmasters) via a series of requests with malformed parameters. | 7.5 |
2020-02-24 | CVE-2020-5244 | Buddypress | Information Exposure vulnerability in Buddypress 5.0.0/5.1.0/5.1.1 In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed. | 7.5 |
2020-02-24 | CVE-2012-0785 | Cloudbees Jenkins | Resource Exhaustion vulnerability in multiple products Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack." | 7.5 |
2020-02-24 | CVE-2020-9365 | Pureftpd Fedoraproject | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Pure-FTPd 1.0.49. | 7.5 |
2020-02-24 | CVE-2020-8131 | Yarnpkg | Path Traversal vulnerability in Yarnpkg Yarn Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows attackers to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install a malicious package. | 7.5 |
2020-02-24 | CVE-2015-9542 | Freeradius Debian Canonical | Out-of-bounds Write vulnerability in multiple products add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). | 7.5 |
2020-02-27 | CVE-2019-5326 | Arubanetworks | Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. | 7.2 |
2020-02-27 | CVE-2019-5323 | Arubanetworks | Command Injection vulnerability in Arubanetworks Airwave There are command injection vulnerabilities present in the AirWave application. | 7.2 |
2020-02-25 | CVE-2019-5165 | Moxa | Improper Authentication vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. | 7.2 |
2020-02-25 | CVE-2019-5142 | Moxa | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. | 7.2 |
2020-02-27 | CVE-2020-3861 | Apple | Unspecified vulnerability in Apple Itunes The issue was addressed with improved permissions logic. | 7.1 |
2020-02-25 | CVE-2020-9383 | Linux Debian Opensuse Canonical Netapp | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel 3.16 through 5.5.6. | 7.1 |
2020-02-25 | CVE-2019-5139 | Moxa | Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. | 7.1 |
2020-02-28 | CVE-2019-3698 | Nagios Opensuse | UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. | 7.0 |
2020-02-27 | CVE-2020-3831 | Apple | Race Condition vulnerability in Apple Iphone OS A race condition was addressed with improved locking. | 7.0 |
85 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-26 | CVE-2020-3169 | Cisco | OS Command Injection vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. | 6.7 |
2020-02-26 | CVE-2020-3166 | Cisco | Improper Input Validation vulnerability in Cisco Firepower Threat Defense A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). | 6.7 |
2020-02-28 | CVE-2015-5361 | Juniper | Inadequate Encryption Strength vulnerability in Juniper Junos Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. | 6.5 |
2020-02-28 | CVE-2015-3006 | Juniper | Insufficient Entropy vulnerability in Juniper Junos On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. | 6.5 |
2020-02-27 | CVE-2020-3862 | Apple Opensuse | A denial of service issue was addressed with improved memory handling. | 6.5 |
2020-02-27 | CVE-2020-3841 | Apple | Insufficiently Protected Credentials vulnerability in Apple Iphone OS The issue was addressed with improved UI handling. | 6.5 |
2020-02-27 | CVE-2020-5400 | Cloudfoundry | Information Exposure Through Log Files vulnerability in Cloudfoundry Cf-Deployment Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the job. | 6.5 |
2020-02-27 | CVE-2020-6864 | ZTE | Unspecified vulnerability in ZTE E8820V3 Firmware 3.1.0.1000.4 ZTE E8820V3 router product is impacted by an information leak vulnerability. | 6.5 |
2020-02-27 | CVE-2020-6863 | ZTE | Unspecified vulnerability in ZTE E8820V3 Firmware 3.1.0.1000.4 ZTE E8820V3 router product is impacted by a permission and access control vulnerability. | 6.5 |
2020-02-26 | CVE-2019-19992 | Seling | Improper Input Validation vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 6.5 |
2020-02-26 | CVE-2019-19987 | Seling | Cross-Site Request Forgery (CSRF) vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 6.5 |
2020-02-26 | CVE-2020-9337 | Golfbuddyglobal | Inadequate Encryption Strength vulnerability in Golfbuddyglobal Course Manager 1.1 In GolfBuddy Course Manager 1.1, passwords are sent (with base64 encoding) via a GET request. | 6.5 |
2020-02-25 | CVE-2020-9379 | Mitel | Unspecified vulnerability in Mitel Micontact Center Business The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. | 6.5 |
2020-02-24 | CVE-2019-17228 | Stylemixthemes | Insufficient Verification of Data Authenticity vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress allows unauthenticated options changes. | 6.5 |
2020-02-24 | CVE-2018-13313 | Totolink | Insecure Storage of Sensitive Information vulnerability in Totolink A3002Ru Firmware 1.0.8 In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. | 6.5 |
2020-02-24 | CVE-2020-5188 | Dnnsoftware | Unrestricted Upload of File with Dangerous Type vulnerability in Dnnsoftware Dotnetnuke DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions. | 6.5 |
2020-02-24 | CVE-2020-8130 | Ruby Lang Debian Canonical Fedoraproject Opensuse | OS Command Injection vulnerability in multiple products There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`. | 6.4 |
2020-02-27 | CVE-2019-4669 | IBM | SQL Injection vulnerability in IBM products IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection. | 6.3 |
2020-02-26 | CVE-2019-4598 | IBM | SQL Injection vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. | 6.3 |
2020-02-26 | CVE-2019-4597 | IBM | SQL Injection vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. | 6.3 |
2020-02-28 | CVE-2020-6804 | Mozilla | Cross-site Scripting vulnerability in Mozilla Webthings Gateway A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user's authentication token. | 6.1 |
2020-02-28 | CVE-2020-6803 | Mozilla | Open Redirect vulnerability in Mozilla Webthings Gateway An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in. | 6.1 |
2020-02-28 | CVE-2020-9466 | Export Users TO CSV Project | Improper Neutralization of Formula Elements in a CSV File vulnerability in Export Users to CSV Project Export Users to CSV The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV Injection. | 6.1 |
2020-02-28 | CVE-2020-8127 | Revealjs | Cross-site Scripting vulnerability in Revealjs Reveal.Js Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks. | 6.1 |
2020-02-28 | CVE-2020-9447 | Gwtupload Project | Cross-site Scripting vulnerability in Gwtupload Project Gwtupload 1.0.3 There is an XSS (cross-site scripting) vulnerability in GwtUpload 1.0.3 in the file upload functionality. | 6.1 |
2020-02-27 | CVE-2020-3867 | Apple Opensuse Webkitgtk | Cross-site Scripting vulnerability in multiple products A logic issue was addressed with improved state management. | 6.1 |
2020-02-27 | CVE-2015-2992 | Apache | Cross-site Scripting vulnerability in Apache Struts Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability. | 6.1 |
2020-02-26 | CVE-2020-8952 | Fiserv | Cross-site Scripting vulnerability in Fiserv Accurate Reconciliation 2.19.0 Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allows XSS via the logout.jsp timeOut parameter. | 6.1 |
2020-02-26 | CVE-2019-19134 | Heroplugins | Cross-site Scripting vulnerability in Heroplugins Hero Maps Premium The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input. | 6.1 |
2020-02-26 | CVE-2020-9405 | Iblsoft | Cross-site Scripting vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page. | 6.1 |
2020-02-25 | CVE-2020-9393 | Supsystic | Cross-site Scripting vulnerability in Supsystic Pricing Table BY Supsystic 1.8.0/1.8.1 An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. | 6.1 |
2020-02-25 | CVE-2020-9019 | Wpjobboard | Cross-site Scripting vulnerability in Wpjobboard 5.5.3 The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description. | 6.1 |
2020-02-24 | CVE-2019-17229 | Stylemixthemes | Cross-site Scripting vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress has multiple stored XSS issues. | 6.1 |
2020-02-24 | CVE-2019-12513 | Netgear | Cross-site Scripting vulnerability in Netgear Nighthawk X10-R9000 Firmware In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. | 6.1 |
2020-02-24 | CVE-2019-12512 | Netgear | Cross-site Scripting vulnerability in Netgear Nighthawk X10-R9000 Firmware In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login attempt. | 6.1 |
2020-02-24 | CVE-2019-4595 | IBM | Open Redirect vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
2020-02-24 | CVE-2019-3670 | Mcafee | Cross-site Scripting vulnerability in Mcafee web Advisor 8.0.0.34239/8.0.34745 Remote Code Execution vulnerability in the web interface in McAfee Web Advisor (WA) 8.0.34745 and earlier allows remote unauthenticated attacker to execute arbitrary code via a cross site scripting attack. | 6.1 |
2020-02-28 | CVE-2020-1875 | Huawei | Access of Uninitialized Pointer vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. | 5.5 |
2020-02-28 | CVE-2020-1874 | Huawei | Access of Uninitialized Pointer vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. | 5.5 |
2020-02-28 | CVE-2020-1792 | Huawei | Out-of-bounds Write vulnerability in Huawei Honor V10 Firmware Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4) have an out of bounds write vulnerability. | 5.5 |
2020-02-28 | CVE-2020-9399 | Avast | Interpretation Conflict vulnerability in Avast products The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. | 5.5 |
2020-02-27 | CVE-2020-3875 | Apple | Out-of-bounds Read vulnerability in Apple products A validation issue was addressed with improved input sanitization. | 5.5 |
2020-02-27 | CVE-2020-3872 | Apple | Improper Initialization vulnerability in Apple products A memory initialization issue was addressed with improved memory handling. | 5.5 |
2020-02-27 | CVE-2020-3866 | Apple | Unspecified vulnerability in Apple mac OS X This was addressed with additional checks by Gatekeeper on files mounted through a network share. | 5.5 |
2020-02-27 | CVE-2020-3839 | Apple | Improper Input Validation vulnerability in Apple mac OS X A validation issue was addressed with improved input sanitization. | 5.5 |
2020-02-27 | CVE-2020-3836 | Apple | Unspecified vulnerability in Apple products An access issue was addressed with improved memory management. | 5.5 |
2020-02-27 | CVE-2017-16900 | Hunesion | Improper Restriction of Excessive Authentication Attempts vulnerability in Hunesion I-Onenet 3.0.6042.1200 Incorrect Access Control in Hunesion i-oneNet 3.0.6042.1200 allows the local user to access other user's information which is unauthorized via brute force. | 5.5 |
2020-02-25 | CVE-2020-9391 | Linux Fedoraproject Netapp | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. | 5.5 |
2020-02-28 | CVE-2020-9459 | Webnus | Cross-site Scripting vulnerability in Webnus Modern Events Calendar Lite Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite plugin through 5.1.6 for WordPress allows remote authenticated users (with minimal permissions) to inject arbitrary JavaScript, HTML, or CSS via Ajax actions. | 5.4 |
2020-02-26 | CVE-2020-8951 | Fiserv | Cross-site Scripting vulnerability in Fiserv Accurate Reconciliation 2.19.0 Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allows XSS via the Source or Destination field of the Configuration Manager (Configuration Parameter Translation) page. | 5.4 |
2020-02-26 | CVE-2019-4596 | IBM | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. | 5.4 |
2020-02-26 | CVE-2019-19991 | Seling | Cross-site Scripting vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 5.4 |
2020-02-26 | CVE-2019-19990 | Seling | Cross-site Scripting vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 5.4 |
2020-02-25 | CVE-2020-9008 | Blackboard | Cross-site Scripting vulnerability in Blackboard Learn 1.10.1/9.1 Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor. | 5.4 |
2020-02-25 | CVE-2020-9334 | Enviragallery | Cross-site Scripting vulnerability in Enviragallery Envira Gallery A stored XSS vulnerability exists in the Envira Photo Gallery plugin through 1.7.6 for WordPress. | 5.4 |
2020-02-24 | CVE-2020-9382 | Widgets Project | Injection vulnerability in Widgets Project Widgets An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. | 5.4 |
2020-02-24 | CVE-2020-5186 | Dnnsoftware | Cross-site Scripting vulnerability in Dnnsoftware Dotnetnuke DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2). | 5.4 |
2020-02-27 | CVE-2018-8878 | Asuswrt Merlin Asus | Information Exposure vulnerability in multiple products Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the custom_id variable on the blocking.asp page. | 5.3 |
2020-02-27 | CVE-2018-8877 | Asus Asuswrt Merlin | Information Exposure vulnerability in multiple products Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network IP address ranges by reading the new_lan_ip variable on the error_page.htm page. | 5.3 |
2020-02-27 | CVE-2020-7063 | PHP Tenable Debian Opensuse | Improper Preservation of Permissions vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. | 5.3 |
2020-02-27 | CVE-2020-3874 | Apple | Improper Cross-boundary Removal of Sensitive Data vulnerability in Apple Iphone OS An issued existed in the naming of screenshots. | 5.3 |
2020-02-27 | CVE-2020-3869 | Apple | Unspecified vulnerability in Apple Iphone OS An issue existed in the handling of the local user's self-view. | 5.3 |
2020-02-27 | CVE-2020-5401 | Cloudfoundry | HTTP Request Smuggling vulnerability in Cloudfoundry Routing Release Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients trying to access the app. | 5.3 |
2020-02-27 | CVE-2020-7042 | Openfortivpn Project Fedoraproject Opensuse | Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. | 5.3 |
2020-02-27 | CVE-2020-7041 | Openfortivpn Project Fedoraproject Opensuse | Improper Certificate Validation vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. | 5.3 |
2020-02-26 | CVE-2020-3170 | Cisco | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. | 5.3 |
2020-02-26 | CVE-2019-4537 | IBM | Unspecified vulnerability in IBM Websphere Service Registry and Repository 8.5 IBM WebSphere Service Registry and Repository 8.5 could allow a user to obtain sensitive version information that could be used in further attacks against the system. | 5.3 |
2020-02-26 | CVE-2019-19993 | Seling | Information Exposure Through an Error Message vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 5.3 |
2020-02-26 | CVE-2020-9407 | Iblsoft | Cleartext Storage of Sensitive Information vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie. | 5.3 |
2020-02-25 | CVE-2020-9018 | Litecart | Cross-Site Request Forgery (CSRF) vulnerability in Litecart LiteCart through 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user. | 5.3 |
2020-02-25 | CVE-2019-4672 | IBM | Unspecified vulnerability in IBM Qradar Advisor 1.1/2.5.0 IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. | 5.3 |
2020-02-24 | CVE-2019-10798 | RDF Graph Array Project | Unspecified vulnerability in Rdf-Graph-Array Project Rdf-Graph-Array 0.3.0 rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. | 5.3 |
2020-02-24 | CVE-2019-4703 | IBM | Unspecified vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information. | 5.3 |
2020-02-25 | CVE-2020-9335 | 10Web | Cross-site Scripting vulnerability in 10Web Photo Gallery Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. | 4.8 |
2020-02-25 | CVE-2019-12863 | Solarwinds | Cross-site Scripting vulnerability in Solarwinds products SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen. | 4.8 |
2020-02-24 | CVE-2020-1935 | Apache Debian Canonical Opensuse Netapp Oracle | HTTP Request Smuggling vulnerability in multiple products In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. | 4.8 |
2020-02-24 | CVE-2019-17569 | Apache Opensuse Netapp Debian Oracle | HTTP Request Smuggling vulnerability in multiple products The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. | 4.8 |
2020-02-26 | CVE-2020-3174 | Cisco | Insufficient Verification of Data Authenticity vulnerability in Cisco Nx-Os 8.1(1)/8.4(1)/9.3(1) A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. | 4.7 |
2020-02-25 | CVE-2020-8793 | Opensmtpd Fedoraproject Canonical | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c. | 4.7 |
2020-02-28 | CVE-2020-1877 | Huawei | Access of Uninitialized Pointer vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. | 4.4 |
2020-02-28 | CVE-2020-1861 | Huawei | Unspecified vulnerability in Huawei Cloudengine 12800 Firmware CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some Huawei products. | 4.4 |
2020-02-27 | CVE-2020-3835 | Apple | Link Following vulnerability in Apple mac OS X A validation issue existed in the handling of symlinks. | 4.4 |
2020-02-27 | CVE-2020-3833 | Apple | Unspecified vulnerability in Apple Safari An inconsistent user interface issue was addressed with improved state management. | 4.3 |
2020-02-26 | CVE-2019-4726 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
2020-02-24 | CVE-2019-4745 | IBM | Incorrect Authorization vulnerability in IBM products IBM Maximo Asset Management 7.6.1.0 could allow a remote attacker to disclose sensitive information to an authenticated user due to disclosing path information in the URL. | 4.3 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-27 | CVE-2020-3873 | Apple | Unspecified vulnerability in Apple Iphone OS This issue was addressed with improved setting propagation. | 3.3 |
2020-02-27 | CVE-2020-3844 | Apple | Unspecified vulnerability in Apple Iphone OS This issue was addressed with improved checks. | 3.3 |
2020-02-27 | CVE-2020-3830 | Apple | Link Following vulnerability in Apple mac OS X A validation issue existed in the handling of symlinks. | 3.3 |
2020-02-27 | CVE-2020-3859 | Apple | Unspecified vulnerability in Apple Iphone OS An inconsistent user interface issue was addressed with improved state management. | 2.4 |
2020-02-27 | CVE-2020-3828 | Apple | Unspecified vulnerability in Apple Iphone OS A lock screen issue allowed access to contacts on a locked device. | 2.4 |