Weekly Vulnerabilities Reports > February 24 to March 1, 2020

Overview

238 new vulnerabilities reported during this period, including 37 critical vulnerabilities and 111 high severity vulnerabilities. This weekly summary report vulnerabilities in 225 products from 105 vendors including Apple, Fedoraproject, Debian, Opensuse, and IBM. Vulnerabilities are notably categorized as "OS Command Injection", "Cross-site Scripting", "Out-of-bounds Write", "Out-of-bounds Read", and "Improper Input Validation".

  • 176 reported vulnerabilities are remotely exploitables.
  • 10 reported vulnerabilities have public exploit available.
  • 82 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 163 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 45 reported vulnerabilities.
  • IBM has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

37 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-25 CVE-2015-0565 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Native Client 2015

NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.

10.0
2020-02-25 CVE-2019-5138 Moxa OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13.

9.9
2020-02-28 CVE-2019-10804 Serial Number Project OS Command Injection vulnerability in Serial-Number Project Serial-Number

serial-number through 1.3.0 allows execution of arbritary commands.

9.8
2020-02-28 CVE-2019-10803 Push DIR Project OS Command Injection vulnerability in Push-Dir Project Push-Dir

push-dir through 0.4.1 allows execution of arbritary commands.

9.8
2020-02-28 CVE-2019-10802 Mangoraft OS Command Injection vulnerability in Mangoraft Giting

giting version prior to 0.0.8 allows execution of arbritary commands.

9.8
2020-02-28 CVE-2019-10801 Enpeem Project OS Command Injection vulnerability in Enpeem Project Enpeem

enpeem through 2.2.0 allows execution of arbitrary commands.

9.8
2020-02-28 CVE-2020-9465 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork

An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3.

9.8
2020-02-28 CVE-2020-8132 PDF Image Project Improper Input Validation vulnerability in Pdf-Image Project Pdf-Image

Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input.

9.8
2020-02-28 CVE-2019-15609 Kill Port Process Project OS Command Injection vulnerability in Kill-Port-Process Project Kill-Port-Process

The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability.

9.8
2020-02-27 CVE-2020-3924 Tonnet Command Injection vulnerability in Tonnet products

DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files.

9.8
2020-02-27 CVE-2020-3923 Tonnet Improper Authentication vulnerability in Tonnet products

DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, contain misconfigured authentication mechanism.

9.8
2020-02-26 CVE-2019-17275 Netapp Unspecified vulnerability in Netapp Oncommand Cloud Manager

OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers.

9.8
2020-02-26 CVE-2019-19994 Seling OS Command Injection vulnerability in Seling Visual Access Manager 4.15.0/4.29.0

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29.

9.8
2020-02-26 CVE-2020-9406 Iblsoft Code Injection vulnerability in Iblsoft Online Weather

IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service.

9.8
2020-02-25 CVE-2020-9398 Ispconfig SQL Injection vulnerability in Ispconfig

ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection.

9.8
2020-02-25 CVE-2016-11020 Kunena Unrestricted Upload of File with Dangerous Type vulnerability in Kunena

Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png.

9.8
2020-02-25 CVE-2020-8794 Opensmtpd
Canonical
Fedoraproject
Debian
Out-of-bounds Read vulnerability in multiple products

OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies.

9.8
2020-02-24 CVE-2020-1938 Apache
Fedoraproject
Oracle
Debian
Opensuse
Blackberry
Netapp
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat.
9.8
2020-02-24 CVE-2020-9374 TP Link OS Command Injection vulnerability in Tp-Link Tl-Wr849N Firmware 0.9.14.16

On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.

9.8
2020-02-24 CVE-2019-12511 Netgear OS Command Injection vulnerability in Netgear Nighthawk X10-R9000 Firmware 1.0.4.24

In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC.

9.8
2020-02-24 CVE-2018-14705 Drobo Improper Authentication vulnerability in Drobo 5N2 Firmware 4.0.5

In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation.

9.8
2020-02-24 CVE-2019-10796 RPI Project OS Command Injection vulnerability in RPI Project RPI 0.0.1/0.0.2/0.0.3

rpi through 0.0.3 allows execution of arbritary commands.

9.8
2020-02-24 CVE-2020-9366 GNU Out-of-bounds Write vulnerability in GNU Screen

A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49.

9.8
2020-02-24 CVE-2020-4222 IBM OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system.

9.8
2020-02-24 CVE-2020-4213 IBM OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system.

9.8
2020-02-24 CVE-2020-4212 IBM Improper Input Validation vulnerability in IBM Spectrum Protect 10.1.0/10.1.5

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system.

9.8
2020-02-24 CVE-2020-4211 IBM OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system.

9.8
2020-02-24 CVE-2020-4210 IBM OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system.

9.8
2020-02-24 CVE-2019-20481 Miele Improper Authentication vulnerability in Miele XGW 3000 Zigbee Gateway Firmware

In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password.

9.8
2020-02-24 CVE-2019-18183 Pacman Project
Fedoraproject
OS Command Injection vulnerability in multiple products

pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function.

9.8
2020-02-24 CVE-2019-18182 Pacman Project
Fedoraproject
OS Command Injection vulnerability in multiple products

pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function.

9.8
2020-02-27 CVE-2020-9434 LUA Openssl Project Improper Certificate Validation vulnerability in Lua-Openssl Project Lua-Openssl 0.7.71

openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.

9.1
2020-02-27 CVE-2020-9433 LUA Openssl Project Improper Certificate Validation vulnerability in Lua-Openssl Project Lua-Openssl 0.7.71

openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.

9.1
2020-02-27 CVE-2020-9432 LUA Openssl Project Improper Certificate Validation vulnerability in Lua-Openssl Project Lua-Openssl 0.7.71

openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.

9.1
2020-02-27 CVE-2020-7061 PHP
Tenable
Out-of-bounds Read vulnerability in multiple products

In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer.

9.1
2020-02-27 CVE-2020-7043 Openfortivpn Project
Fedoraproject
Opensuse
Improper Certificate Validation vulnerability in multiple products

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2.

9.1
2020-02-24 CVE-2019-12510 Netgear Insufficient Verification of Data Authenticity vulnerability in Netgear Nighthawk X10-R9000 Firmware 1.0.4.24

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API ("/soap/server_sa") by supplying a malicious X-Forwarded-For header of the device's LAN IP address (192.168.1.1) in every request.

9.1

111 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-28 CVE-2020-9449 Justblab Use of Insufficiently Random Values vulnerability in Justblab products

An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS (client), and BlaB! WS Pro (client) version 19.11 allows an attacker (with a guest or user session cookie) to escalate privileges by retrieving the cookie salt value and creating a valid session cookie for an arbitrary user or admin.

8.8
2020-02-28 CVE-2020-9463 Centreon OS Command Injection vulnerability in Centreon 19.10

Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request.

8.8
2020-02-27 CVE-2020-6418 Google
Fedoraproject
Redhat
Debian
Type Confusion vulnerability in multiple products

Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-02-27 CVE-2020-6407 Google Out-of-bounds Write vulnerability in Google Chrome

Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-02-27 CVE-2020-6386 Google
Fedoraproject
Redhat
Debian
Use After Free vulnerability in multiple products

Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-02-27 CVE-2020-6384 Google
Fedoraproject
Redhat
Debian
Use After Free vulnerability in multiple products

Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-02-27 CVE-2020-6383 Google
Fedoraproject
Redhat
Debian
Type Confusion vulnerability in multiple products

Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-02-27 CVE-2020-3868 Apple
Opensuse
Out-of-bounds Write vulnerability in multiple products

Multiple memory corruption issues were addressed with improved memory handling.

8.8
2020-02-27 CVE-2020-3865 Apple
Opensuse
Out-of-bounds Write vulnerability in multiple products

Multiple memory corruption issues were addressed with improved memory handling.

8.8
2020-02-27 CVE-2020-3846 Apple Improper Input Validation vulnerability in Apple products

A buffer overflow was addressed with improved size validation.

8.8
2020-02-27 CVE-2020-3843 Apple Out-of-bounds Write vulnerability in Apple Iphone OS and Watchos

A memory corruption issue was addressed with improved input validation.

8.8
2020-02-27 CVE-2020-3825 Apple Out-of-bounds Write vulnerability in Apple products

Multiple memory corruption issues were addressed with improved memory handling.

8.8
2020-02-27 CVE-2020-5402 Cloudfoundry Cross-Site Request Forgery (CSRF) vulnerability in Cloudfoundry Cf-Deployment

In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers.

8.8
2020-02-27 CVE-2015-5686 Puppet Improper Restriction of Rendered UI Layers or Frames vulnerability in Puppet Enterprise

Parts of the Puppet Enterprise Console 3.x were found to be susceptible to clickjacking and CSRF (Cross-Site Request Forgery) attacks.

8.8
2020-02-26 CVE-2020-3172 Cisco Improper Input Validation vulnerability in Cisco Firepower Extensible Operating System

A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device.

8.8
2020-02-26 CVE-2019-19988 Seling Out-of-bounds Write vulnerability in Seling Visual Access Manager 4.15.0/4.29.0

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29.

8.8
2020-02-25 CVE-2020-9394 Supsystic Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Pricing Table BY Supsystic 1.8.0/1.8.1

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress.

8.8
2020-02-25 CVE-2019-5162 Moxa Unspecified vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13.

8.8
2020-02-25 CVE-2019-5153 Moxa Out-of-bounds Write vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13.

8.8
2020-02-25 CVE-2019-5143 Moxa Use of Externally-Controlled Format String vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13.

8.8
2020-02-25 CVE-2019-5141 Moxa OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13.

8.8
2020-02-25 CVE-2019-5140 Moxa OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13.

8.8
2020-02-25 CVE-2019-5136 Moxa Unspecified vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13.

8.8
2020-02-24 CVE-2020-1937 Apache SQL Injection vulnerability in Apache Kylin

Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries.

8.8
2020-02-24 CVE-2020-5245 Dropwizard
Oracle
Injection vulnerability in multiple products

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2.

8.8
2020-02-24 CVE-2020-5187 Dnnsoftware Path Traversal vulnerability in Dnnsoftware Dotnetnuke

DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2).

8.8
2020-02-24 CVE-2019-20480 Miele Cross-Site Request Forgery (CSRF) vulnerability in Miele XGW 3000 Zigbee Gateway Firmware

In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website visited by an authenticated admin user or a malicious mail is allowed to make arbitrary changes in the "admin panel" because there is no CSRF protection.

8.8
2020-02-24 CVE-2019-15299 Centreon Improper Authentication vulnerability in Centreon web

An issue was discovered in Centreon Web through 19.04.3.

8.8
2020-02-28 CVE-2019-7007 Avaya Path Traversal vulnerability in Avaya Aura Conferencing 9.0/9.1.9.0

A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier.

8.6
2020-02-26 CVE-2020-3175 Cisco Resource Exhaustion vulnerability in Cisco Nx-Os 6.2(1)

A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

8.6
2020-02-28 CVE-2019-4301 Hcltech Unspecified vulnerability in Hcltech Self-Service Application 3.0.0

BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML.

8.4
2020-02-26 CVE-2020-3165 Cisco Use of Hard-coded Credentials vulnerability in Cisco Nx-Os

A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device.

8.2
2020-02-24 CVE-2019-10799 Compile Sass Project OS Command Injection vulnerability in Compile-Sass Project Compile-Sass

compile-sass prior to 1.0.5 allows execution of arbritary commands.

8.2
2020-02-27 CVE-2017-6363 Libgd Out-of-bounds Read vulnerability in Libgd

In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c.

8.1
2020-02-25 CVE-2020-8810 Gurux Path Traversal vulnerability in Gurux Device Language Message Specification Director 8.0.7/8.2.2002.1201/8.5.1803.0601

An issue was discovered in Gurux GXDLMS Director through 8.5.1905.1301.

8.1
2020-02-25 CVE-2020-8809 Gurux Download of Code Without Integrity Check vulnerability in Gurux Device Language Message Specification Director 8.0.7/8.2.2002.1201/8.5.1803.0601

Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection.

8.1
2020-02-25 CVE-2020-8819 Cardgate Origin Validation Error vulnerability in Cardgate Payments

An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce.

8.1
2020-02-25 CVE-2020-8818 Cardgate
Adobe
Origin Validation Error vulnerability in multiple products

An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2.

8.1
2020-02-25 CVE-2020-9017 Litecart Improper Neutralization of Formula Elements in a CSV File vulnerability in Litecart

LiteCart through 2.2.1 allows CSV injection via a customer's profile.

8.0
2020-02-28 CVE-2020-1844 Huawei Unspecified vulnerability in Huawei Pcmanager 10.0.1.36/9.0.1.50/9.1.3.1

PCManager with versions earlier than 10.0.5.51 have a privilege escalation vulnerability in Huawei PCManager products.

7.8
2020-02-28 CVE-2020-9442 Openvpn Improper Preservation of Permissions vulnerability in Openvpn Connect

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there.

7.8
2020-02-27 CVE-2020-3878 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

7.8
2020-02-27 CVE-2020-3871 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved memory handling.

7.8
2020-02-27 CVE-2020-3870 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

7.8
2020-02-27 CVE-2020-3860 Apple Out-of-bounds Write vulnerability in Apple Iphone OS

A memory corruption issue was addressed with improved input validation.

7.8
2020-02-27 CVE-2020-3858 Apple Out-of-bounds Write vulnerability in Apple Iphone OS

A memory corruption issue was addressed with improved memory handling.

7.8
2020-02-27 CVE-2020-3857 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved memory handling.

7.8
2020-02-27 CVE-2020-3856 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved input validation.

7.8
2020-02-27 CVE-2020-3854 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved memory handling.

7.8
2020-02-27 CVE-2020-3853 Apple Type Confusion vulnerability in Apple products

A type confusion issue was addressed with improved memory handling.

7.8
2020-02-27 CVE-2020-3845 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved memory handling.

7.8
2020-02-27 CVE-2020-3842 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved memory handling.

7.8
2020-02-27 CVE-2020-3840 Apple Off-by-one Error vulnerability in Apple products

An off by one issue existed in the handling of racoon configuration files.

7.8
2020-02-27 CVE-2020-3838 Apple Incorrect Default Permissions vulnerability in Apple products

The issue was addressed with improved permissions logic.

7.8
2020-02-27 CVE-2020-3837 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved memory handling.

7.8
2020-02-27 CVE-2020-3834 Apple Out-of-bounds Write vulnerability in Apple Watchos

A memory corruption issue was addressed with improved state management.

7.8
2020-02-27 CVE-2020-3829 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

7.8
2020-02-27 CVE-2020-3827 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved input validation.

7.8
2020-02-27 CVE-2020-3826 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

7.8
2020-02-26 CVE-2019-17274 Netapp Insecure Default Initialization of Resource vulnerability in Netapp products

NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access.

7.8
2020-02-26 CVE-2020-3173 Cisco OS Command Injection vulnerability in Cisco UCS Manager

A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device.

7.8
2020-02-26 CVE-2020-3171 Cisco OS Command Injection vulnerability in Cisco Fxos and UCS Manager

A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device.

7.8
2020-02-26 CVE-2020-3167 Cisco OS Command Injection vulnerability in Cisco products

A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS).

7.8
2020-02-25 CVE-2019-4000 Druva Code Injection vulnerability in Druva Insync 6.5.0

Improper neutralization of directives in dynamically evaluated code in Druva inSync Mac OS Client 6.5.0 allows a local, authenticated attacker to execute arbitrary Python expressions with root privileges.

7.8
2020-02-25 CVE-2019-3999 Druva OS Command Injection vulnerability in Druva Insync Client 6.5.0

Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.

7.8
2020-02-24 CVE-2020-9363 Sophos Interpretation Conflict vulnerability in Sophos products

The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive.

7.8
2020-02-24 CVE-2020-9362 Quickheal Interpretation Conflict vulnerability in Quickheal products

The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive.

7.8
2020-02-24 CVE-2019-20044 ZSH
Fedoraproject
Debian
Apple
Improper Check for Dropped Privileges vulnerability in multiple products

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option.

7.8
2020-02-28 CVE-2019-10805 Sideralis Exposure of Resource to Wrong Sphere vulnerability in Sideralis Valib.Js 2.0.0

valib through 2.0.0 allows Internal Property Tampering.

7.5
2020-02-28 CVE-2018-21035 QT Allocation of Resources Without Limits or Throttling vulnerability in QT

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages.

7.5
2020-02-28 CVE-2019-19943 Pablosoftwaresolutions Double Free vulnerability in Pablosoftwaresolutions Quick 'N Easy web Server 3.3.8

The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter.

7.5
2020-02-28 CVE-2020-1881 Huawei Unspecified vulnerability in Huawei products

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability.

7.5
2020-02-28 CVE-2020-1876 Huawei Out-of-bounds Write vulnerability in Huawei products

NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability.

7.5
2020-02-28 CVE-2020-1873 Huawei Out-of-bounds Read vulnerability in Huawei products

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability.

7.5
2020-02-28 CVE-2020-1860 Huawei Unspecified vulnerability in Huawei products

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability.

7.5
2020-02-28 CVE-2020-5247 Ruby Lang
Puma
Debian
Fedoraproject
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e.
7.5
2020-02-28 CVE-2019-10064 W1 FI
Debian
Insufficient Entropy vulnerability in multiple products

hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values.

7.5
2020-02-28 CVE-2019-8741 Apple Infinite Loop vulnerability in Apple products

A denial of service issue was addressed with improved input validation.

7.5
2020-02-27 CVE-2020-9431 Wireshark
Opensuse
Fedoraproject
Debian
Memory Leak vulnerability in multiple products

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory.

7.5
2020-02-27 CVE-2020-9430 Wireshark
Fedoraproject
Opensuse
Debian
Improper Input Validation vulnerability in multiple products

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash.

7.5
2020-02-27 CVE-2020-9429 Wireshark
Opensuse
NULL Pointer Dereference vulnerability in multiple products

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash.

7.5
2020-02-27 CVE-2020-9428 Wireshark
Debian
Fedoraproject
Opensuse
Out-of-bounds Read vulnerability in multiple products

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash.

7.5
2020-02-27 CVE-2020-7062 PHP
Opensuse
Debian
Canonical
NULL Pointer Dereference vulnerability in multiple products

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash.

7.5
2020-02-27 CVE-2020-3877 Apple Out-of-bounds Read vulnerability in Apple mac OS X and Watchos

An out-of-bounds read was addressed with improved input validation.

7.5
2020-02-27 CVE-2017-6371 Synchro Unspecified vulnerability in Synchro BBS 3.16C

Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header.

7.5
2020-02-26 CVE-2019-18238 Moxa Cleartext Storage of Sensitive Information vulnerability in Moxa products

In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account.

7.5
2020-02-26 CVE-2020-3168 Cisco Resource Exhaustion vulnerability in Cisco Nx-Os 5.2(1)Sv3(4.1A)

A vulnerability in the Secure Login Enhancements capability of Cisco Nexus 1000V Switch for VMware vSphere could allow an unauthenticated, remote attacker to cause an affected Nexus 1000V Virtual Supervisor Module (VSM) to become inaccessible to users through the CLI.

7.5
2020-02-26 CVE-2020-9274 Pureftpd
Debian
Fedoraproject
Canonical
Access of Uninitialized Pointer vulnerability in multiple products

An issue was discovered in Pure-FTPd 1.0.49.

7.5
2020-02-26 CVE-2019-19989 Seling Missing Authorization vulnerability in Seling Visual Access Manager 4.15.0/4.29.0

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29.

7.5
2020-02-26 CVE-2019-19986 Seling SQL Injection vulnerability in Seling Visual Access Manager 4.15.0/4.29.0

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29.

7.5
2020-02-25 CVE-2015-5201 Redhat Missing Authentication for Critical Function vulnerability in Redhat products

VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors.

7.5
2020-02-25 CVE-2019-5148 Moxa Integer Underflow (Wrap or Wraparound) vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13.

7.5
2020-02-25 CVE-2019-5137 Moxa Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13

The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13.

7.5
2020-02-25 CVE-2019-4557 IBM Inadequate Encryption Strength vulnerability in IBM Qradar Advisor 1.1/2.5.0

IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

7.5
2020-02-25 CVE-2020-9385 Zint NULL Pointer Dereference vulnerability in Zint 2.7.1

A NULL Pointer Dereference exists in libzint in Zint 2.7.1 because multiple + characters are mishandled in add_on in upcean.c, when called from eanx in upcean.c during EAN barcode generation.

7.5
2020-02-24 CVE-2020-9381 Totaljs Incorrect Authorization vulnerability in Totaljs Total.Js CMS 13.0.0

controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a POST to the /admin/api/widgets/ URI.

7.5
2020-02-24 CVE-2020-9369 Sympa
Fedoraproject
Debian
Resource Exhaustion vulnerability in multiple products

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of notifications to listmasters) via a series of requests with malformed parameters.

7.5
2020-02-24 CVE-2020-5244 Buddypress Information Exposure vulnerability in Buddypress 5.0.0/5.1.0/5.1.1

In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed.

7.5
2020-02-24 CVE-2012-0785 Cloudbees
Jenkins
Resource Exhaustion vulnerability in multiple products

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."

7.5
2020-02-24 CVE-2020-9365 Pureftpd
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in Pure-FTPd 1.0.49.

7.5
2020-02-24 CVE-2020-8131 Yarnpkg Path Traversal vulnerability in Yarnpkg Yarn

Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows attackers to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install a malicious package.

7.5
2020-02-24 CVE-2015-9542 Freeradius
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy().

7.5
2020-02-27 CVE-2019-5326 Arubanetworks Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave

An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform.

7.2
2020-02-27 CVE-2019-5323 Arubanetworks Command Injection vulnerability in Arubanetworks Airwave

There are command injection vulnerabilities present in the AirWave application.

7.2
2020-02-25 CVE-2019-5165 Moxa Improper Authentication vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13.

7.2
2020-02-25 CVE-2019-5142 Moxa OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13.

7.2
2020-02-27 CVE-2020-3861 Apple Unspecified vulnerability in Apple Itunes

The issue was addressed with improved permissions logic.

7.1
2020-02-25 CVE-2020-9383 Linux
Debian
Opensuse
Canonical
Netapp
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in the Linux kernel 3.16 through 5.5.6.

7.1
2020-02-25 CVE-2019-5139 Moxa Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13

An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13.

7.1
2020-02-28 CVE-2019-3698 Nagios
Opensuse
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race.
7.0
2020-02-27 CVE-2020-3831 Apple Race Condition vulnerability in Apple Iphone OS

A race condition was addressed with improved locking.

7.0

85 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-26 CVE-2020-3169 Cisco OS Command Injection vulnerability in Cisco Firepower Extensible Operating System

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device.

6.7
2020-02-26 CVE-2020-3166 Cisco Improper Input Validation vulnerability in Cisco Firepower Threat Defense

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS).

6.7
2020-02-28 CVE-2015-5361 Juniper Inadequate Encryption Strength vulnerability in Juniper Junos

Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel.

6.5
2020-02-28 CVE-2015-3006 Juniper Insufficient Entropy vulnerability in Juniper Junos

On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates.

6.5
2020-02-27 CVE-2020-3862 Apple
Opensuse
A denial of service issue was addressed with improved memory handling.
6.5
2020-02-27 CVE-2020-3841 Apple Insufficiently Protected Credentials vulnerability in Apple Iphone OS

The issue was addressed with improved UI handling.

6.5
2020-02-27 CVE-2020-5400 Cloudfoundry Information Exposure Through Log Files vulnerability in Cloudfoundry Cf-Deployment

Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the job.

6.5
2020-02-27 CVE-2020-6864 ZTE Unspecified vulnerability in ZTE E8820V3 Firmware 3.1.0.1000.4

ZTE E8820V3 router product is impacted by an information leak vulnerability.

6.5
2020-02-27 CVE-2020-6863 ZTE Unspecified vulnerability in ZTE E8820V3 Firmware 3.1.0.1000.4

ZTE E8820V3 router product is impacted by a permission and access control vulnerability.

6.5
2020-02-26 CVE-2019-19992 Seling Improper Input Validation vulnerability in Seling Visual Access Manager 4.15.0/4.29.0

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29.

6.5
2020-02-26 CVE-2019-19987 Seling Cross-Site Request Forgery (CSRF) vulnerability in Seling Visual Access Manager 4.15.0/4.29.0

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29.

6.5
2020-02-26 CVE-2020-9337 Golfbuddyglobal Inadequate Encryption Strength vulnerability in Golfbuddyglobal Course Manager 1.1

In GolfBuddy Course Manager 1.1, passwords are sent (with base64 encoding) via a GET request.

6.5
2020-02-25 CVE-2020-9379 Mitel Unspecified vulnerability in Mitel Micontact Center Business

The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information.

6.5
2020-02-24 CVE-2019-17228 Stylemixthemes Insufficient Verification of Data Authenticity vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing

includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress allows unauthenticated options changes.

6.5
2020-02-24 CVE-2018-13313 Totolink Insecure Storage of Sensitive Information vulnerability in Totolink A3002Ru Firmware 1.0.8

In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password.

6.5
2020-02-24 CVE-2020-5188 Dnnsoftware Unrestricted Upload of File with Dangerous Type vulnerability in Dnnsoftware Dotnetnuke

DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions.

6.5
2020-02-24 CVE-2020-8130 Ruby Lang
Debian
Canonical
Fedoraproject
Opensuse
OS Command Injection vulnerability in multiple products

There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.

6.4
2020-02-27 CVE-2019-4669 IBM SQL Injection vulnerability in IBM products

IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection.

6.3
2020-02-26 CVE-2019-4598 IBM SQL Injection vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection.

6.3
2020-02-26 CVE-2019-4597 IBM SQL Injection vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection.

6.3
2020-02-28 CVE-2020-6804 Mozilla Cross-site Scripting vulnerability in Mozilla Webthings Gateway

A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user's authentication token.

6.1
2020-02-28 CVE-2020-6803 Mozilla Open Redirect vulnerability in Mozilla Webthings Gateway

An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in.

6.1
2020-02-28 CVE-2020-9466 Export Users TO CSV Project Improper Neutralization of Formula Elements in a CSV File vulnerability in Export Users to CSV Project Export Users to CSV

The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV Injection.

6.1
2020-02-28 CVE-2020-8127 Revealjs Cross-site Scripting vulnerability in Revealjs Reveal.Js

Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks.

6.1
2020-02-28 CVE-2020-9447 Gwtupload Project Cross-site Scripting vulnerability in Gwtupload Project Gwtupload 1.0.3

There is an XSS (cross-site scripting) vulnerability in GwtUpload 1.0.3 in the file upload functionality.

6.1
2020-02-27 CVE-2020-3867 Apple
Opensuse
Webkitgtk
Cross-site Scripting vulnerability in multiple products

A logic issue was addressed with improved state management.

6.1
2020-02-27 CVE-2015-2992 Apache Cross-site Scripting vulnerability in Apache Struts

Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability.

6.1
2020-02-26 CVE-2020-8952 Fiserv Cross-site Scripting vulnerability in Fiserv Accurate Reconciliation 2.19.0

Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allows XSS via the logout.jsp timeOut parameter.

6.1
2020-02-26 CVE-2019-19134 Heroplugins Cross-site Scripting vulnerability in Heroplugins Hero Maps Premium

The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input.

6.1
2020-02-26 CVE-2020-9405 Iblsoft Cross-site Scripting vulnerability in Iblsoft Online Weather

IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page.

6.1
2020-02-25 CVE-2020-9393 Supsystic Cross-site Scripting vulnerability in Supsystic Pricing Table BY Supsystic 1.8.0/1.8.1

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress.

6.1
2020-02-25 CVE-2020-9019 Wpjobboard Cross-site Scripting vulnerability in Wpjobboard 5.5.3

The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description.

6.1
2020-02-24 CVE-2019-17229 Stylemixthemes Cross-site Scripting vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing

includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress has multiple stored XSS issues.

6.1
2020-02-24 CVE-2019-12513 Netgear Cross-site Scripting vulnerability in Netgear Nighthawk X10-R9000 Firmware

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device.

6.1
2020-02-24 CVE-2019-12512 Netgear Cross-site Scripting vulnerability in Netgear Nighthawk X10-R9000 Firmware

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login attempt.

6.1
2020-02-24 CVE-2019-4595 IBM Open Redirect vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

6.1
2020-02-24 CVE-2019-3670 Mcafee Cross-site Scripting vulnerability in Mcafee web Advisor 8.0.0.34239/8.0.34745

Remote Code Execution vulnerability in the web interface in McAfee Web Advisor (WA) 8.0.34745 and earlier allows remote unauthenticated attacker to execute arbitrary code via a cross site scripting attack.

6.1
2020-02-28 CVE-2020-1875 Huawei Access of Uninitialized Pointer vulnerability in Huawei products

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability.

5.5
2020-02-28 CVE-2020-1874 Huawei Access of Uninitialized Pointer vulnerability in Huawei products

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability.

5.5
2020-02-28 CVE-2020-1792 Huawei Out-of-bounds Write vulnerability in Huawei Honor V10 Firmware

Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4) have an out of bounds write vulnerability.

5.5
2020-02-28 CVE-2020-9399 Avast Interpretation Conflict vulnerability in Avast products

The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive.

5.5
2020-02-27 CVE-2020-3875 Apple Out-of-bounds Read vulnerability in Apple products

A validation issue was addressed with improved input sanitization.

5.5
2020-02-27 CVE-2020-3872 Apple Improper Initialization vulnerability in Apple products

A memory initialization issue was addressed with improved memory handling.

5.5
2020-02-27 CVE-2020-3866 Apple Unspecified vulnerability in Apple mac OS X

This was addressed with additional checks by Gatekeeper on files mounted through a network share.

5.5
2020-02-27 CVE-2020-3839 Apple Improper Input Validation vulnerability in Apple mac OS X

A validation issue was addressed with improved input sanitization.

5.5
2020-02-27 CVE-2020-3836 Apple Unspecified vulnerability in Apple products

An access issue was addressed with improved memory management.

5.5
2020-02-27 CVE-2017-16900 Hunesion Improper Restriction of Excessive Authentication Attempts vulnerability in Hunesion I-Onenet 3.0.6042.1200

Incorrect Access Control in Hunesion i-oneNet 3.0.6042.1200 allows the local user to access other user's information which is unauthorized via brute force.

5.5
2020-02-25 CVE-2020-9391 Linux
Fedoraproject
Netapp
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture.

5.5
2020-02-28 CVE-2020-9459 Webnus Cross-site Scripting vulnerability in Webnus Modern Events Calendar Lite

Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite plugin through 5.1.6 for WordPress allows remote authenticated users (with minimal permissions) to inject arbitrary JavaScript, HTML, or CSS via Ajax actions.

5.4
2020-02-26 CVE-2020-8951 Fiserv Cross-site Scripting vulnerability in Fiserv Accurate Reconciliation 2.19.0

Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allows XSS via the Source or Destination field of the Configuration Manager (Configuration Parameter Translation) page.

5.4
2020-02-26 CVE-2019-4596 IBM Cross-site Scripting vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting.

5.4
2020-02-26 CVE-2019-19991 Seling Cross-site Scripting vulnerability in Seling Visual Access Manager 4.15.0/4.29.0

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29.

5.4
2020-02-26 CVE-2019-19990 Seling Cross-site Scripting vulnerability in Seling Visual Access Manager 4.15.0/4.29.0

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29.

5.4
2020-02-25 CVE-2020-9008 Blackboard Cross-site Scripting vulnerability in Blackboard Learn 1.10.1/9.1

Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor.

5.4
2020-02-25 CVE-2020-9334 Enviragallery Cross-site Scripting vulnerability in Enviragallery Envira Gallery

A stored XSS vulnerability exists in the Envira Photo Gallery plugin through 1.7.6 for WordPress.

5.4
2020-02-24 CVE-2020-9382 Widgets Project Injection vulnerability in Widgets Project Widgets

An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki.

5.4
2020-02-24 CVE-2020-5186 Dnnsoftware Cross-site Scripting vulnerability in Dnnsoftware Dotnetnuke

DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2).

5.4
2020-02-27 CVE-2018-8878 Asuswrt Merlin
Asus
Information Exposure vulnerability in multiple products

Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the custom_id variable on the blocking.asp page.

5.3
2020-02-27 CVE-2018-8877 Asus
Asuswrt Merlin
Information Exposure vulnerability in multiple products

Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network IP address ranges by reading the new_lan_ip variable on the error_page.htm page.

5.3
2020-02-27 CVE-2020-7063 PHP
Tenable
Debian
Opensuse
Improper Preservation of Permissions vulnerability in multiple products

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions.

5.3
2020-02-27 CVE-2020-3874 Apple Improper Cross-boundary Removal of Sensitive Data vulnerability in Apple Iphone OS

An issued existed in the naming of screenshots.

5.3
2020-02-27 CVE-2020-3869 Apple Unspecified vulnerability in Apple Iphone OS

An issue existed in the handling of the local user's self-view.

5.3
2020-02-27 CVE-2020-5401 Cloudfoundry HTTP Request Smuggling vulnerability in Cloudfoundry Routing Release

Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients trying to access the app.

5.3
2020-02-27 CVE-2020-7042 Openfortivpn Project
Fedoraproject
Opensuse
Use of Uninitialized Resource vulnerability in multiple products

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later.

5.3
2020-02-27 CVE-2020-7041 Openfortivpn Project
Fedoraproject
Opensuse
Improper Certificate Validation vulnerability in multiple products

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later.

5.3
2020-02-26 CVE-2020-3170 Cisco Improper Input Validation vulnerability in Cisco Nx-Os

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart.

5.3
2020-02-26 CVE-2019-4537 IBM Unspecified vulnerability in IBM Websphere Service Registry and Repository 8.5

IBM WebSphere Service Registry and Repository 8.5 could allow a user to obtain sensitive version information that could be used in further attacks against the system.

5.3
2020-02-26 CVE-2019-19993 Seling Information Exposure Through an Error Message vulnerability in Seling Visual Access Manager 4.15.0/4.29.0

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29.

5.3
2020-02-26 CVE-2020-9407 Iblsoft Cleartext Storage of Sensitive Information vulnerability in Iblsoft Online Weather

IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie.

5.3
2020-02-25 CVE-2020-9018 Litecart Cross-Site Request Forgery (CSRF) vulnerability in Litecart

LiteCart through 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user.

5.3
2020-02-25 CVE-2019-4672 IBM Unspecified vulnerability in IBM Qradar Advisor 1.1/2.5.0

IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system.

5.3
2020-02-24 CVE-2019-10798 RDF Graph Array Project Unspecified vulnerability in Rdf-Graph-Array Project Rdf-Graph-Array 0.3.0

rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution.

5.3
2020-02-24 CVE-2019-4703 IBM Unspecified vulnerability in IBM Spectrum Protect Plus

IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information.

5.3
2020-02-25 CVE-2020-9335 10Web Cross-site Scripting vulnerability in 10Web Photo Gallery

Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress.

4.8
2020-02-25 CVE-2019-12863 Solarwinds Cross-site Scripting vulnerability in Solarwinds products

SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.

4.8
2020-02-24 CVE-2020-1935 Apache
Debian
Canonical
Opensuse
Netapp
Oracle
HTTP Request Smuggling vulnerability in multiple products

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid.

4.8
2020-02-24 CVE-2019-17569 Apache
Opensuse
Netapp
Debian
Oracle
HTTP Request Smuggling vulnerability in multiple products

The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression.

4.8
2020-02-26 CVE-2020-3174 Cisco Insufficient Verification of Data Authenticity vulnerability in Cisco Nx-Os 8.1(1)/8.4(1)/9.3(1)

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries.

4.7
2020-02-25 CVE-2020-8793 Opensmtpd
Fedoraproject
Canonical
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products

OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.

4.7
2020-02-28 CVE-2020-1877 Huawei Access of Uninitialized Pointer vulnerability in Huawei products

NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability.

4.4
2020-02-28 CVE-2020-1861 Huawei Unspecified vulnerability in Huawei Cloudengine 12800 Firmware

CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some Huawei products.

4.4
2020-02-27 CVE-2020-3835 Apple Link Following vulnerability in Apple mac OS X

A validation issue existed in the handling of symlinks.

4.4
2020-02-27 CVE-2020-3833 Apple Unspecified vulnerability in Apple Safari

An inconsistent user interface issue was addressed with improved state management.

4.3
2020-02-26 CVE-2019-4726 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

4.3
2020-02-24 CVE-2019-4745 IBM Incorrect Authorization vulnerability in IBM products

IBM Maximo Asset Management 7.6.1.0 could allow a remote attacker to disclose sensitive information to an authenticated user due to disclosing path information in the URL.

4.3

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-02-27 CVE-2020-3873 Apple Unspecified vulnerability in Apple Iphone OS

This issue was addressed with improved setting propagation.

3.3
2020-02-27 CVE-2020-3844 Apple Unspecified vulnerability in Apple Iphone OS

This issue was addressed with improved checks.

3.3
2020-02-27 CVE-2020-3830 Apple Link Following vulnerability in Apple mac OS X

A validation issue existed in the handling of symlinks.

3.3
2020-02-27 CVE-2020-3859 Apple Unspecified vulnerability in Apple Iphone OS

An inconsistent user interface issue was addressed with improved state management.

2.4
2020-02-27 CVE-2020-3828 Apple Unspecified vulnerability in Apple Iphone OS

A lock screen issue allowed access to contacts on a locked device.

2.4