Weekly Vulnerabilities Reports > March 30 to April 5, 2020
Overview
260 new vulnerabilities reported during this period, including 54 critical vulnerabilities and 102 high severity vulnerabilities. This weekly summary report vulnerabilities in 303 products from 115 vendors including Apple, Debian, IBM, Hitachienergy, and Opensuse. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "OS Command Injection", "SQL Injection", and "Path Traversal".
- 208 reported vulnerabilities are remotely exploitables.
- 10 reported vulnerabilities have public exploit available.
- 86 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 171 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 50 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 8 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
54 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-04-05 | CVE-2020-11558 | Gpac | Use After Free vulnerability in Gpac 0.8.0 An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. | 9.8 |
2020-04-05 | CVE-2020-11548 | Search Meter Project | Improper Neutralization of Formula Elements in a CSV File vulnerability in Search Meter Project Search Meter The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. | 9.8 |
2020-04-04 | CVE-2020-11542 | 3Xlogic | Cleartext Transmission of Sensitive Information vulnerability in 3Xlogic Infinias Eidc32 Firmware and Infinias Eidc32 web 3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring. | 9.8 |
2020-04-04 | CVE-2020-11518 | Zohocorp | Unspecified vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution. | 9.8 |
2020-04-03 | CVE-2020-8147 | Utils Extend Project | Improper Input Validation vulnerability in Utils-Extend Project Utils-Extend Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend. | 9.8 |
2020-04-03 | CVE-2020-8638 | Testlink | SQL Injection vulnerability in Testlink 1.9.20 A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in planUrgency.php via the urgency parameter. | 9.8 |
2020-04-03 | CVE-2020-8637 | Testlink | SQL Injection vulnerability in Testlink 1.9.20 A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in dragdroptreenodes.php via the node_id parameter. | 9.8 |
2020-04-03 | CVE-2020-6994 | Belden | Classic Buffer Overflow vulnerability in Belden Hirschmann Hios and Hirschmann Hisecos A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. | 9.8 |
2020-04-03 | CVE-2020-10599 | Visam | Classic Buffer Overflow vulnerability in Visam Vbase Editor and Vbase Web-Remote VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service condition and execution of arbitrary code. | 9.8 |
2020-04-02 | CVE-2020-7630 | GIT ADD Remote Project | OS Command Injection vulnerability in Git-Add-Remote Project Git-Add-Remote 1.0.0 git-add-remote through 1.0.0 is vulnerable to Command Injection. | 9.8 |
2020-04-02 | CVE-2020-7629 | Install Package Project | OS Command Injection vulnerability in Install-Package Project Install-Package install-package through 0.4.0 is vulnerable to Command Injection. | 9.8 |
2020-04-02 | CVE-2020-7628 | Install Package Project Umount Project | OS Command Injection vulnerability in multiple products umount through 1.1.6 is vulnerable to Command Injection. | 9.8 |
2020-04-02 | CVE-2020-7627 | Node KEY Sender Project | OS Command Injection vulnerability in Node-Key-Sender Project Node-Key-Sender node-key-sender through 1.0.11 is vulnerable to Command Injection. | 9.8 |
2020-04-02 | CVE-2020-7626 | Karma Mojo Project | OS Command Injection vulnerability in Karma-Mojo Project Karma-Mojo 1.0.0/1.0.1 karma-mojo through 1.0.1 is vulnerable to Command Injection. | 9.8 |
2020-04-02 | CVE-2020-7625 | OP Browser Project | OS Command Injection vulnerability in Op-Browser Project Op-Browser op-browser through 1.0.6 is vulnerable to Command Injection. | 9.8 |
2020-04-02 | CVE-2020-7624 | Effect Project | OS Command Injection vulnerability in Effect Project Effect effect through 1.0.4 is vulnerable to Command Injection. | 9.8 |
2020-04-02 | CVE-2020-10515 | Starface | Uncontrolled Search Path Element vulnerability in Starface Unified Communication & Collaboration Client STARFACE UCC Client before 6.7.1.204 on WIndows allows binary planting to execute code with System rights, aka usd-2020-0006. | 9.8 |
2020-04-02 | CVE-2020-7623 | Jscover Project | OS Command Injection vulnerability in Jscover Project Jscover jscover through 1.0.0 is vulnerable to Command Injection. | 9.8 |
2020-04-02 | CVE-2020-7621 | IBM | OS Command Injection vulnerability in IBM Strongloop Nginx Controller 1.0.0/1.0.1/1.0.2 strong-nginx-controller through 1.0.2 is vulnerable to Command Injection. | 9.8 |
2020-04-02 | CVE-2020-7620 | Netease | OS Command Injection vulnerability in Netease Pomelo-Monitor 0.3.5/0.3.6/0.3.7 pomelo-monitor through 0.3.7 is vulnerable to Command Injection.It allows injection of arbitrary commands as part of 'pomelo-monitor' params. | 9.8 |
2020-04-02 | CVE-2020-7619 | GET GIT Data Project | OS Command Injection vulnerability in Get-Git-Data Project Get-Git-Data get-git-data through 1.3.1 is vulnerable to Command Injection. | 9.8 |
2020-04-02 | CVE-2020-7617 | INI Parser Project | Unspecified vulnerability in Ini-Parser Project Ini-Parser 0.0.1/0.0.2 ini-parser through 0.0.2 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of Object.prototype using a '__proto__' payload. | 9.8 |
2020-04-02 | CVE-2020-6852 | Cacagoo | Improper Restriction of Excessive Authentication Attempts vulnerability in Cacagoo Tv-288Zd-2Mp Firmware 3.4.2.0919 CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 has weak authentication of TELNET access, leading to root privileges without any password required. | 9.8 |
2020-04-01 | CVE-2020-6009 | Learndash | SQL Injection vulnerability in Learndash LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauthenticated SQL Injection. | 9.8 |
2020-04-01 | CVE-2019-17564 | Apache | Deserialization of Untrusted Data vulnerability in Apache Dubbo Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. | 9.8 |
2020-04-01 | CVE-2020-10948 | Alienform2 Project | Code Injection vulnerability in Alienform2 Project Alienform2 2.0.2 Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) 2.0.2 is vulnerable to Remote Command Execution via eval injection, a different issue than CVE-2002-0934. | 9.8 |
2020-04-01 | CVE-2019-9163 | Marchnetworks | Code Injection vulnerability in Marchnetworks Command Client 2.6.4/2.6.4.1 The connection initiation process in March Networks Command Client before 2.7.2 allows remote attackers to execute arbitrary code via crafted XAML objects. | 9.8 |
2020-04-01 | CVE-2020-3850 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. | 9.8 |
2020-04-01 | CVE-2020-3849 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. | 9.8 |
2020-04-01 | CVE-2020-3848 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. | 9.8 |
2020-04-01 | CVE-2020-3847 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X An out-of-bounds read was addressed with improved input validation. | 9.8 |
2020-04-01 | CVE-2020-9769 | Apple | Unspecified vulnerability in Apple mac OS X Multiple issues were addressed by updating to version 8.1.1850. | 9.8 |
2020-04-01 | CVE-2020-3911 | Apple | Classic Buffer Overflow vulnerability in Apple products A buffer overflow was addressed with improved bounds checking. | 9.8 |
2020-04-01 | CVE-2020-3910 | Apple | Classic Buffer Overflow vulnerability in Apple products A buffer overflow was addressed with improved size validation. | 9.8 |
2020-04-01 | CVE-2020-3909 | Apple Oracle | Classic Buffer Overflow vulnerability in multiple products A buffer overflow was addressed with improved bounds checking. | 9.8 |
2020-04-01 | CVE-2020-10867 | Avast | Exposure of Resource to Wrong Sphere vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 9.8 |
2020-04-01 | CVE-2018-11106 | Netgear | Command Injection vulnerability in Netgear products NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5. | 9.8 |
2020-04-01 | CVE-2020-11455 | Limesurvey | Path Traversal vulnerability in Limesurvey LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php. | 9.8 |
2020-04-01 | CVE-2020-7947 | Auth0 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Auth0 Login BY Auth0 An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. | 9.8 |
2020-03-31 | CVE-2020-5344 | Dell | Out-of-bounds Write vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. | 9.8 |
2020-03-31 | CVE-2020-6008 | Lifterlms | Unrestricted Upload of File with Dangerous Type vulnerability in Lifterlms LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution | 9.8 |
2020-03-31 | CVE-2020-4208 | IBM | Use of Hard-coded Credentials vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
2020-03-31 | CVE-2020-10595 | PAM Krb5 Project Debian | Classic Buffer Overflow vulnerability in multiple products pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. | 9.8 |
2020-03-30 | CVE-2020-7611 | Objectcomputing | HTTP Request Smuggling vulnerability in Objectcomputing Micronaut All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating request headers passed to the client. | 9.8 |
2020-03-30 | CVE-2020-11105 | USC | Release of Invalid Pointer or Reference vulnerability in USC Cereal An issue was discovered in USC iLab cereal through 1.3.0. | 9.8 |
2020-03-30 | CVE-2020-10374 | Paessler | Improper Input Validation vulnerability in Paessler Prtg Network Monitor A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form. | 9.8 |
2020-03-30 | CVE-2019-19606 | X Plane | OS Command Injection vulnerability in X-Plane X-Plane before 11.41 has multiple improper path validations that could allow reading and writing files from/to arbitrary paths (or a leak of OS credentials to a remote system) via crafted network packets. | 9.8 |
2020-03-30 | CVE-2019-19605 | X Plane | Out-of-bounds Write vulnerability in X-Plane X-Plane before 11.41 allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution. | 9.8 |
2020-03-30 | CVE-2020-5723 | Grandstream | Cleartext Storage of Sensitive Information vulnerability in Grandstream products The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. | 9.8 |
2020-03-30 | CVE-2016-11024 | Odata4J Project | SQL Injection vulnerability in Odata4J Project Odata4J 0.7 odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. | 9.8 |
2020-03-30 | CVE-2016-11023 | Odata4J Project | SQL Injection vulnerability in Odata4J Project Odata4J 0.7 odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. | 9.8 |
2020-03-30 | CVE-2020-7610 | Mongodb | Deserialization of Untrusted Data vulnerability in Mongodb Bson All versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. | 9.8 |
2020-03-31 | CVE-2019-14880 | Moodle | Unspecified vulnerability in Moodle A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. | 9.1 |
2020-03-30 | CVE-2019-17560 | Apache Oracle | Improper Certificate Validation vulnerability in multiple products The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. | 9.1 |
102 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-04-03 | CVE-2020-8639 | Testlink | Unrestricted Upload of File with Dangerous Type vulnerability in Testlink 1.9.20 An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. | 8.8 |
2020-04-03 | CVE-2020-7004 | Visam | Incorrect Default Permissions vulnerability in Visam Vbase Editor and Vbase Web-Remote VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow weak or insecure permissions on the VBASE directory resulting in elevation of privileges or malicious effects on the system the next time a privileged user runs the application. | 8.8 |
2020-04-02 | CVE-2020-11498 | Slack | Path Traversal vulnerability in Slack Nebula 1.0.0/1.1.0 Slack Nebula through 1.1.0 contains a relative path vulnerability that allows a low-privileged attacker to execute code in the context of the root user via tun_darwin.go or tun_windows.go. | 8.8 |
2020-04-02 | CVE-2020-11444 | Sonatype | Incorrect Default Permissions vulnerability in Sonatype Nexus Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has Incorrect Access Control. | 8.8 |
2020-04-02 | CVE-2020-11107 | Apachefriends | Incorrect Permission Assignment for Critical Resource vulnerability in Apachefriends Xampp An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. | 8.8 |
2020-04-02 | CVE-2020-11100 | Haproxy Debian Redhat Fedoraproject Canonical Opensuse | Out-of-bounds Write vulnerability in multiple products In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution. | 8.8 |
2020-04-02 | CVE-2018-13371 | Fortinet | Improper Input Validation vulnerability in Fortinet Fortios An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component. | 8.8 |
2020-04-01 | CVE-2020-11465 | Deskpro | Missing Authorization vulnerability in Deskpro An issue was discovered in Deskpro before 2019.8.0. | 8.8 |
2020-04-01 | CVE-2020-10199 | Sonatype | Expression Language Injection vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). | 8.8 |
2020-04-01 | CVE-2020-9783 | Apple | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 8.8 |
2020-04-01 | CVE-2020-3901 | Apple | Type Confusion vulnerability in Apple products A type confusion issue was addressed with improved memory handling. | 8.8 |
2020-04-01 | CVE-2020-3900 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved memory handling. | 8.8 |
2020-04-01 | CVE-2020-3899 | Apple | Unspecified vulnerability in Apple products A memory consumption issue was addressed with improved memory handling. | 8.8 |
2020-04-01 | CVE-2020-3897 | Apple | Type Confusion vulnerability in Apple products A type confusion issue was addressed with improved memory handling. | 8.8 |
2020-04-01 | CVE-2020-3895 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved memory handling. | 8.8 |
2020-04-01 | CVE-2020-3883 | Apple | Unspecified vulnerability in Apple products This issue was addressed with improved checks. | 8.8 |
2020-04-01 | CVE-2020-7948 | Auth0 | Unspecified vulnerability in Auth0 Login BY Auth0 An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. | 8.8 |
2020-04-01 | CVE-2020-5391 | Auth0 | Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Wp-Auth0 Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPress via the domain field. | 8.8 |
2020-04-01 | CVE-2020-7065 | PHP Debian Canonical Tenable | Out-of-bounds Write vulnerability in multiple products In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. | 8.8 |
2020-03-31 | CVE-2020-10696 | Buildah Project Redhat | Path Traversal vulnerability in multiple products A path traversal flaw was found in Buildah in versions before 1.14.5. | 8.8 |
2020-03-31 | CVE-2020-7009 | Elastic | Improper Privilege Management vulnerability in Elastic Elasticsearch Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. | 8.8 |
2020-03-31 | CVE-2020-5292 | Leantime | SQL Injection vulnerability in Leantime Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vulnerability. | 8.8 |
2020-03-31 | CVE-2020-4242 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect Plus and Spectrum Scale IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
2020-03-31 | CVE-2020-4241 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect Plus and Spectrum Scale IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
2020-03-31 | CVE-2020-4238 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
2020-03-31 | CVE-2020-4237 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
2020-03-31 | CVE-2020-4206 | IBM | OS Command Injection vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary commands on the system in the context of root user, caused by improper validation of user-supplied input. | 8.8 |
2020-03-31 | CVE-2020-11113 | Fasterxml Debian Netapp Oracle | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). | 8.8 |
2020-03-31 | CVE-2020-11112 | Fasterxml Debian Netapp Oracle | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). | 8.8 |
2020-03-31 | CVE-2020-11111 | Fasterxml Debian Netapp Oracle | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). | 8.8 |
2020-03-30 | CVE-2019-7755 | Weberp | SQL Injection vulnerability in Weberp 4.15 In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection. | 8.8 |
2020-03-30 | CVE-2020-5551 | Toyota | Incorrect Default Permissions vulnerability in Toyota Display Control Unit Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command. | 8.8 |
2020-04-01 | CVE-2020-8144 | UI | Path Traversal vulnerability in UI Unifi Video The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. | 8.4 |
2020-04-01 | CVE-2020-6096 | GNU Fedoraproject Debian | An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. | 8.1 |
2020-03-30 | CVE-2020-5275 | Sensiolabs | Incorrect Authorization vulnerability in Sensiolabs Symfony In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule's attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. | 8.1 |
2020-04-02 | CVE-2020-9067 | Huawei | Classic Buffer Overflow vulnerability in Huawei products There is a buffer overflow vulnerability in some Huawei products. | 8.0 |
2020-04-04 | CVE-2020-5348 | Dell | Use After Free vulnerability in Dell Latitude 7202 Firmware Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_SERVICES in system management mode. | 7.8 |
2020-04-03 | CVE-2020-10601 | Visam | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Visam Vbase Editor and Vbase Web-Remote VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and insecure permissions which may allow a local attacker to bypass the password-protected mechanism through brute-force attacks, cracking techniques, or overwriting the password hash. | 7.8 |
2020-04-03 | CVE-2020-4273 | IBM | Unspecified vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input. | 7.8 |
2020-04-03 | CVE-2018-17954 | Suse | Improper Privilege Management vulnerability in Suse Openstack Cloud and Openstack Cloud Crowbar An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. | 7.8 |
2020-04-02 | CVE-2020-8835 | Linux Fedoraproject Canonical Netapp | Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. | 7.8 |
2020-04-02 | CVE-2019-14868 | KSH Project Debian Apple | In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. | 7.8 |
2020-04-02 | CVE-2020-8015 | Exim | Unspecified vulnerability in Exim A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. | 7.8 |
2020-04-01 | CVE-2020-8146 | UI | Uncontrolled Search Path Element vulnerability in UI Unifi Video In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. | 7.8 |
2020-04-01 | CVE-2020-11469 | Zoom | Files or Directories Accessible to External Parties vulnerability in Zoom Meetings 4.6.8 Zoom Client for Meetings through 4.6.8 on macOS copies runwithroot to a user-writable temporary directory during installation, which allows a local process (with the user's privileges) to obtain root access by replacing runwithroot. | 7.8 |
2020-04-01 | CVE-2020-9785 | Apple | Out-of-bounds Write vulnerability in Apple products Multiple memory corruption issues were addressed with improved state management. | 7.8 |
2020-04-01 | CVE-2020-9768 | Apple | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 7.8 |
2020-04-01 | CVE-2020-3919 | Apple | Improper Initialization vulnerability in Apple products A memory initialization issue was addressed with improved memory handling. | 7.8 |
2020-04-01 | CVE-2020-3913 | Apple | Unspecified vulnerability in Apple products A permissions issue existed. | 7.8 |
2020-04-01 | CVE-2020-3906 | Apple | Unspecified vulnerability in Apple mac OS X A logic issue was addressed with improved restrictions. | 7.8 |
2020-04-01 | CVE-2020-3905 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. | 7.8 |
2020-04-01 | CVE-2020-3904 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X Multiple memory corruption issues were addressed with improved state management. | 7.8 |
2020-04-01 | CVE-2020-3903 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved memory handling. | 7.8 |
2020-04-01 | CVE-2020-3893 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. | 7.8 |
2020-04-01 | CVE-2020-3892 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. | 7.8 |
2020-04-01 | CVE-2020-10862 | Avast | Unspecified vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 7.8 |
2020-03-31 | CVE-2020-5291 | Projectatomic Debian Archlinux Centos | Improper Privilege Management vulnerability in multiple products Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the `bwrap --userns2` option can be used to make the setuid process keep running as root while being traceable. | 7.8 |
2020-03-31 | CVE-2020-1712 | Systemd Project Redhat Debian | Use After Free vulnerability in multiple products A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. | 7.8 |
2020-04-02 | CVE-2019-19094 | Hitachienergy | SQL Injection vulnerability in Hitachienergy Esoms Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database. | 7.6 |
2020-04-04 | CVE-2020-11528 | Bit2Spr Project | Out-of-bounds Write vulnerability in Bit2Spr Project Bit2Spr 19920607 bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write) in conv_bitmap in bit2spr.c via a long line in a bitmap file. | 7.5 |
2020-04-04 | CVE-2020-11527 | Zohocorp | Unspecified vulnerability in Zohocorp Manageengine Opmanager In Zoho ManageEngine OpManager before 12.4.181, an unauthenticated remote attacker can send a specially crafted URI to read arbitrary files. | 7.5 |
2020-04-04 | CVE-2020-5347 | Dell | Resource Exhaustion vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. | 7.5 |
2020-04-03 | CVE-2020-7008 | Visam | Path Traversal vulnerability in Visam Vbase Editor and Vbase Web-Remote VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an attacker to read arbitrary files from local resources. | 7.5 |
2020-04-03 | CVE-2020-7000 | Visam | Insecure Storage of Sensitive Information vulnerability in Visam Vbase Editor and Vbase Web-Remote VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authentication of the HTML5 HMI web interface. | 7.5 |
2020-04-03 | CVE-2020-11500 | Zoom | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Zoom Meetings 4.6.8/4.6.9 Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. | 7.5 |
2020-04-03 | CVE-2019-18904 | Opensuse | Resource Exhaustion vulnerability in Opensuse Rmt-Server 2.5.23.26.1/2.5.23.9.1/2.5.2Lp151.2.9.1 A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. | 7.5 |
2020-04-02 | CVE-2019-19097 | Hitachienergy | Inadequate Encryption Strength vulnerability in Hitachienergy Esoms ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. | 7.5 |
2020-04-02 | CVE-2020-9349 | Cacagoo | Missing Authentication for Critical Function vulnerability in Cacagoo Tv-288Zd-2Mp Firmware 3.4.2.0919 The CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 allows access to the RTSP service without a password. | 7.5 |
2020-04-02 | CVE-2020-11450 | Microstrategy | Unspecified vulnerability in Microstrategy web Microstrategy Web 10.4 exposes the JVM configuration, CPU architecture, installation folder, and other information through the URL /MicroStrategyWS/happyaxis.jsp. | 7.5 |
2020-04-01 | CVE-2020-11463 | Deskpro | Missing Authorization vulnerability in Deskpro An issue was discovered in Deskpro before 2019.8.0. | 7.5 |
2020-04-01 | CVE-2020-10868 | Avast | Unspecified vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 7.5 |
2020-04-01 | CVE-2020-10866 | Avast | Inadequate Encryption Strength vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 7.5 |
2020-04-01 | CVE-2020-10865 | Avast | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 7.5 |
2020-04-01 | CVE-2020-10863 | Avast | Unspecified vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 7.5 |
2020-04-01 | CVE-2020-10861 | Avast | Unspecified vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 7.5 |
2020-04-01 | CVE-2020-10860 | Avast | Out-of-bounds Write vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 7.5 |
2020-04-01 | CVE-2019-3945 | Parrot | Unspecified vulnerability in Parrot Anafi Firmware Web server running on Parrot ANAFI can be crashed due to the SDK command "Common_CurrentDateTime" being sent to control service with larger than expected date length. | 7.5 |
2020-04-01 | CVE-2019-3944 | Parrot | Incorrect Default Permissions vulnerability in Parrot Anafi Firmware Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack, allowing remote and unauthenticated attackers to disconnect drone from controller during mid-flight. | 7.5 |
2020-04-01 | CVE-2019-3942 | Advantech | Insufficiently Protected Credentials vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. | 7.5 |
2020-04-01 | CVE-2020-11449 | Technicolor | Insufficiently Protected Credentials vulnerability in Technicolor Tc7337 Firmware 8.89.17 An issue was discovered on Technicolor TC7337 8.89.17 devices. | 7.5 |
2020-04-01 | CVE-2020-10231 | TP Link | NULL Pointer Dereference vulnerability in Tp-Link products TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference. | 7.5 |
2020-04-01 | CVE-2020-5548 | Yamaha | Unspecified vulnerability in Yamaha products Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yamaha Gigabit VoIP Router(NVR510 firmware Rev.15.01.14 and earlier), Yamaha Gigabit VPN Router(RTX810 firmware Rev.11.01.33 and earlier, RTX830 firmware Rev.15.02.09 and earlier, RTX1200 firmware Rev.10.01.76 and earlier, RTX1210 firmware Rev.14.01.33 and earlier, RTX3500 firmware Rev.14.00.26 and earlier, and RTX5000 firmware Rev.14.00.26 and earlier), Yamaha Broadband VoIP Router(NVR500 firmware Rev.11.00.38 and earlier), and Yamaha Firewall(FWX120 firmware Rev.11.03.27 and earlier) allow remote attackers to cause a denial of service via unspecified vectors. | 7.5 |
2020-03-31 | CVE-2020-4214 | IBM | Improper Input Validation vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to arbitrary delete a directory caused by improper validation of user-supplied input. | 7.5 |
2020-03-31 | CVE-2020-11414 | Telerik | Path Traversal vulnerability in Telerik UI for Silverlight An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. | 7.5 |
2020-03-30 | CVE-2020-5726 | Grandstream | SQL Injection vulnerability in Grandstream products The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. | 7.5 |
2020-03-30 | CVE-2020-5724 | Grandstream | SQL Injection vulnerability in Grandstream products The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. | 7.5 |
2020-03-30 | CVE-2019-17561 | Apache Oracle | Improper Verification of Cryptographic Signature vulnerability in multiple products The "Apache NetBeans" autoupdate system does not fully validate code signatures. | 7.5 |
2020-03-30 | CVE-2020-8509 | Zohocorp | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Desktop Central Zoho ManageEngine Desktop Central before 10.0.483 allows unauthenticated users to access PDFGenerationServlet, leading to sensitive information disclosure. | 7.5 |
2020-03-30 | CVE-2020-5527 | Mitsubishielectric | Resource Exhaustion vulnerability in Mitsubishielectric products When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. | 7.5 |
2020-04-03 | CVE-2020-11501 | GNU Debian Opensuse Canonical Fedoraproject | Use of Insufficiently Random Values vulnerability in multiple products GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. | 7.4 |
2020-04-02 | CVE-2020-8423 | TP Link | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr841N Firmware 3.16.9 A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network. | 7.2 |
2020-04-02 | CVE-2020-11451 | Microstrategy | Unrestricted Upload of File with Dangerous Type vulnerability in Microstrategy web 10.1/10.4/7 The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive containing files with arbitrary extensions and data. | 7.2 |
2020-04-02 | CVE-2020-11490 | Zevenet | OS Command Injection vulnerability in Zevenet ZEN Load Balancer 3.10.1 Manage::Certificates in Zen Load Balancer 3.10.1 allows remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the index.cgi cert_issuer, cert_division, cert_organization, cert_locality, cert_state, cert_country, or cert_email parameter. | 7.2 |
2020-04-01 | CVE-2020-11467 | Deskpro | Deserialization of Untrusted Data vulnerability in Deskpro An issue was discovered in Deskpro before 2019.8.0. | 7.2 |
2020-04-01 | CVE-2020-10204 | Sonatype | Improper Input Validation vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. | 7.2 |
2020-03-30 | CVE-2019-9507 | Vertiv | Command Injection vulnerability in Vertiv Avocent Umg-4000 Firmware 4.2.1.19 The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. | 7.2 |
2020-04-01 | CVE-2020-3912 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X An out-of-bounds read was addressed with improved input validation. | 7.1 |
2020-04-01 | CVE-2020-3908 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X An out-of-bounds read was addressed with improved input validation. | 7.1 |
2020-04-01 | CVE-2020-3907 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X An out-of-bounds read was addressed with improved input validation. | 7.1 |
2020-04-02 | CVE-2019-19348 | Redhat | Improper Privilege Management vulnerability in Redhat Openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. | 7.0 |
2020-04-02 | CVE-2019-19346 | Redhat | Improper Privilege Management vulnerability in Redhat Openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . | 7.0 |
2020-04-02 | CVE-2020-8016 | Opensuse | Unspecified vulnerability in Opensuse Texlive-Filesystem 2013.7416.5.1/2017.1359.5.1 A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users to corrupt files or potentially escalate privileges. | 7.0 |
93 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-04-03 | CVE-2020-8142 | Revive Adserver | Incorrect Authorization vulnerability in Revive-Adserver Revive Adserver A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144. | 6.8 |
2020-04-03 | CVE-2020-10689 | Eclipse | Unspecified vulnerability in Eclipse CHE A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. | 6.8 |
2020-04-01 | CVE-2020-7263 | Mcafee | Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee Endpoint Security Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of configuration for export and import. | 6.7 |
2020-04-02 | CVE-2019-19093 | Hitachienergy | Weak Password Requirements vulnerability in Hitachienergy Esoms eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in lower access security due to insecure user passwords. | 6.5 |
2020-04-02 | CVE-2019-19001 | Hitachienergy | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hitachienergy Esoms 4.0/6.0/6.0.2 For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. | 6.5 |
2020-04-02 | CVE-2019-19000 | Hitachienergy | Information Exposure vulnerability in Hitachienergy Esoms For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. | 6.5 |
2020-04-02 | CVE-2020-4325 | IBM | Improper Resource Shutdown or Release vulnerability in IBM products The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. | 6.5 |
2020-04-01 | CVE-2020-8145 | UI | Unspecified vulnerability in UI Unifi Video The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. | 6.5 |
2020-04-01 | CVE-2020-1958 | Apache | Injection vulnerability in Apache Druid 0.17.0 When LDAP authentication is enabled in Apache Druid 0.17.0, callers of Druid APIs with a valid set of LDAP credentials can bypass the credentialsValidator.userSearch filter barrier that determines if a valid LDAP user is allowed to authenticate with Druid. | 6.5 |
2020-04-01 | CVE-2019-11254 | Kubernetes | Unspecified vulnerability in Kubernetes The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML. | 6.5 |
2020-04-01 | CVE-2020-5290 | Ctfd | Session Fixation vulnerability in Ctfd Rctf In RedpwnCTF before version 2.3, there is a session fixation vulnerability in exploitable through the `#token=$ssid` hash when making a request to the `/verify` endpoint. | 6.5 |
2020-04-01 | CVE-2020-9770 | Apple | Unspecified vulnerability in Apple Ipados and Iphone OS A logic issue was addressed with improved state management. | 6.5 |
2020-04-01 | CVE-2020-10864 | Avast | Unspecified vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 6.5 |
2020-03-31 | CVE-2020-4240 | IBM | Path Traversal vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system. | 6.5 |
2020-03-31 | CVE-2020-4236 | IBM | Unspecified vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module. | 6.5 |
2020-03-30 | CVE-2020-5289 | Elide | Files or Directories Accessible to External Parties vulnerability in Elide In Elide before 4.5.14, it is possible for an adversary to "guess and check" the value of a model field they do not have access to assuming they can read at least one other field in the model. | 6.5 |
2020-03-30 | CVE-2020-7599 | Gradle | Information Exposure Through Log Files vulnerability in Gradle Plugin Publishing All versions of com.gradle.plugin-publish before 0.11.0 are vulnerable to Insertion of Sensitive Information into Log File. | 6.5 |
2020-04-02 | CVE-2020-8017 | Opensuse | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Opensuse Leap and Texlive-Filesystem A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users in group mktex to delete arbitrary files on the system This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. | 6.3 |
2020-04-04 | CVE-2020-11529 | Getgrav | Open Redirect vulnerability in Getgrav Grav Common/Grav.php in Grav before 1.7 has an Open Redirect. | 6.1 |
2020-04-03 | CVE-2020-8143 | Revive Adserver | Open Redirect vulnerability in Revive-Adserver Revive Adserver An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. | 6.1 |
2020-04-03 | CVE-2019-17231 | Mageewp | Cross-site Scripting vulnerability in Mageewp Onetone 3.0.6 includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress has multiple stored XSS issues. | 6.1 |
2020-04-02 | CVE-2020-11499 | Firmware Analysis AND Comparison Tool Project | Cross-site Scripting vulnerability in Firmware Analysis and Comparison Tool Project Firmware Analysis and Comparison Tool 3.0 Firmware Analysis and Comparison Tool (FACT) 3 has Stored XSS when updating analysis details via a localhost web request, as demonstrated by mishandling of the tags and version fields in helperFunctions/mongo_task_conversion.py. | 6.1 |
2020-04-02 | CVE-2019-19096 | Hitachienergy | Insufficiently Protected Credentials vulnerability in Hitachienergy Esoms 6.0/6.0.2 The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. | 6.1 |
2020-04-02 | CVE-2019-19089 | Hitachienergy | Interpretation Conflict vulnerability in Hitachienergy Esoms For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. | 6.1 |
2020-04-02 | CVE-2019-19003 | Hitachienergy | Cross-site Scripting vulnerability in Hitachienergy Esoms 4.0/6.0/6.0.2 For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. | 6.1 |
2020-04-02 | CVE-2019-20635 | Intland | Unsafe Reflection vulnerability in Intland Codebeamer codeBeamer before 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via computed fields. | 6.1 |
2020-04-02 | CVE-2020-4304 | IBM | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. | 6.1 |
2020-04-02 | CVE-2020-4303 | IBM | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. | 6.1 |
2020-04-02 | CVE-2020-1927 | Apache Fedoraproject Debian Canonical Opensuse Netapp Broadcom Oracle | Open Redirect vulnerability in multiple products In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. | 6.1 |
2020-04-01 | CVE-2020-8966 | Tiki | Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware There is an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in php webpages of Tiki-Wiki Groupware. | 6.1 |
2020-04-01 | CVE-2020-10598 | BD | Unspecified vulnerability in BD products In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. | 6.1 |
2020-04-01 | CVE-2020-1949 | Apache | Cross-site Scripting vulnerability in Apache Sling CMS Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks. | 6.1 |
2020-04-01 | CVE-2020-1943 | Apache | Cross-site Scripting vulnerability in Apache Ofbiz Data sent with contentId to /control/stream is not sanitized, allowing XSS attacks in Apache OFBiz 16.11.01 to 16.11.07. | 6.1 |
2020-04-01 | CVE-2020-3902 | Apple | Cross-site Scripting vulnerability in Apple products An input validation issue was addressed with improved input validation. | 6.1 |
2020-04-01 | CVE-2020-3884 | Apple | Injection vulnerability in Apple mac OS X An injection issue was addressed with improved validation. | 6.1 |
2020-04-01 | CVE-2020-6753 | Auth0 | Cross-site Scripting vulnerability in Auth0 Login BY Auth0 The Login by Auth0 plugin before 4.0.0 for WordPress allows stored XSS on multiple pages, a different issue than CVE-2020-5392. | 6.1 |
2020-04-01 | CVE-2020-5392 | Auth0 | Cross-site Scripting vulnerability in Auth0 Wp-Auth0 A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page. | 6.1 |
2020-03-31 | CVE-2020-11441 | Phpmyadmin | Injection vulnerability in PHPmyadmin 5.0.2 phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page. | 6.1 |
2020-03-30 | CVE-2020-11106 | Tecrail | Cross-site Scripting vulnerability in Tecrail Responsive Filemanager An issue was discovered in Responsive Filemanager through 9.14.0. | 6.1 |
2020-04-03 | CVE-2019-18905 | Opensuse | Insufficient Verification of Data Authenticity vulnerability in Opensuse Autoyast2 4.0.703.20.1/4.1.93.9.1 A Insufficient Verification of Data Authenticity vulnerability in autoyast2 of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows remote attackers to MITM connections when deprecated and unused functionality of autoyast is used to create images. | 5.9 |
2020-03-30 | CVE-2020-5725 | Grandstream | SQL Injection vulnerability in Grandstream products The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. | 5.9 |
2020-03-30 | CVE-2020-10560 | Opensource Socialnetwork | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Opensource-Socialnetwork Open Source Social Network An issue was discovered in Open Source Social Network (OSSN) through 5.3. | 5.9 |
2020-03-31 | CVE-2019-14905 | Redhat Fedoraproject Opensuse | Exposure of Resource to Wrong Sphere vulnerability in multiple products A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. | 5.6 |
2020-04-04 | CVE-2020-11533 | Ivanti | Unspecified vulnerability in Ivanti Workspace Control Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material). | 5.5 |
2020-04-01 | CVE-2020-3917 | Apple | Unspecified vulnerability in Apple products This issue was addressed with a new entitlement. | 5.5 |
2020-04-01 | CVE-2020-3914 | Apple | Memory Leak vulnerability in Apple products A memory initialization issue was addressed with improved memory handling. | 5.5 |
2020-04-01 | CVE-2020-3889 | Apple | Unspecified vulnerability in Apple mac OS X A logic issue was addressed with improved state management. | 5.5 |
2020-04-01 | CVE-2020-3881 | Apple | Unspecified vulnerability in Apple mac OS X A logic issue was addressed with improved state management. | 5.5 |
2020-04-02 | CVE-2019-19095 | Hitachienergy | Cross-site Scripting vulnerability in Hitachienergy Esoms 4.0/6.0/6.0.2 Lack of adequate input/output validation for ABB eSOMS versions 4.0 to 6.0.2 might allow an attacker to attack such as stored cross-site scripting by storing malicious content in the database. | 5.4 |
2020-04-02 | CVE-2019-19002 | Hitachienergy | Cross-site Scripting vulnerability in Hitachienergy Esoms 4.0/6.0/6.0.2 For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. | 5.4 |
2020-04-02 | CVE-2020-11454 | Microstrategy | Cross-site Scripting vulnerability in Microstrategy web 10.4 Microstrategy Web 10.4 is vulnerable to Stored XSS in the HTML Container and Insert Text features in the window, allowing for the creation of a new dashboard. | 5.4 |
2020-04-01 | CVE-2020-11457 | Netgate | Cross-site Scripting vulnerability in Netgate Pfsense pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user. | 5.4 |
2020-04-01 | CVE-2020-11456 | Limesurvey | Cross-site Scripting vulnerability in Limesurvey LimeSurvey before 4.1.12+200324 has stored XSS in application/views/admin/surveysgroups/surveySettings.php and application/models/SurveysGroups.php (aka survey groups). | 5.4 |
2020-04-01 | CVE-2020-7064 | PHP Debian Canonical Opensuse Tenable | Out-of-bounds Read vulnerability in multiple products In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. | 5.4 |
2020-03-31 | CVE-2019-13495 | Zyxel | Cross-site Scripting vulnerability in Zyxel Xgs2210-52Hp Firmware 4.50 In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross-site scripting (XSS) issues allows remote authenticated users to inject arbitrary web script via an rpSys.html Name or Location field. | 5.4 |
2020-03-31 | CVE-2020-4235 | IBM | Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. | 5.4 |
2020-03-31 | CVE-2019-2391 | Mongodb | Deserialization of Untrusted Data vulnerability in Mongodb Js-Bson Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. | 5.4 |
2020-03-30 | CVE-2020-9055 | Versiant | Cross-site Scripting vulnerability in Versiant Lynx Customer Service Portal 3.5.2 Versiant LYNX Customer Service Portal (CSP), version 3.5.2, is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to insert malicious JavaScript that is stored and displayed to the end user. | 5.4 |
2020-03-30 | CVE-2019-9509 | Vertiv | Cross-site Scripting vulnerability in Vertiv Avocent Umg-4000 Firmware 4.2.1.19 The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. | 5.4 |
2020-03-30 | CVE-2020-5274 | Sensiolabs | Information Exposure Through an Error Message vulnerability in Sensiolabs Symfony In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. | 5.4 |
2020-04-05 | CVE-2020-11547 | Paessler | Missing Authentication for Critical Function vulnerability in Paessler Prtg Network Monitor PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm. | 5.3 |
2020-04-03 | CVE-2020-10960 | Mediawiki | Injection vulnerability in Mediawiki In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. | 5.3 |
2020-04-03 | CVE-2019-17230 | Mageewp | Unspecified vulnerability in Mageewp Onetone 3.0.6 includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress allows unauthenticated options changes. | 5.3 |
2020-04-02 | CVE-2020-11453 | Microstrategy | Server-Side Request Forgery (SSRF) vulnerability in Microstrategy web 10.4 Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. | 5.3 |
2020-04-01 | CVE-2020-1954 | Apache Oracle Netapp | Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. | 5.3 |
2020-04-01 | CVE-2020-1934 | Apache Fedoraproject Debian Canonical Opensuse Oracle | Use of Uninitialized Resource vulnerability in multiple products In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server. | 5.3 |
2020-04-01 | CVE-2020-9781 | Apple | Improper Preservation of Permissions vulnerability in Apple Ipados and Iphone OS The issue was addressed by clearing website permission prompts after navigation. | 5.3 |
2020-04-01 | CVE-2020-9777 | Apple | Unspecified vulnerability in Apple Ipados and Iphone OS An issue existed in the selection of video file by Mail. | 5.3 |
2020-04-01 | CVE-2020-9775 | Apple | Improper Initialization vulnerability in Apple Ipados and Iphone OS An issue existed in the handling of tabs displaying picture in picture video. | 5.3 |
2020-04-01 | CVE-2020-3916 | Apple | Unspecified vulnerability in Apple Ipados and Iphone OS An access issue was addressed with additional sandbox restrictions. | 5.3 |
2020-04-01 | CVE-2020-3890 | Apple | Unspecified vulnerability in Apple Iphone OS The issue was addressed with improved deletion. | 5.3 |
2020-04-01 | CVE-2020-11445 | TP Link | Unspecified vulnerability in Tp-Link products TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855. | 5.3 |
2020-03-31 | CVE-2020-4239 | IBM | Information Exposure Through an Error Message vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
2020-03-30 | CVE-2020-11104 | USC | Use of Uninitialized Resource vulnerability in USC Cereal An issue was discovered in USC iLab cereal through 1.3.0. | 5.3 |
2020-04-02 | CVE-2020-11491 | Zevenet | Path Traversal vulnerability in Zevenet ZEN Load Balancer 3.10.1 Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi. | 4.9 |
2020-04-02 | CVE-2020-11458 | Misp | Unspecified vulnerability in Misp app/Model/feed.php in MISP before 2.4.124 allows administrators to choose arbitrary files that should be ingested by MISP. | 4.9 |
2020-04-01 | CVE-2020-10203 | Sonatype | Cross-site Scripting vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows XSS. | 4.8 |
2020-03-31 | CVE-2019-10180 | Dogtagpki Redhat | A vulnerability was found in all pki-core 10.x.x version, where the Token Processing Service (TPS) did not properly sanitize several parameters stored for the tokens, possibly resulting in a Stored Cross Site Scripting (XSS) vulnerability. | 4.8 |
2020-03-30 | CVE-2019-19913 | Intland | Cross-site Scripting vulnerability in Intland Codebeamer In Intland codeBeamer ALM 9.5 and earlier, there is stored XSS via the Trackers Title parameter. | 4.8 |
2020-03-30 | CVE-2019-19912 | Intland | Cross-site Scripting vulnerability in Intland Codebeamer In Intland codeBeamer ALM 9.5 and earlier, a cross-site scripting (XSS) vulnerability in the Upload Flash File feature allows authenticated remote attackers to inject arbitrary scripts via an active script embedded in an SWF file. | 4.8 |
2020-04-02 | CVE-2020-11494 | Linux Opensuse Debian Canonical | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. | 4.4 |
2020-04-02 | CVE-2019-19091 | Hitachienergy | Information Exposure vulnerability in Hitachienergy Esoms For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. | 4.3 |
2020-04-02 | CVE-2020-11452 | Microstrategy | Server-Side Request Forgery (SSRF) vulnerability in Microstrategy web 10.1/10.4/7 Microstrategy Web 10.4 includes functionality to allow users to import files or data from external resources such as URLs or databases. | 4.3 |
2020-04-01 | CVE-2018-11802 | Apache | Incorrect Authorization vulnerability in Apache Solr In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. | 4.3 |
2020-04-01 | CVE-2020-11466 | Deskpro | Improper Privilege Management vulnerability in Deskpro An issue was discovered in Deskpro before 2019.8.0. | 4.3 |
2020-04-01 | CVE-2020-11464 | Deskpro | Improper Privilege Management vulnerability in Deskpro An issue was discovered in Deskpro before 2019.8.0. | 4.3 |
2020-04-01 | CVE-2020-9784 | Apple | Unspecified vulnerability in Apple Safari A logic issue was addressed with improved restrictions. | 4.3 |
2020-04-01 | CVE-2020-3888 | Apple | Unspecified vulnerability in Apple Iphone OS A logic issue was addressed with improved restrictions. | 4.3 |
2020-04-01 | CVE-2020-3887 | Apple | Unspecified vulnerability in Apple products A logic issue was addressed with improved restrictions. | 4.3 |
2020-04-01 | CVE-2020-3885 | Apple | Always-Incorrect Control Flow Implementation vulnerability in Apple products A logic issue was addressed with improved restrictions. | 4.3 |
2020-04-01 | CVE-2020-7066 | PHP Tenable Opensuse Debian | In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. | 4.3 |
2020-03-30 | CVE-2020-5284 | Zeit | Path Traversal vulnerability in Zeit Next.Js Next.js versions before 9.3.2 have a directory traversal vulnerability. | 4.3 |
2020-03-30 | CVE-2020-5255 | Sensiolabs | Improper Input Validation vulnerability in Sensiolabs Symfony In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response's content and `Content-Type` header. | 4.3 |
11 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-03-30 | CVE-2019-20634 | Proofpoint | Incorrect Comparison vulnerability in Proofpoint Email Protection 20190908 An issue was discovered in Proofpoint Email Protection through 2019-09-08. | 3.7 |
2020-04-03 | CVE-2020-5283 | Viewvc | Cross-site Scripting vulnerability in Viewvc ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. | 3.5 |
2020-04-02 | CVE-2019-19092 | Hitachienergy | Missing Authentication for Critical Function vulnerability in Hitachienergy Esoms ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). | 3.5 |
2020-04-02 | CVE-2019-19090 | Hitachienergy | Missing Encryption of Sensitive Data vulnerability in Hitachienergy Esoms 4.0/6.0/6.0.2 For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. | 3.5 |
2020-03-30 | CVE-2019-9508 | Vertiv | Cross-site Scripting vulnerability in Vertiv Avocent Umg-4000 Firmware 4.2.1.19 The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to stored XSS. | 3.5 |
2020-04-01 | CVE-2020-11470 | Zoom | Insufficient Verification of Data Authenticity vulnerability in Zoom Meetings 4.6.8 Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Zoom Client's microphone and camera access. | 3.3 |
2020-04-01 | CVE-2020-9780 | Apple | Improper Cross-boundary Removal of Sensitive Data vulnerability in Apple Ipados and Iphone OS The issue was resolved by clearing application previews when content is deleted. | 3.3 |
2020-04-01 | CVE-2020-9776 | Apple | Unspecified vulnerability in Apple mac OS X This issue was addressed with a new entitlement. | 3.3 |
2020-04-01 | CVE-2020-9773 | Apple | Unspecified vulnerability in Apple Iphone OS The issue was addressed with improved handling of icon caches. | 3.3 |
2020-04-01 | CVE-2020-3894 | Apple | Race Condition vulnerability in Apple products A race condition was addressed with additional validation. | 3.1 |
2020-04-01 | CVE-2020-3891 | Apple | Unspecified vulnerability in Apple Iphone OS A logic issue was addressed with improved state management. | 2.4 |