Weekly Vulnerabilities Reports > February 24 to March 1, 2020
Overview
238 new vulnerabilities reported during this period, including 38 critical vulnerabilities and 48 high severity vulnerabilities. This weekly summary report vulnerabilities in 234 products from 105 vendors including Apple, Fedoraproject, Debian, Opensuse, and IBM. Vulnerabilities are notably categorized as "OS Command Injection", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Out-of-bounds Read", and "Out-of-bounds Write".
- 200 reported vulnerabilities are remotely exploitables.
- 5 reported vulnerabilities have public exploit available.
- 81 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 185 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 45 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 14 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
38 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-28 | CVE-2019-15609 | Kill Port Process Project | OS Command Injection vulnerability in Kill-Port-Process Project Kill-Port-Process The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability. | 10.0 |
2020-02-27 | CVE-2020-3924 | Tonnet | Injection vulnerability in Tonnet products DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. | 10.0 |
2020-02-27 | CVE-2020-3923 | Tonnet | Incorrect Authorization vulnerability in Tonnet products DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, contain misconfigured authentication mechanism. | 10.0 |
2020-02-26 | CVE-2019-19994 | Seling | OS Command Injection vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 10.0 |
2020-02-25 | CVE-2015-0565 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Native Client 2015 NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. | 10.0 | |
2020-02-24 | CVE-2018-14705 | Drobo | Improper Authentication vulnerability in Drobo 5N2 Firmware 4.0.5 In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. | 10.0 |
2020-02-24 | CVE-2020-4222 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 10.0 |
2020-02-24 | CVE-2020-4213 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 10.0 |
2020-02-24 | CVE-2020-4212 | IBM | Improper Input Validation vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 10.0 |
2020-02-24 | CVE-2020-4211 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 10.0 |
2020-02-24 | CVE-2020-4210 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 10.0 |
2020-02-26 | CVE-2020-9406 | Iblsoft | Code Injection vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service. | 9.8 |
2020-02-25 | CVE-2020-8794 | Opensmtpd Canonical Fedoraproject Debian | Out-of-bounds Read vulnerability in multiple products OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. | 9.8 |
2020-02-24 | CVE-2020-1938 | Apache Fedoraproject Oracle Debian Opensuse Blackberry Netapp | When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. | 9.8 |
2020-02-24 | CVE-2019-18183 | Pacman Project Fedoraproject | OS Command Injection vulnerability in multiple products pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. | 9.8 |
2020-02-24 | CVE-2019-18182 | Pacman Project Fedoraproject | OS Command Injection vulnerability in multiple products pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function. | 9.8 |
2020-02-27 | CVE-2020-3871 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X A memory corruption issue was addressed with improved memory handling. | 9.3 |
2020-02-27 | CVE-2020-3868 | Apple Opensuse | Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. | 9.3 |
2020-02-27 | CVE-2020-3858 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Ipados and Iphone OS A memory corruption issue was addressed with improved memory handling. | 9.3 |
2020-02-27 | CVE-2020-3856 | Apple | Improper Input Validation vulnerability in Apple products A memory corruption issue was addressed with improved input validation. | 9.3 |
2020-02-27 | CVE-2020-3854 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X A memory corruption issue was addressed with improved memory handling. | 9.3 |
2020-02-27 | CVE-2020-3853 | Apple | Type Confusion vulnerability in Apple products A type confusion issue was addressed with improved memory handling. | 9.3 |
2020-02-27 | CVE-2020-3845 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X A memory corruption issue was addressed with improved memory handling. | 9.3 |
2020-02-27 | CVE-2020-3843 | Apple | Out-of-bounds Write vulnerability in Apple Iphone OS and Watchos A memory corruption issue was addressed with improved input validation. | 9.3 |
2020-02-27 | CVE-2020-3842 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products A memory corruption issue was addressed with improved memory handling. | 9.3 |
2020-02-27 | CVE-2020-3838 | Apple | Incorrect Default Permissions vulnerability in Apple products The issue was addressed with improved permissions logic. | 9.3 |
2020-02-27 | CVE-2020-3837 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products A memory corruption issue was addressed with improved memory handling. | 9.3 |
2020-02-27 | CVE-2020-3834 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Watchos A memory corruption issue was addressed with improved state management. | 9.3 |
2020-02-27 | CVE-2020-3829 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved bounds checking. | 9.3 |
2020-02-27 | CVE-2020-3827 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. | 9.3 |
2020-02-25 | CVE-2020-9398 | Ispconfig | SQL Injection vulnerability in Ispconfig ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection. | 9.3 |
2020-02-24 | CVE-2019-12511 | Netgear | OS Command Injection vulnerability in Netgear Nighthawk X10-R9000 Firmware 1.0.4.24 In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. | 9.3 |
2020-02-27 | CVE-2020-7043 | Openfortivpn Project Fedoraproject Opensuse | Improper Certificate Validation vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. | 9.1 |
2020-02-28 | CVE-2020-9463 | Centreon | OS Command Injection vulnerability in Centreon 19.10 Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request. | 9.0 |
2020-02-25 | CVE-2019-5162 | Moxa | Unspecified vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. | 9.0 |
2020-02-25 | CVE-2019-5142 | Moxa | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. | 9.0 |
2020-02-25 | CVE-2019-5138 | Moxa | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. | 9.0 |
2020-02-25 | CVE-2019-5136 | Moxa | Unspecified vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. | 9.0 |
48 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-27 | CVE-2020-6418 | Google Fedoraproject Redhat Debian | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-02-27 | CVE-2020-6407 | Out-of-bounds Write vulnerability in Google Chrome Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2020-02-27 | CVE-2020-6386 | Google Fedoraproject Redhat Debian | Use After Free vulnerability in multiple products Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-02-27 | CVE-2020-6384 | Google Fedoraproject Redhat Debian | Use After Free vulnerability in multiple products Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-02-27 | CVE-2020-6383 | Google Fedoraproject Redhat Debian | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-02-26 | CVE-2020-3172 | Cisco | Improper Input Validation vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. | 8.8 |
2020-02-24 | CVE-2020-1937 | Apache | SQL Injection vulnerability in Apache Kylin Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries. | 8.8 |
2020-02-24 | CVE-2020-5245 | Dropwizard Oracle | Injection vulnerability in multiple products Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2. | 8.8 |
2020-02-24 | CVE-2020-5187 | Dnnsoftware | Path Traversal vulnerability in Dnnsoftware Dotnetnuke DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2). | 8.8 |
2020-02-24 | CVE-2019-10799 | Compile Sass Project | OS Command Injection vulnerability in Compile-Sass Project Compile-Sass compile-sass prior to 1.0.5 allows execution of arbritary commands. | 8.5 |
2020-02-27 | CVE-2017-6363 | Libgd | Out-of-bounds Read vulnerability in Libgd In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. | 8.1 |
2020-02-28 | CVE-2020-1873 | Huawei | Out-of-bounds Read vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. | 7.8 |
2020-02-28 | CVE-2019-8741 | Apple | Infinite Loop vulnerability in Apple products A denial of service issue was addressed with improved input validation. | 7.8 |
2020-02-26 | CVE-2020-3175 | Cisco | Resource Exhaustion vulnerability in Cisco Nx-Os 6.2(1) A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |
2020-02-26 | CVE-2020-3167 | Cisco | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). | 7.8 |
2020-02-24 | CVE-2012-0785 | Cloudbees Jenkins | Resource Exhaustion vulnerability in multiple products Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack." | 7.8 |
2020-02-24 | CVE-2019-20044 | ZSH Fedoraproject Debian Apple | Improper Check for Dropped Privileges vulnerability in multiple products In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. | 7.8 |
2020-02-27 | CVE-2020-3831 | Apple | Race Condition vulnerability in Apple Ipados and Iphone OS A race condition was addressed with improved locking. | 7.6 |
2020-02-28 | CVE-2019-10804 | Serial Number Project | OS Command Injection vulnerability in Serial-Number Project Serial-Number serial-number through 1.3.0 allows execution of arbritary commands. | 7.5 |
2020-02-28 | CVE-2019-10803 | Push DIR Project | OS Command Injection vulnerability in Push-Dir Project Push-Dir push-dir through 0.4.1 allows execution of arbritary commands. | 7.5 |
2020-02-28 | CVE-2019-10802 | Mangoraft | OS Command Injection vulnerability in Mangoraft Giting giting version prior to 0.0.8 allows execution of arbritary commands. | 7.5 |
2020-02-28 | CVE-2019-10801 | Enpeem Project | OS Command Injection vulnerability in Enpeem Project Enpeem enpeem through 2.2.0 allows execution of arbitrary commands. | 7.5 |
2020-02-28 | CVE-2020-9465 | Eyesofnetwork | SQL Injection vulnerability in Eyesofnetwork Eonweb An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. | 7.5 |
2020-02-28 | CVE-2020-8132 | PDF Image Project | Improper Input Validation vulnerability in Pdf-Image Project Pdf-Image Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input. | 7.5 |
2020-02-28 | CVE-2020-5247 | Ruby Lang Puma Debian Fedoraproject | HTTP Response Splitting vulnerability in multiple products In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. | 7.5 |
2020-02-27 | CVE-2020-9431 | Wireshark Opensuse Fedoraproject Debian | Memory Leak vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. | 7.5 |
2020-02-27 | CVE-2020-9430 | Wireshark Fedoraproject Opensuse Debian | Improper Input Validation vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. | 7.5 |
2020-02-27 | CVE-2020-9429 | Wireshark Opensuse | NULL Pointer Dereference vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. | 7.5 |
2020-02-27 | CVE-2020-9428 | Wireshark Debian Fedoraproject Opensuse | Out-of-bounds Read vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. | 7.5 |
2020-02-26 | CVE-2019-17275 | Netapp | Unspecified vulnerability in Netapp Oncommand Cloud Manager OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers. | 7.5 |
2020-02-26 | CVE-2020-9274 | Pureftpd Debian Fedoraproject Canonical | Access of Uninitialized Pointer vulnerability in multiple products An issue was discovered in Pure-FTPd 1.0.49. | 7.5 |
2020-02-25 | CVE-2015-5201 | Redhat | Missing Authentication for Critical Function vulnerability in Redhat products VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors. | 7.5 |
2020-02-25 | CVE-2016-11020 | Kunena | Unrestricted Upload of File with Dangerous Type vulnerability in Kunena 5.0.2/5.0.3 Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. | 7.5 |
2020-02-24 | CVE-2020-9374 | TP Link | OS Command Injection vulnerability in Tp-Link Tl-Wr849N Firmware 0.9.14.16 On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature. | 7.5 |
2020-02-24 | CVE-2020-9369 | Sympa Fedoraproject Debian | Resource Exhaustion vulnerability in multiple products Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of notifications to listmasters) via a series of requests with malformed parameters. | 7.5 |
2020-02-24 | CVE-2020-9366 | GNU | Out-of-bounds Write vulnerability in GNU Screen A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. | 7.5 |
2020-02-24 | CVE-2020-9365 | Pureftpd Fedoraproject | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Pure-FTPd 1.0.49. | 7.5 |
2020-02-28 | CVE-2020-9442 | Openvpn | Improper Preservation of Permissions vulnerability in Openvpn Connect 3.1.0.361 OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. | 7.2 |
2020-02-27 | CVE-2020-3860 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Ipados and Iphone OS A memory corruption issue was addressed with improved input validation. | 7.2 |
2020-02-27 | CVE-2020-3857 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products A memory corruption issue was addressed with improved memory handling. | 7.2 |
2020-02-26 | CVE-2019-17274 | Netapp | Insecure Default Initialization of Resource vulnerability in Netapp products NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access. | 7.2 |
2020-02-26 | CVE-2020-3173 | Cisco | OS Command Injection vulnerability in Cisco UCS Manager A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. | 7.2 |
2020-02-26 | CVE-2020-3171 | Cisco | OS Command Injection vulnerability in Cisco Fxos and UCS Manager A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. | 7.2 |
2020-02-25 | CVE-2019-4000 | Druva | Code Injection vulnerability in Druva Insync 6.5.0 Improper neutralization of directives in dynamically evaluated code in Druva inSync Mac OS Client 6.5.0 allows a local, authenticated attacker to execute arbitrary Python expressions with root privileges. | 7.2 |
2020-02-25 | CVE-2019-3999 | Druva | OS Command Injection vulnerability in Druva Insync Client 6.5.0 Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges. | 7.2 |
2020-02-28 | CVE-2020-1792 | Huawei | Out-of-bounds Write vulnerability in Huawei Honor V10 Firmware Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4) have an out of bounds write vulnerability. | 7.1 |
2020-02-26 | CVE-2020-3168 | Cisco | Resource Exhaustion vulnerability in Cisco Nx-Os 5.2(1)Sv3(4.1A) A vulnerability in the Secure Login Enhancements capability of Cisco Nexus 1000V Switch for VMware vSphere could allow an unauthenticated, remote attacker to cause an affected Nexus 1000V Virtual Supervisor Module (VSM) to become inaccessible to users through the CLI. | 7.1 |
2020-02-25 | CVE-2020-9383 | Linux Debian Opensuse Canonical Netapp | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel 3.16 through 5.5.6. | 7.1 |
128 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-28 | CVE-2019-3698 | Nagios Opensuse | Link Following vulnerability in multiple products UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. | 6.9 |
2020-02-28 | CVE-2015-3006 | Juniper | Insufficient Entropy vulnerability in Juniper Junos On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. | 6.8 |
2020-02-27 | CVE-2020-3878 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 6.8 |
2020-02-27 | CVE-2020-3870 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 6.8 |
2020-02-27 | CVE-2020-3865 | Apple Opensuse | Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. | 6.8 |
2020-02-27 | CVE-2020-3846 | Apple | XML Injection (aka Blind XPath Injection) vulnerability in Apple products A buffer overflow was addressed with improved size validation. | 6.8 |
2020-02-27 | CVE-2020-3840 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An off by one issue existed in the handling of racoon configuration files. | 6.8 |
2020-02-27 | CVE-2020-3826 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 6.8 |
2020-02-27 | CVE-2020-3825 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. | 6.8 |
2020-02-27 | CVE-2020-5402 | Cloudfoundry | Cross-Site Request Forgery (CSRF) vulnerability in Cloudfoundry Cf-Deployment In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers. | 6.8 |
2020-02-27 | CVE-2015-5686 | Puppet | Cross-Site Request Forgery (CSRF) vulnerability in Puppet Enterprise Parts of the Puppet Enterprise Console 3.x were found to be susceptible to clickjacking and CSRF (Cross-Site Request Forgery) attacks. | 6.8 |
2020-02-25 | CVE-2020-9394 | Supsystic | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Pricing Table BY Supsystic 1.8.0/1.8.1 An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. | 6.8 |
2020-02-25 | CVE-2020-8810 | Gurux | Path Traversal vulnerability in Gurux Device Language Message Specification Director An issue was discovered in Gurux GXDLMS Director through 8.5.1905.1301. | 6.8 |
2020-02-25 | CVE-2020-8809 | Gurux | Download of Code Without Integrity Check vulnerability in Gurux Device Language Message Specification Director Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. | 6.8 |
2020-02-24 | CVE-2019-10796 | RPI Project | OS Command Injection vulnerability in RPI Project RPI 0.0.3 rpi through 0.0.3 allows execution of arbritary commands. | 6.8 |
2020-02-24 | CVE-2020-9363 | Sophos | Interpretation Conflict vulnerability in Sophos products The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. | 6.8 |
2020-02-24 | CVE-2020-9362 | Quickheal | Interpretation Conflict vulnerability in Quickheal products The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. | 6.8 |
2020-02-24 | CVE-2019-20480 | Miele | Cross-Site Request Forgery (CSRF) vulnerability in Miele XGW 3000 Zigbee Gateway Firmware In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website visited by an authenticated admin user or a malicious mail is allowed to make arbitrary changes in the "admin panel" because there is no CSRF protection. | 6.8 |
2020-02-26 | CVE-2020-3169 | Cisco | OS Command Injection vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. | 6.7 |
2020-02-26 | CVE-2020-3166 | Cisco | Improper Input Validation vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). | 6.7 |
2020-02-28 | CVE-2015-5361 | Juniper | Inadequate Encryption Strength vulnerability in Juniper Junos Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. | 6.5 |
2020-02-28 | CVE-2020-9449 | Justblab | Use of Insufficiently Random Values vulnerability in Justblab products An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS (client), and BlaB! WS Pro (client) version 19.11 allows an attacker (with a guest or user session cookie) to escalate privileges by retrieving the cookie salt value and creating a valid session cookie for an arbitrary user or admin. | 6.5 |
2020-02-27 | CVE-2019-5326 | Arubanetworks | Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. | 6.5 |
2020-02-27 | CVE-2019-5323 | Arubanetworks | Command Injection vulnerability in Arubanetworks Airwave There are command injection vulnerabilities present in the AirWave application. | 6.5 |
2020-02-27 | CVE-2019-4669 | IBM | SQL Injection vulnerability in IBM products IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection. | 6.5 |
2020-02-26 | CVE-2019-4598 | IBM | SQL Injection vulnerability in IBM Sterling B2B Integrator 5.2.0.0/5.2.6.36/5.2.6.5 IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. | 6.5 |
2020-02-26 | CVE-2019-4597 | IBM | SQL Injection vulnerability in IBM Sterling B2B Integrator 5.2.0.0/5.2.6.36/5.2.6.5 IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. | 6.5 |
2020-02-26 | CVE-2019-19988 | Seling | Out-of-bounds Write vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 6.5 |
2020-02-25 | CVE-2019-5165 | Moxa | Improper Authentication vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. | 6.5 |
2020-02-25 | CVE-2019-5153 | Moxa | Out-of-bounds Write vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. | 6.5 |
2020-02-25 | CVE-2019-5143 | Moxa | Use of Externally-Controlled Format String vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. | 6.5 |
2020-02-25 | CVE-2019-5141 | Moxa | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. | 6.5 |
2020-02-25 | CVE-2019-5140 | Moxa | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. | 6.5 |
2020-02-24 | CVE-2020-5188 | Dnnsoftware | Unrestricted Upload of File with Dangerous Type vulnerability in Dnnsoftware Dotnetnuke DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions. | 6.5 |
2020-02-24 | CVE-2019-15299 | Centreon | Improper Authentication vulnerability in Centreon web An issue was discovered in Centreon Web through 19.04.3. | 6.5 |
2020-02-27 | CVE-2020-9434 | LUA Openssl Project | Improper Certificate Validation vulnerability in Lua-Openssl Project Lua-Openssl 0.7.71 openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values. | 6.4 |
2020-02-27 | CVE-2020-9433 | LUA Openssl Project | Improper Certificate Validation vulnerability in Lua-Openssl Project Lua-Openssl 0.7.71 openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values. | 6.4 |
2020-02-27 | CVE-2020-9432 | LUA Openssl Project | Improper Certificate Validation vulnerability in Lua-Openssl Project Lua-Openssl 0.7.71 openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values. | 6.4 |
2020-02-27 | CVE-2020-7061 | PHP Tenable | Out-of-bounds Read vulnerability in multiple products In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. | 6.4 |
2020-02-24 | CVE-2019-17228 | Stylemixthemes | Insufficient Verification of Data Authenticity vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress allows unauthenticated options changes. | 6.4 |
2020-02-24 | CVE-2019-12510 | Netgear | Insufficient Verification of Data Authenticity vulnerability in Netgear Nighthawk X10-R9000 Firmware 1.0.4.24 In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API ("/soap/server_sa") by supplying a malicious X-Forwarded-For header of the device's LAN IP address (192.168.1.1) in every request. | 6.4 |
2020-02-24 | CVE-2020-8130 | Ruby Lang Debian Canonical Fedoraproject Opensuse | OS Command Injection vulnerability in multiple products There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`. | 6.4 |
2020-02-26 | CVE-2020-9405 | Iblsoft | Cross-site Scripting vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page. | 6.1 |
2020-02-24 | CVE-2019-3670 | Mcafee | Cross-site Scripting vulnerability in Mcafee web Advisor 8.0.0.34239/8.0.34745 Remote Code Execution vulnerability in the web interface in McAfee Web Advisor (WA) 8.0.34745 and earlier allows remote unauthenticated attacker to execute arbitrary code via a cross site scripting attack. | 6.1 |
2020-02-28 | CVE-2019-4301 | Hcltech | Unspecified vulnerability in Hcltech Self-Service Application 3.0.0 BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML. | 6.0 |
2020-02-25 | CVE-2020-9017 | Litecart | Injection vulnerability in Litecart LiteCart through 2.2.1 allows CSV injection via a customer's profile. | 6.0 |
2020-02-28 | CVE-2020-6803 | Mozilla | Open Redirect vulnerability in Mozilla Webthings Gateway An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in. | 5.8 |
2020-02-28 | CVE-2020-9466 | Export Users TO CSV Project | Injection vulnerability in Export Users TO CSV Project Export Users TO CSV The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV Injection. | 5.8 |
2020-02-24 | CVE-2019-4595 | IBM | Open Redirect vulnerability in IBM Sterling B2B Integrator 5.2.0.0/5.2.6.36/5.2.6.5 IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.8 |
2020-02-27 | CVE-2017-16900 | Hunesion | Improper Restriction of Excessive Authentication Attempts vulnerability in Hunesion I-Onenet 3.0.6042.1200 Incorrect Access Control in Hunesion i-oneNet 3.0.6042.1200 allows the local user to access other user's information which is unauthorized via brute force. | 5.5 |
2020-02-25 | CVE-2020-9391 | Linux Fedoraproject Netapp | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. | 5.5 |
2020-02-25 | CVE-2020-8819 | Cardgate | Origin Validation Error vulnerability in Cardgate Payments An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. | 5.5 |
2020-02-25 | CVE-2020-8818 | Cardgate Adobe | Origin Validation Error vulnerability in multiple products An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. | 5.5 |
2020-02-24 | CVE-2020-9382 | Widgets Project | Incorrect Permission Assignment for Critical Resource vulnerability in Widgets Project Widgets An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. | 5.5 |
2020-02-25 | CVE-2020-9334 | Enviragallery | Cross-site Scripting vulnerability in Enviragallery Envira Gallery A stored XSS vulnerability exists in the Envira Photo Gallery plugin through 1.7.6 for WordPress. | 5.4 |
2020-02-24 | CVE-2020-5186 | Dnnsoftware | Cross-site Scripting vulnerability in Dnnsoftware Dotnetnuke DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2). | 5.4 |
2020-02-27 | CVE-2020-7042 | Openfortivpn Project Fedoraproject Opensuse | Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. | 5.3 |
2020-02-27 | CVE-2020-7041 | Openfortivpn Project Fedoraproject Opensuse | Improper Certificate Validation vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. | 5.3 |
2020-02-26 | CVE-2020-9407 | Iblsoft | Cleartext Storage of Sensitive Information vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie. | 5.3 |
2020-02-24 | CVE-2020-8131 | Yarnpkg | Path Traversal vulnerability in Yarnpkg Yarn Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows attackers to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install a malicious package. | 5.1 |
2020-02-28 | CVE-2019-7007 | Avaya | Path Traversal vulnerability in Avaya Aura Conferencing 9.0/9.1.9.0 A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. | 5.0 |
2020-02-28 | CVE-2019-10805 | Sideralis | Exposure of Resource to Wrong Sphere vulnerability in Sideralis Valib.Js 2.0.0 valib through 2.0.0 allows Internal Property Tampering. | 5.0 |
2020-02-28 | CVE-2018-21035 | QT | Allocation of Resources Without Limits or Throttling vulnerability in QT In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. | 5.0 |
2020-02-28 | CVE-2019-19943 | Pablosoftwaresolutions | Double Free vulnerability in Pablosoftwaresolutions Quick 'N Easy web Server 3.3.8 The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. | 5.0 |
2020-02-28 | CVE-2020-1881 | Huawei | Unspecified vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. | 5.0 |
2020-02-28 | CVE-2020-1876 | Huawei | Out-of-bounds Write vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. | 5.0 |
2020-02-28 | CVE-2020-1860 | Huawei | Improper Input Validation vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. | 5.0 |
2020-02-28 | CVE-2019-10064 | W1 FI Debian | Insufficient Entropy vulnerability in multiple products hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. | 5.0 |
2020-02-27 | CVE-2018-8878 | Asuswrt Merlin Asus | Information Exposure vulnerability in multiple products Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the custom_id variable on the blocking.asp page. | 5.0 |
2020-02-27 | CVE-2018-8877 | Asus Asuswrt Merlin | Information Exposure vulnerability in multiple products Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network IP address ranges by reading the new_lan_ip variable on the error_page.htm page. | 5.0 |
2020-02-27 | CVE-2020-7063 | PHP Tenable Debian Opensuse | Improper Preservation of Permissions vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. | 5.0 |
2020-02-27 | CVE-2020-3877 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X An out-of-bounds read was addressed with improved input validation. | 5.0 |
2020-02-27 | CVE-2020-3874 | Apple | Information Exposure vulnerability in Apple Ipados and Iphone OS An issued existed in the naming of screenshots. | 5.0 |
2020-02-27 | CVE-2020-3869 | Apple | Unspecified vulnerability in Apple Ipados and Iphone OS An issue existed in the handling of the local user's self-view. | 5.0 |
2020-02-27 | CVE-2020-5401 | Cloudfoundry | HTTP Request Smuggling vulnerability in Cloudfoundry Routing Release Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients trying to access the app. | 5.0 |
2020-02-27 | CVE-2017-6371 | Synchro | Unspecified vulnerability in Synchro BBS 3.16C Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header. | 5.0 |
2020-02-26 | CVE-2019-18238 | Moxa | Cleartext Storage of Sensitive Information vulnerability in Moxa products In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account. | 5.0 |
2020-02-26 | CVE-2019-4537 | IBM | Unspecified vulnerability in IBM Websphere Service Registry and Repository 8.5 IBM WebSphere Service Registry and Repository 8.5 could allow a user to obtain sensitive version information that could be used in further attacks against the system. | 5.0 |
2020-02-26 | CVE-2019-19993 | Seling | Information Exposure Through an Error Message vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 5.0 |
2020-02-26 | CVE-2019-19989 | Seling | Missing Authorization vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 5.0 |
2020-02-26 | CVE-2019-19986 | Seling | SQL Injection vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 5.0 |
2020-02-25 | CVE-2020-9018 | Litecart | Cross-Site Request Forgery (CSRF) vulnerability in Litecart LiteCart through 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user. | 5.0 |
2020-02-25 | CVE-2019-5148 | Moxa | Integer Underflow (Wrap or Wraparound) vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. | 5.0 |
2020-02-25 | CVE-2019-5137 | Moxa | Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13 The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13. | 5.0 |
2020-02-25 | CVE-2019-4672 | IBM | Unspecified vulnerability in IBM Qradar Advisor 1.1/2.5.0 IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. | 5.0 |
2020-02-25 | CVE-2019-4557 | IBM | Inadequate Encryption Strength vulnerability in IBM Qradar Advisor 1.1/2.5.0 IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2020-02-25 | CVE-2020-9385 | Zint | NULL Pointer Dereference vulnerability in Zint 2.7.1 A NULL Pointer Dereference exists in libzint in Zint 2.7.1 because multiple + characters are mishandled in add_on in upcean.c, when called from eanx in upcean.c during EAN barcode generation. | 5.0 |
2020-02-24 | CVE-2020-9381 | Totaljs | Incorrect Authorization vulnerability in Totaljs Total.Js CMS 13.0.0 controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a POST to the /admin/api/widgets/ URI. | 5.0 |
2020-02-24 | CVE-2020-5244 | Buddypress | Information Exposure vulnerability in Buddypress In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed. | 5.0 |
2020-02-24 | CVE-2019-10798 | RDF Graph Array Project | Unspecified vulnerability in Rdf-Graph-Array Project Rdf-Graph-Array 0.3.0 rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. | 5.0 |
2020-02-24 | CVE-2019-20481 | Miele | Improper Authentication vulnerability in Miele XGW 3000 Zigbee Gateway Firmware In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. | 5.0 |
2020-02-24 | CVE-2015-9542 | Freeradius Debian Canonical | Out-of-bounds Write vulnerability in multiple products add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). | 5.0 |
2020-02-28 | CVE-2020-1877 | Huawei | Access of Uninitialized Pointer vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. | 4.9 |
2020-02-28 | CVE-2020-1874 | Huawei | Access of Uninitialized Pointer vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. | 4.9 |
2020-02-24 | CVE-2020-1935 | Apache Debian Canonical Opensuse Netapp Oracle | HTTP Request Smuggling vulnerability in multiple products In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. | 4.8 |
2020-02-24 | CVE-2019-17569 | Apache Opensuse Netapp Debian Oracle | HTTP Request Smuggling vulnerability in multiple products The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. | 4.8 |
2020-02-25 | CVE-2020-8793 | Opensmtpd Fedoraproject Canonical | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c. | 4.7 |
2020-02-28 | CVE-2020-1844 | Huawei | Improper Privilege Management vulnerability in Huawei Pcmanager 10.0.1.36/9.0.1.50/9.1.3.1 PCManager with versions earlier than 10.0.5.51 have a privilege escalation vulnerability in Huawei PCManager products. | 4.6 |
2020-02-28 | CVE-2020-6804 | Mozilla | Cross-site Scripting vulnerability in Mozilla Webthings Gateway A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user's authentication token. | 4.3 |
2020-02-28 | CVE-2020-8127 | Revealjs | Cross-site Scripting vulnerability in Revealjs Reveal.Js Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks. | 4.3 |
2020-02-28 | CVE-2020-9447 | Gwtupload Project | Cross-site Scripting vulnerability in Gwtupload Project Gwtupload 1.0.3 There is an XSS (cross-site scripting) vulnerability in GwtUpload 1.0.3 in the file upload functionality. | 4.3 |
2020-02-28 | CVE-2020-9399 | Avast | Incorrect Authorization vulnerability in Avast products The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. | 4.3 |
2020-02-27 | CVE-2020-7062 | PHP Opensuse Debian Canonical | NULL Pointer Dereference vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash. | 4.3 |
2020-02-27 | CVE-2020-3875 | Apple | Out-of-bounds Read vulnerability in Apple products A validation issue was addressed with improved input sanitization. | 4.3 |
2020-02-27 | CVE-2020-3872 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products A memory initialization issue was addressed with improved memory handling. | 4.3 |
2020-02-27 | CVE-2020-3867 | Apple Opensuse Webkitgtk | Cross-site Scripting vulnerability in multiple products A logic issue was addressed with improved state management. | 4.3 |
2020-02-27 | CVE-2020-3866 | Apple | Incorrect Authorization vulnerability in Apple mac OS X This was addressed with additional checks by Gatekeeper on files mounted through a network share. | 4.3 |
2020-02-27 | CVE-2020-3862 | Apple Opensuse | A denial of service issue was addressed with improved memory handling. | 4.3 |
2020-02-27 | CVE-2020-3841 | Apple | Insufficiently Protected Credentials vulnerability in Apple Safari The issue was addressed with improved UI handling. | 4.3 |
2020-02-27 | CVE-2020-3833 | Apple | Unspecified vulnerability in Apple Safari An inconsistent user interface issue was addressed with improved state management. | 4.3 |
2020-02-27 | CVE-2015-2992 | Apache | Cross-site Scripting vulnerability in Apache Struts Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability. | 4.3 |
2020-02-26 | CVE-2020-3170 | Cisco | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. | 4.3 |
2020-02-26 | CVE-2020-3165 | Cisco | Use of Hard-coded Credentials vulnerability in Cisco Nx-Os A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. | 4.3 |
2020-02-26 | CVE-2020-8952 | Fiserv | Cross-site Scripting vulnerability in Fiserv Accurate Reconciliation 2.19.0 Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allows XSS via the logout.jsp timeOut parameter. | 4.3 |
2020-02-26 | CVE-2019-4726 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
2020-02-26 | CVE-2019-19987 | Seling | Cross-Site Request Forgery (CSRF) vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 4.3 |
2020-02-26 | CVE-2019-19134 | Heroplugins | Cross-site Scripting vulnerability in Heroplugins Hero Maps Premium The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input. | 4.3 |
2020-02-25 | CVE-2020-9393 | Supsystic | Cross-site Scripting vulnerability in Supsystic Pricing Table BY Supsystic 1.8.0/1.8.1 An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. | 4.3 |
2020-02-25 | CVE-2020-9019 | Wpjobboard | Cross-site Scripting vulnerability in Wpjobboard 5.5.3 The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description. | 4.3 |
2020-02-24 | CVE-2019-17229 | Stylemixthemes | Cross-site Scripting vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress has multiple stored XSS issues. | 4.3 |
2020-02-24 | CVE-2019-12513 | Netgear | Cross-site Scripting vulnerability in Netgear Nighthawk X10-R9000 Firmware In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. | 4.3 |
2020-02-24 | CVE-2019-12512 | Netgear | Cross-site Scripting vulnerability in Netgear Nighthawk X10-R9000 Firmware In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login attempt. | 4.3 |
2020-02-27 | CVE-2020-5400 | Cloudfoundry | Information Exposure Through Log Files vulnerability in Cloudfoundry Cf-Deployment Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the job. | 4.0 |
2020-02-26 | CVE-2019-19992 | Seling | Information Exposure vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 4.0 |
2020-02-26 | CVE-2020-9337 | Golfbuddyglobal | Insufficiently Protected Credentials vulnerability in Golfbuddyglobal Course Manager 1.1 In GolfBuddy Course Manager 1.1, passwords are sent (with base64 encoding) via a GET request. | 4.0 |
2020-02-25 | CVE-2020-9379 | Mitel | Incorrect Authorization vulnerability in Mitel Micontact Center Business 8.0/9.0.0.0/9.0.1.0 The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. | 4.0 |
2020-02-24 | CVE-2018-13313 | Totolink | Insecure Storage of Sensitive Information vulnerability in Totolink A3002Ru Firmware 1.0.8 In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. | 4.0 |
2020-02-24 | CVE-2019-4745 | IBM | Incorrect Authorization vulnerability in IBM products IBM Maximo Asset Management 7.6.1.0 could allow a remote attacker to disclose sensitive information to an authenticated user due to disclosing path information in the URL. | 4.0 |
24 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-02-27 | CVE-2020-3861 | Apple | Missing Authorization vulnerability in Apple Itunes The issue was addressed with improved permissions logic. | 3.6 |
2020-02-27 | CVE-2020-3835 | Apple | Link Following vulnerability in Apple mac OS X A validation issue existed in the handling of symlinks. | 3.6 |
2020-02-27 | CVE-2020-3830 | Apple | Link Following vulnerability in Apple mac OS X A validation issue existed in the handling of symlinks. | 3.6 |
2020-02-25 | CVE-2019-5139 | Moxa | Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. | 3.6 |
2020-02-28 | CVE-2020-9459 | Webnus | Cross-site Scripting vulnerability in Webnus Modern Events Calendar Lite Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite plugin through 5.1.6 for WordPress allows remote authenticated users (with minimal permissions) to inject arbitrary JavaScript, HTML, or CSS via Ajax actions. | 3.5 |
2020-02-26 | CVE-2020-8951 | Fiserv | Cross-site Scripting vulnerability in Fiserv Accurate Reconciliation 2.19.0 Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allows XSS via the Source or Destination field of the Configuration Manager (Configuration Parameter Translation) page. | 3.5 |
2020-02-26 | CVE-2019-4596 | IBM | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 5.2.0.0/5.2.6.36/5.2.6.5 IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. | 3.5 |
2020-02-26 | CVE-2019-19991 | Seling | Cross-site Scripting vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 3.5 |
2020-02-26 | CVE-2019-19990 | Seling | Cross-site Scripting vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 3.5 |
2020-02-25 | CVE-2020-9008 | Blackboard | Cross-site Scripting vulnerability in Blackboard Learn 9.1 Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor. | 3.5 |
2020-02-25 | CVE-2020-9335 | 10Web | Cross-site Scripting vulnerability in 10Web Photo Gallery Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. | 3.5 |
2020-02-25 | CVE-2019-12863 | Solarwinds | Cross-site Scripting vulnerability in Solarwinds products SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen. | 3.5 |
2020-02-27 | CVE-2020-6864 | ZTE | Information Exposure vulnerability in ZTE E8820V3 Firmware 3.1.0.1000.4 ZTE E8820V3 router product is impacted by an information leak vulnerability. | 3.3 |
2020-02-27 | CVE-2020-6863 | ZTE | Incorrect Permission Assignment for Critical Resource vulnerability in ZTE E8820V3 Firmware 3.1.0.1000.4 ZTE E8820V3 router product is impacted by a permission and access control vulnerability. | 3.3 |
2020-02-26 | CVE-2020-3174 | Cisco | Insufficient Verification of Data Authenticity vulnerability in Cisco Nx-Os 8.1(1)/8.4(1)/9.3(1) A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. | 3.3 |
2020-02-24 | CVE-2019-4703 | IBM | Unspecified vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information. | 2.9 |
2020-02-28 | CVE-2020-1875 | Huawei | Access of Uninitialized Pointer vulnerability in Huawei products NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. | 2.1 |
2020-02-28 | CVE-2020-1861 | Huawei | Information Exposure vulnerability in Huawei Cloudengine 12800 Firmware CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some Huawei products. | 2.1 |
2020-02-27 | CVE-2020-3873 | Apple | Incorrect Authorization vulnerability in Apple Ipados and Iphone OS This issue was addressed with improved setting propagation. | 2.1 |
2020-02-27 | CVE-2020-3859 | Apple | Information Exposure vulnerability in Apple Ipados and Iphone OS An inconsistent user interface issue was addressed with improved state management. | 2.1 |
2020-02-27 | CVE-2020-3844 | Apple | Incorrect Authorization vulnerability in Apple Ipados and Iphone OS This issue was addressed with improved checks. | 2.1 |
2020-02-27 | CVE-2020-3839 | Apple | Improper Input Validation vulnerability in Apple mac OS X A validation issue was addressed with improved input sanitization. | 2.1 |
2020-02-27 | CVE-2020-3836 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An access issue was addressed with improved memory management. | 2.1 |
2020-02-27 | CVE-2020-3828 | Apple | Information Exposure vulnerability in Apple Ipados and Iphone OS A lock screen issue allowed access to contacts on a locked device. | 2.1 |