Weekly Vulnerabilities Reports > May 4 to 10, 2020

Overview

289 new vulnerabilities reported during this period, including 41 critical vulnerabilities and 110 high severity vulnerabilities. This weekly summary report vulnerabilities in 290 products from 121 vendors including Cisco, Debian, Canonical, Linux, and Opensuse. Vulnerabilities are notably categorized as "Cross-site Scripting", "Path Traversal", "Out-of-bounds Write", "Improper Privilege Management", and "OS Command Injection".

  • 226 reported vulnerabilities are remotely exploitables.
  • 4 reported vulnerabilities have public exploit available.
  • 108 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 161 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 35 reported vulnerabilities.
  • Advantech has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

41 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-09 CVE-2020-12766 Solis SQL Injection vulnerability in Solis Gnuteca 3.8

Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter.

9.8
2020-05-09 CVE-2020-12637 Zulipchat Improper Certificate Validation vulnerability in Zulipchat Zulip Desktop

Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option.

9.8
2020-05-08 CVE-2020-11532 Zohocorp Insecure Default Initialization of Resource vulnerability in Zohocorp products

Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server.

9.8
2020-05-08 CVE-2020-11530 Idangero SQL Injection vulnerability in Idangero Chop Slider 3.0

A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin.

9.8
2020-05-08 CVE-2020-12022 Advantech Improper Validation of Array Index vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

9.8
2020-05-08 CVE-2020-12006 Advantech Path Traversal vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

9.8
2020-05-08 CVE-2020-12002 Advantech Out-of-bounds Write vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

9.8
2020-05-08 CVE-2020-10638 Advantech Out-of-bounds Write vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

9.8
2020-05-08 CVE-2020-12735 Domainmod Insufficient Entropy vulnerability in Domainmod 4.13.0

reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover.

9.8
2020-05-08 CVE-2020-12720 Vbulletin Missing Authentication for Critical Function vulnerability in Vbulletin

vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control.

9.8
2020-05-07 CVE-2020-11052 Sorcery Project Improper Restriction of Excessive Authentication Attempts vulnerability in Sorcery Project Sorcery

In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery.

9.8
2020-05-07 CVE-2020-10794 Gira Path Traversal vulnerability in Gira Tks-Ip-Gateway Firmware 4.0.7.7

Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to unauthenticated path traversal that allows an attacker to download the application database.

9.8
2020-05-07 CVE-2020-10176 Assaabloy Code Injection vulnerability in Assaabloy Yale Wipc-301W Firmware 2.X.2.29/2.X.2.43

ASSA ABLOY Yale WIPC-301W 2.x.2.29 through 2.x.2.43_p1 devices allow Eval Injection of commands.

9.8
2020-05-07 CVE-2020-4429 IBM Use of Hard-coded Credentials vulnerability in IBM Data Risk Manager

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account.

9.8
2020-05-07 CVE-2020-4427 IBM Unspecified vulnerability in IBM Data Risk Manager

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication.

9.8
2020-05-07 CVE-2020-7805 Infomark OS Command Injection vulnerability in Infomark Iml500 Firmware and Iml520 Firmware

An issue was discovered on KT Slim egg IML500 (R7283, R8112, R8424) and IML520 (R8112, R8368, R8411) wifi device.

9.8
2020-05-07 CVE-2020-7646 Curlrequest Project OS Command Injection vulnerability in Curlrequest Project Curlrequest

curlrequest through 1.0.1 allows reading any file by populating the file parameter with user input.

9.8
2020-05-07 CVE-2019-18869 Blaauwproducts Unspecified vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /default.php?idx=17.

9.8
2020-05-07 CVE-2019-18868 Blaauwproducts Insufficiently Protected Credentials vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL credentials in cleartext in /engine/db.inc, /lang/nl.bak, or /lang/en.bak.

9.8
2020-05-06 CVE-2020-8899 Google Out-of-bounds Write vulnerability in Google Android

There is a buffer overwrite vulnerability in the Quram qmg library of Samsung's Android OS versions O(8.x), P(9.0) and Q(10.0).

9.8
2020-05-06 CVE-2020-3318 Cisco Use of Hard-coded Credentials vulnerability in Cisco Secure Firewall Management Center

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account.

9.8
2020-05-06 CVE-2020-3125 Cisco Improper Authentication vulnerability in Cisco products

A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center (KDC) and bypass authentication on an affected device that is configured to perform Kerberos authentication for VPN or local device access.

9.8
2020-05-06 CVE-2020-7806 Tobesoft Download of Code Without Integrity Check vulnerability in Tobesoft Xplatform

Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control.

9.8
2020-05-06 CVE-2019-19169 Raonwiz Unspecified vulnerability in Raonwiz Dext5 2.7

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method.

9.8
2020-05-06 CVE-2019-19168 Raonwiz Unspecified vulnerability in Raonwiz Dext5 2.7

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method.

9.8
2020-05-06 CVE-2019-19167 Tobesoft Unspecified vulnerability in Tobesoft Nexacro

Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method supported by Nexacro14 ActiveX Control.

9.8
2020-05-04 CVE-2020-12641 Roundcube
Opensuse
OS Command Injection vulnerability in multiple products

rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.

9.8
2020-05-04 CVE-2020-12640 Roundcube
Opensuse
Path Traversal vulnerability in multiple products

Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.

9.8
2020-05-04 CVE-2020-8790 Oklok Project Weak Password Requirements vulnerability in Oklok Project Oklok 3.1.1

The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak password requirements combined with improper restriction of excessive authentication attempts, which could allow a remote attacker to discover user credentials and obtain access via a brute force attack.

9.8
2020-05-04 CVE-2020-12110 TP Link Use of Hard-coded Credentials vulnerability in Tp-Link products

Certain TP-Link devices have a Hardcoded Encryption Key.

9.8
2020-05-04 CVE-2020-1961 Apache Injection vulnerability in Apache Syncope

Vulnerability to Server-Side Template Injection on Mail templates for Apache Syncope 2.0.X releases prior to 2.0.15, 2.1.X releases prior to 2.1.6, enabling attackers to inject arbitrary JEXL expressions, leading to Remote Code Execution (RCE) was discovered.

9.8
2020-05-04 CVE-2020-1959 Apache Expression Language Injection vulnerability in Apache Syncope

A Server-Side Template Injection was identified in Apache Syncope prior to 2.1.6 enabling attackers to inject arbitrary Java EL expressions, leading to an unauthenticated Remote Code Execution (RCE) vulnerability.

9.8
2020-05-04 CVE-2020-1631 Juniper Path Traversal vulnerability in Juniper Junos

A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal.

9.8
2020-05-04 CVE-2020-12627 Janeczku Use of Hard-coded Credentials vulnerability in Janeczku Calibre-Web 0.6.6

Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key.

9.8
2020-05-05 CVE-2020-11035 Glpi Project
Fedoraproject
Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products

In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm.

9.3
2020-05-09 CVE-2020-12761 Enlightenment Integer Overflow or Wraparound vulnerability in Enlightenment Imlib2 1.6.0

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.

9.1
2020-05-08 CVE-2020-12740 Broadcom
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation.

9.1
2020-05-07 CVE-2020-4428 IBM OS Command Injection vulnerability in IBM Data Risk Manager

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system.

9.1
2020-05-07 CVE-2020-11431 Inetsoftware Path Traversal vulnerability in Inetsoftware Clear Reports, Helpdesk and Pdfc

The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal.

9.1
2020-05-06 CVE-2020-3187 Cisco Path Traversal vulnerability in Cisco products

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system.

9.1
2020-05-05 CVE-2020-10634 SAE IT Path Traversal vulnerability in Sae-It Net-Line Fw-50 Firmware

SAE IT-systems FW-50 Remote Telemetry Unit (RTU).

9.1

110 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-08 CVE-2020-11531 Zohocorp Path Traversal vulnerability in Zohocorp products

The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus prior to 6.0.1 does not validate the database schema name when handling a DR-SCHEMA-SYNC request.

8.8
2020-05-08 CVE-2020-12026 Advantech Path Traversal vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

8.8
2020-05-07 CVE-2020-9474 Siedle Download of Code Without Integrity Check vulnerability in Siedle SG 150-0 Firmware 1.1.0

The S.

8.8
2020-05-07 CVE-2020-7803 Imgtech Unspecified vulnerability in Imgtech Zoneplayer 2.0.1.3/2.0.1.4

IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, version 2.0.1.4 and prior versions on Windows.

8.8
2020-05-07 CVE-2020-10971 Wavlink Improper Input Validation vulnerability in Wavlink products

An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the same time.

8.8
2020-05-07 CVE-2019-19164 Raonwiz Unspecified vulnerability in Raonwiz Dext5 2.7

dext5.ocx ActiveX Control in Dext5 Upload 5.0.0.112 and earlier versions contains a vulnerability that could allow remote files to be executed by setting the arguments to the activex method.

8.8
2020-05-07 CVE-2019-18871 Blaauwproducts Path Traversal vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execution.

8.8
2020-05-07 CVE-2020-6081 Codesys Insufficient Verification of Data Authenticity vulnerability in Codesys Runtime 3.5.14.30

An exploitable code execution vulnerability exists in the PLC_Task functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30.

8.8
2020-05-07 CVE-2020-12691 Openstack
Canonical
Incorrect Authorization vulnerability in multiple products

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0.

8.8
2020-05-07 CVE-2020-12690 Openstack Insufficient Session Expiration vulnerability in Openstack Keystone

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0.

8.8
2020-05-07 CVE-2020-12689 Openstack
Canonical
Improper Privilege Management vulnerability in multiple products

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0.

8.8
2020-05-06 CVE-2020-12669 Dolibarr Improper Input Validation vulnerability in Dolibarr

core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter.

8.8
2020-05-06 CVE-2020-6094 Accusoft Integer Overflow or Wraparound vulnerability in Accusoft Imagegear 19.4.0/19.5.0/19.6.0

An exploitable code execution vulnerability exists in the TIFF fillinraster function of the igcore19d.dll library of Accusoft ImageGear 19.4, 19.5 and 19.6.

8.8
2020-05-06 CVE-2020-6082 Accusoft Out-of-bounds Write vulnerability in Accusoft Imagegear 19.4.0/19.5.0/19.6.0

An exploitable out-of-bounds write vulnerability exists in the ico_read function of the igcore19d.dll library of Accusoft ImageGear 19.6.0.

8.8
2020-05-06 CVE-2020-6076 Accusoft Out-of-bounds Write vulnerability in Accusoft Imagegear 19.5.0

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll ICO icoread parser of the Accusoft ImageGear 19.5.0 library.

8.8
2020-05-06 CVE-2020-6075 Accusoft Out-of-bounds Write vulnerability in Accusoft Imagegear 19.5.0

An exploitable out-of-bounds write vulnerability exists in the store_data_buffer function of the igcore19d.dll library of Accusoft ImageGear 19.5.0.

8.8
2020-05-06 CVE-2020-2189 Jenkins Deserialization of Untrusted Data vulnerability in Jenkins Source Code Management Filter Jervis 0.1/0.2/0.2.1

Jenkins SCM Filter Jervis Plugin 0.2.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

8.8
2020-05-05 CVE-2020-8830 Commscope Server-Side Request Forgery (SSRF) vulnerability in Commscope Ruckus Zoneflex R500 Firmware

CSRF in login.asp on Ruckus devices allows an attacker to access the panel, and use SSRF to perform scraping or other analysis via the SUBCA-1 field on the Wireless Admin screen.

8.8
2020-05-05 CVE-2020-8829 Intelbras Cross-Site Request Forgery (CSRF) vulnerability in Intelbras CIP 92200 Firmware

CSRF on Intelbras CIP 92200 devices allows an attacker to access the panel and perform scraping or other analysis.

8.8
2020-05-05 CVE-2019-19517 Intelbras Cross-Site Request Forgery (CSRF) vulnerability in Intelbras Action RF 1200 Firmware 1.1.3

Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process.

8.8
2020-05-05 CVE-2020-12104 Internet Formation SQL Injection vulnerability in Internet-Formation Wp-Advanced-Search

The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file.

8.8
2020-05-05 CVE-2017-18864 Netgear Classic Buffer Overflow vulnerability in Netgear products

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker.

8.8
2020-05-04 CVE-2020-5335 RSA Cross-Site Request Forgery (CSRF) vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability.

8.8
2020-05-04 CVE-2020-12109 TP Link OS Command Injection vulnerability in Tp-Link products

Certain TP-Link devices allow Command Injection.

8.8
2020-05-04 CVE-2020-12111 TP Link OS Command Injection vulnerability in Tp-Link Nc260 Firmware and Nc450 Firmware

Certain TP-Link devices allow Command Injection.

8.8
2020-05-06 CVE-2020-3283 Cisco Out-of-bounds Write vulnerability in Cisco products

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device.

8.6
2020-05-06 CVE-2020-3196 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition.

8.6
2020-05-06 CVE-2020-3191 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition.

8.6
2020-05-06 CVE-2020-3189 Cisco Memory Leak vulnerability in Cisco products

A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes.

8.6
2020-05-08 CVE-2020-7267 Mcafee Improper Privilege Management vulnerability in Mcafee Virusscan Enterprise 8.8

Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.

8.4
2020-05-08 CVE-2020-7266 Mcafee Improper Privilege Management vulnerability in Mcafee Virusscan Enterprise 1.9.0/1.9.1/2.0.0

Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.

8.4
2020-05-08 CVE-2020-7265 Mcafee Improper Privilege Management vulnerability in Mcafee Endpoint Security

Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.

8.4
2020-05-08 CVE-2020-7264 Mcafee Improper Privilege Management vulnerability in Mcafee Endpoint Security

Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.

8.4
2020-05-07 CVE-2020-11050 Java Websocket Project Improper Certificate Validation vulnerability in Java-Websocket Project Java-Websocket

In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation.

8.1
2020-05-07 CVE-2020-5894 F5 Session Fixation vulnerability in F5 Nginx Controller

On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side session token after users log out.

8.1
2020-05-06 CVE-2020-3302 Cisco Improper Input Validation vulnerability in Cisco Secure Firewall Management Center

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device.

8.1
2020-05-05 CVE-2020-7983 Commscope Cross-Site Request Forgery (CSRF) vulnerability in Commscope Ruckus Zoneflex R500 Firmware 3.4.2.0.384

A CSRF issue in login.asp on Ruckus R500 3.4.2.0.384 devices allows remote attackers to access the panel or conduct SSRF attacks.

8.1
2020-05-04 CVE-2020-11671 Teampass Missing Authorization vulnerability in Teampass

Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls.

8.1
2020-05-04 CVE-2020-11443 Zoom Incorrect Permission Assignment for Critical Resource vulnerability in Zoom IT Installer

The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client.

8.1
2020-05-07 CVE-2020-10916 TP Link Improper Authentication vulnerability in Tp-Link Tl-Wa855Re Firmware 190408/191213

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders.

8.0
2020-05-09 CVE-2020-12762 Json C
Fedoraproject
Debian
Canonical
Siemens
Integer Overflow or Wraparound vulnerability in multiple products

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

7.8
2020-05-08 CVE-2018-20225 Pypa Improper Input Validation vulnerability in Pypa PIP

An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index.

7.8
2020-05-08 CVE-2020-7291 Mcafee Improper Privilege Management vulnerability in Mcafee Active Response

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Mac prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

7.8
2020-05-08 CVE-2020-7290 Mcafee Improper Privilege Management vulnerability in Mcafee Active Response

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Linux prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

7.8
2020-05-08 CVE-2020-7289 Mcafee Improper Privilege Management vulnerability in Mcafee Active Response

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Windows prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

7.8
2020-05-08 CVE-2020-7288 Mcafee Improper Privilege Management vulnerability in Mcafee Endpoint Detection and Response 3.1.0

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Mac prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

7.8
2020-05-08 CVE-2020-7287 Mcafee Improper Privilege Management vulnerability in Mcafee Endpoint Detection and Response 3.1.0

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Linux prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

7.8
2020-05-08 CVE-2020-7286 Mcafee Improper Privilege Management vulnerability in Mcafee Endpoint Detection and Response

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Windows prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

7.8
2020-05-08 CVE-2020-7285 Mcafee Improper Privilege Management vulnerability in Mcafee Mvision Endpoint 18.11.31.62

Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.5.0.94 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

7.8
2020-05-07 CVE-2020-12608 Solarwinds Incorrect Default Permissions vulnerability in Solarwinds Managed Service Provider Patch Management Engine

An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent.

7.8
2020-05-07 CVE-2020-6652 Eaton Improper Privilege Management vulnerability in Eaton Intelligent Power Manager 1.6/1.67

Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests.

7.8
2020-05-07 CVE-2020-5895 F5 Incorrect Permission Assignment for Critical Resource vulnerability in F5 Nginx Controller 3.1.0/3.2.0/3.3.0

On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and world-writable permissions on its socket, which allows processes or users on the local system to write arbitrary data into the socket.

7.8
2020-05-06 CVE-2019-19166 Tobesoft Unspecified vulnerability in Tobesoft Xplatform

Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files.

7.8
2020-05-05 CVE-2020-12463 Avira Unspecified vulnerability in Avira Software Updater

An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links.

7.8
2020-05-05 CVE-2020-12657 Linux Use After Free vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.6.5.

7.8
2020-05-05 CVE-2020-12653 Linux
Opensuse
Debian
Netapp
Out-of-bounds Write vulnerability in multiple products

An issue was found in Linux kernel before 5.5.4.

7.8
2020-05-04 CVE-2020-5343 Dell Incorrect Authorization vulnerability in Dell OS Recovery Image for Microsoft Windows 10

Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability.

7.8
2020-05-04 CVE-2020-10622 Lcds Unspecified vulnerability in Lcds Laquis Scada

LCDS LAquis SCADA Versions 4.3.1 and prior.

7.8
2020-05-04 CVE-2020-8018 Suse Incorrect Default Permissions vulnerability in Suse Linux Enterprise Desktop 15

A Incorrect Default Permissions vulnerability in the SLES15-SP1-CHOST-BYOS and SLES15-SP1-CAP-Deployment-BYOS images of SUSE Linux Enterprise Server 15 SP1 allows local attackers with the UID 1000 to escalate to root due to a /etc directory owned by the user This issue affects: SUSE Linux Enterprise Server 15 SP1 SLES15-SP1-CAP-Deployment-BYOS version 1.0.1 and prior versions; SLES15-SP1-CHOST-BYOS versions prior to 1.0.3 and prior versions;

7.8
2020-05-10 CVE-2020-9315 Oracle Missing Authentication for Critical Function vulnerability in Oracle Iplanet web Server 7.0/7.0.27

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys.

7.5
2020-05-08 CVE-2020-12018 Advantech Out-of-bounds Read vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

7.5
2020-05-08 CVE-2020-12014 Advantech SQL Injection vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

7.5
2020-05-07 CVE-2020-12116 Zohocorp Path Traversal vulnerability in Zohocorp Manageengine Opmanager

Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request.

7.5
2020-05-07 CVE-2020-10974 Wavlink Missing Authentication for Critical Function vulnerability in Wavlink products

An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password.

7.5
2020-05-07 CVE-2020-10973 Wavlink Missing Authentication for Critical Function vulnerability in Wavlink products

An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administrator password.

7.5
2020-05-07 CVE-2020-10972 Wavlink Insufficiently Protected Credentials vulnerability in Wavlink products

An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page.

7.5
2020-05-07 CVE-2020-8983 Citrix Path Traversal vulnerability in Citrix Sharefile Storagezones Controller

An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution.

7.5
2020-05-07 CVE-2020-8982 Citrix Path Traversal vulnerability in Citrix Sharefile Storagezones Controller

An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020.

7.5
2020-05-07 CVE-2020-7473 Citrix Path Traversal vulnerability in Citrix Sharefile Storagezones Controller

In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users.

7.5
2020-05-07 CVE-2019-18872 Blaauwproducts Weak Password Requirements vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords (e.g., 1 or 1234).

7.5
2020-05-07 CVE-2019-18866 Blaauwproducts SQL Injection vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database.

7.5
2020-05-07 CVE-2019-18864 Blaauwproducts Unspecified vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

/server-info and /server-status in Blaauw Remote Kiln Control through v3.00r4 allow an unauthenticated attacker to gain sensitive information about the host machine.

7.5
2020-05-07 CVE-2019-18867 Blaauwproducts Information Exposure vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code.

7.5
2020-05-07 CVE-2018-5493 Atto Unspecified vulnerability in Atto Fibrebridge 7500N Firmware

ATTO FibreBridge 7500N firmware versions prior to 2.90 are susceptible to a vulnerability which allows an unauthenticated remote attacker to cause Denial of Service (DoS).

7.5
2020-05-06 CVE-2020-3312 Cisco Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Secure Firewall Management Center

A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device.

7.5
2020-05-06 CVE-2020-3306 Cisco Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance

A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device.

7.5
2020-05-06 CVE-2020-3305 Cisco Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance

A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

7.5
2020-05-06 CVE-2020-3303 Cisco Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

7.5
2020-05-06 CVE-2020-3298 Cisco Out-of-bounds Read vulnerability in Cisco Firepower Threat Defense

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service (DoS) condition.

7.5
2020-05-06 CVE-2020-3259 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information.

7.5
2020-05-06 CVE-2020-3255 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.5
2020-05-06 CVE-2020-3254 Cisco Resource Exhaustion vulnerability in Cisco products

Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.5
2020-05-06 CVE-2020-3195 Cisco Memory Leak vulnerability in Cisco products

A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device.

7.5
2020-05-06 CVE-2020-3179 Cisco Double Free vulnerability in Cisco products

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.5
2020-05-06 CVE-2020-10704 Samba
Fedoraproject
Opensuse
Debian
Uncontrolled Recursion vulnerability in multiple products

A flaw was found when using samba as an Active Directory Domain Controller.

7.5
2020-05-06 CVE-2020-12672 Graphicsmagick
Debian
Opensuse
Out-of-bounds Write vulnerability in multiple products

GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.

7.5
2020-05-05 CVE-2020-12649 Gurbalib Project Path Traversal vulnerability in Gurbalib Project Gurbalib 20200430

Gurbalib through 2020-04-30 allows lib/cmds/player/help.c directory traversal for reading administrative paths.

7.5
2020-05-04 CVE-2020-12642 Reportportal XXE vulnerability in Reportportal Service-Api

An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal.

7.5
2020-05-04 CVE-2020-11462 Openvpn XML Entity Expansion vulnerability in Openvpn Access Server

An issue was discovered in OpenVPN Access Server before 2.7.0 and 2.8.x before 2.8.3.

7.5
2020-05-04 CVE-2020-10876 Oklok Project Improper Restriction of Excessive Authentication Attempts vulnerability in Oklok Project Oklok 3.1.1

The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwords, nor does it properly restrict excessive verification attempts.

7.5
2020-05-04 CVE-2020-10187 Doorkeeper Project Missing Authorization vulnerability in Doorkeeper Project Doorkeeper

Doorkeeper version 5.0.0 and later contains an information disclosure vulnerability that allows an attacker to retrieve the client secret only intended for the OAuth application owner.

7.5
2020-05-04 CVE-2019-13285 Cososys Injection vulnerability in Cososys Endpoint Protector 5.1.0.2

CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection.

7.5
2020-05-04 CVE-2020-11842 Microfocus Unspecified vulnerability in Microfocus Verastream Host Integrator

Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49).

7.5
2020-05-04 CVE-2019-11823 Synology Out-of-bounds Read vulnerability in Synology Router Manager

CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.

7.5
2020-05-07 CVE-2020-5745 Tecnick Cross-Site Request Forgery (CSRF) vulnerability in Tecnick Tcexam 14.2.2

Cross-site request forgery in TCExam 14.2.2 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.

7.4
2020-05-06 CVE-2020-3334 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device.

7.4
2020-05-07 CVE-2020-6651 Eaton OS Command Injection vulnerability in Eaton Intelligent Power Manager 1.6/1.67

Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application.

7.3
2020-05-08 CVE-2019-10170 Redhat Unspecified vulnerability in Redhat Keycloak

A flaw was found in the Keycloak admin console, where the realm management interface permits a script to be set via the policy.

7.2
2020-05-08 CVE-2019-10169 Redhat Unspecified vulnerability in Redhat Keycloak

A flaw was found in Keycloak’s user-managed access interface, where it would permit a script to be set in the UMA policy.

7.2
2020-05-08 CVE-2020-5741 Plex Deserialization of Untrusted Data vulnerability in Plex Media Server

Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code.

7.2
2020-05-08 CVE-2020-12719 Wso2 XXE vulnerability in Wso2 products

XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier.

7.2
2020-05-07 CVE-2020-10795 Gira OS Command Injection vulnerability in Gira Tks-Ip-Gateway Firmware 4.0.7.7

Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend.

7.2
2020-05-06 CVE-2020-3309 Cisco Out-of-bounds Write vulnerability in Cisco Firepower Device Manager On-Box

A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device.

7.2
2020-05-05 CVE-2020-11033 Glpi Project
Fedoraproject
Information Exposure vulnerability in multiple products

In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User.

7.2
2020-05-05 CVE-2020-11032 Glpi Project SQL Injection vulnerability in Glpi-Project Glpi 9.4.5

In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances.

7.2
2020-05-04 CVE-2020-5332 RSA OS Command Injection vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain a command injection vulnerability.

7.2
2020-05-08 CVE-2020-12010 Advantech Path Traversal vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

7.1
2020-05-05 CVE-2020-12654 Linux Out-of-bounds Write vulnerability in Linux Kernel

An issue was found in Linux kernel before 5.5.4.

7.1
2020-05-08 CVE-2019-14898 Linux
Redhat
The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete.
7.0
2020-05-07 CVE-2020-9475 Siedle Race Condition vulnerability in Siedle SG 150-0 Firmware 1.1.0

The S.

7.0

130 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-05 CVE-2017-18867 Netgear Improper Input Validation vulnerability in Netgear products

Certain NETGEAR devices are affected by incorrect configuration of security settings.

6.8
2020-05-05 CVE-2017-18865 Netgear Out-of-bounds Write vulnerability in Netgear R8300 Firmware and R8500 Firmware

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user.

6.8
2020-05-09 CVE-2020-12770 Linux
Fedoraproject
Canonical
Debian
Netapp
An issue was discovered in the Linux kernel through 5.6.11.
6.7
2020-05-06 CVE-2020-3253 Cisco Unspecified vulnerability in Cisco Firepower Threat Defense

A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled.

6.7
2020-05-05 CVE-2020-12659 Linux
Netapp
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in the Linux kernel before 5.6.7.

6.7
2020-05-08 CVE-2020-6616 Google
Apple
Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing.
6.5
2020-05-08 CVE-2020-12737 Maxum Path Traversal vulnerability in Maxum Rumpus

An issue was discovered in Maxum Rumpus before 8.2.12 on macOS.

6.5
2020-05-07 CVE-2020-12687 Serpico Project Exposure of Resource to Wrong Sphere vulnerability in Serpico Project Serpico 1.3.0

An issue was discovered in Serpico before 1.3.3.

6.5
2020-05-07 CVE-2019-18870 Blaauwproducts Path Traversal vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine.

6.5
2020-05-06 CVE-2020-12108 GNU
Debian
Fedoraproject
Opensuse
Canonical
Injection vulnerability in multiple products

/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.

6.5
2020-05-06 CVE-2020-2183 Jenkins Incorrect Default Permissions vulnerability in Jenkins Copy Artifact

Jenkins Copy Artifact Plugin 1.43.1 and earlier performs improper permission checks, allowing attackers to copy artifacts from jobs they have no permission to access.

6.5
2020-05-06 CVE-2020-2181 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Credentials Binding

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets in the build log when the build contains no build steps.

6.5
2020-05-05 CVE-2020-10859 Zohocorp Path Traversal vulnerability in Zohocorp Manageengine Desktop Central

Zoho ManageEngine Desktop Central before 10.0.484 allows authenticated arbitrary file writes during ZIP archive extraction via Directory Traversal in a crafted AppDependency API request.

6.5
2020-05-05 CVE-2020-5517 Blueonyx Cross-Site Request Forgery (CSRF) vulnerability in Blueonyx 5209R Firmware

CSRF in the /login URI in BlueOnyx 5209R allows an attacker to access the dashboard and perform scraping or other analysis.

6.5
2020-05-04 CVE-2020-10717 Qemu Allocation of Resources Without Limits or Throttling vulnerability in Qemu 5.0/5.0.0

A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0.

6.5
2020-05-04 CVE-2018-21233 Google Out-of-bounds Read vulnerability in Google Tensorflow

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory.

6.5
2020-05-04 CVE-2020-8791 Oklok Project Authorization Bypass Through User-Controlled Key vulnerability in Oklok Project Oklok 3.1.1

The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) allows remote attackers to submit API requests using authenticated but unauthorized tokens, resulting in IDOR issues.

6.5
2020-05-04 CVE-2020-12626 Roundcube
Debian
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

An issue was discovered in Roundcube Webmail before 1.4.4.

6.5
2020-05-08 CVE-2020-10690 Linux
Redhat
Debian
Canonical
Opensuse
Netapp
Use After Free vulnerability in multiple products

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation.

6.4
2020-05-07 CVE-2020-11056 Barrelstrengthdesign Injection vulnerability in Barrelstrengthdesign Sprout Forms

In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code.

6.3
2020-05-07 CVE-2020-11053 Oauth2 Proxy Project Open Redirect vulnerability in Oauth2 Proxy Project Oauth2 Proxy

In OAuth2 Proxy before 5.1.1, there is an open redirect vulnerability.

6.1
2020-05-07 CVE-2020-12708 PHP Fusion Cross-site Scripting vulnerability in PHP-Fusion 9.03.50

Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the cat_id parameter to downloads/downloads.php or article.php.

6.1
2020-05-07 CVE-2020-12707 Lepton CMS Cross-site Scripting vulnerability in Lepton-Cms Lepton CMS 4.5.0

An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0.

6.1
2020-05-07 CVE-2020-12705 Lepton CMS Cross-site Scripting vulnerability in Lepton-Cms Leptoncms

Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS before 4.6.0.

6.1
2020-05-07 CVE-2020-12704 Ulicms Cross-site Scripting vulnerability in Ulicms 2019.1/2019.2

UliCMS before 2020.2 has PageController stored XSS.

6.1
2020-05-07 CVE-2020-12703 Ulicms Cross-site Scripting vulnerability in Ulicms 2019.1/2019.2

UliCMS before 2020.2 has XSS during PackageController uninstall.

6.1
2020-05-07 CVE-2020-5750 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature.

6.1
2020-05-07 CVE-2020-5748 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature.

6.1
2020-05-07 CVE-2020-12679 Mitel Cross-site Scripting vulnerability in Mitel Mivoice Connect and Shoretel Conference web

A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATH_INFO to home.php.

6.1
2020-05-07 CVE-2020-12696 Iframe Project Cross-site Scripting vulnerability in Iframe Project Iframe

The iframe plugin before 4.5 for WordPress does not sanitize a URL.

6.1
2020-05-06 CVE-2020-11727 Algolplus Cross-site Scripting vulnerability in Algolplus Advanced Order Export for Woocommerce 3.1.3

A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter.

6.1
2020-05-06 CVE-2020-3313 Cisco Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the FMC Software.

6.1
2020-05-06 CVE-2020-3311 Cisco Open Redirect vulnerability in Cisco Secure Firewall Management Center

A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.

6.1
2020-05-06 CVE-2020-3178 Cisco Open Redirect vulnerability in Cisco Content Security Management Appliance

Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.

6.1
2020-05-05 CVE-2020-12666 GO Macaron
Fedoraproject
Open Redirect vulnerability in multiple products

macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL.

6.1
2020-05-05 CVE-2020-11034 Glpi Project Open Redirect vulnerability in Glpi-Project Glpi

In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp.

6.1
2020-05-05 CVE-2020-10630 SAE IT Cross-site Scripting vulnerability in Sae-It Net-Line Fw-50 Firmware

SAE IT-systems FW-50 Remote Telemetry Unit (RTU).

6.1
2020-05-05 CVE-2020-8033 Commscope Cross-site Scripting vulnerability in Commscope Ruckus Zoneflex R500 Firmware 3.4.2.0.384

Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Name field.

6.1
2020-05-05 CVE-2019-19515 Ayision Cross-site Scripting vulnerability in Ayision Ays-Wr01 Firmware V28K.Rpt.20161224

Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in wireless settings.

6.1
2020-05-05 CVE-2020-11737 Zimbra Cross-site Scripting vulnerability in Zimbra 9.0.0

A cross-site scripting (XSS) vulnerability in Web Client in Zimbra 9.0 allows a remote attacker to craft links in an E-Mail message or calendar invite to execute arbitrary JavaScript.

6.1
2020-05-05 CVE-2017-18866 Netgear Cross-site Scripting vulnerability in Netgear products

Certain NETGEAR devices are affected by stored XSS.

6.1
2020-05-04 CVE-2020-5337 RSA Open Redirect vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL redirection vulnerability.

6.1
2020-05-04 CVE-2020-5336 RSA Injection vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability.

6.1
2020-05-04 CVE-2020-5334 RSA Cross-site Scripting vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability.

6.1
2020-05-04 CVE-2020-12639 Phplist Cross-site Scripting vulnerability in PHPlist

phpList before 3.5.3 allows XSS, with resultant privilege elevation, via lists/admin/template.php.

6.1
2020-05-04 CVE-2020-12625 Roundcube
Debian
Opensuse
Cross-site Scripting vulnerability in multiple products

An issue was discovered in Roundcube Webmail before 1.4.4.

6.1
2020-05-07 CVE-2020-11047 Freerdp
Canonical
Debian
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results.
5.9
2020-05-07 CVE-2020-11042 Freerdp
Debian
Canonical
In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info.
5.9
2020-05-04 CVE-2020-8896 Google Classic Buffer Overflow vulnerability in Google Earth

A Buffer Overflow vulnerability in the khcrypt implementation in Google Earth Pro versions up to and including 7.3.2 allows an attacker to perform a Man-in-the-Middle attack using a specially crafted key to read data past the end of the buffer used to hold it.

5.9
2020-05-06 CVE-2020-3285 Cisco Unspecified vulnerability in Cisco Firepower Threat Defense

A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL.

5.8
2020-05-06 CVE-2020-2187 Jenkins Improper Certificate Validation vulnerability in Jenkins Amazon EC2

Jenkins Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts self-signed certificates and does not perform hostname validation, enabling man-in-the-middle attacks.

5.6
2020-05-06 CVE-2020-2185 Jenkins Unspecified vulnerability in Jenkins Amazon EC2

Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate SSH host keys when connecting agents, enabling man-in-the-middle attacks.

5.6
2020-05-09 CVE-2020-12771 Linux
Debian
Opensuse
Canonical
Netapp
Oracle
Improper Locking vulnerability in multiple products

An issue was discovered in the Linux kernel through 5.6.11.

5.5
2020-05-09 CVE-2020-12769 Linux
Debian
Canonical
Opensuse
Netapp
Improper Synchronization vulnerability in multiple products

An issue was discovered in the Linux kernel before 5.4.17.

5.5
2020-05-09 CVE-2020-12768 Linux
Canonical
Debian
Memory Leak vulnerability in multiple products

An issue was discovered in the Linux kernel before 5.6.

5.5
2020-05-09 CVE-2020-12767 Libexif Project
Debian
Canonical
Opensuse
Divide By Zero vulnerability in multiple products

exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.

5.5
2020-05-08 CVE-2020-11541 Techsmith XXE vulnerability in Techsmith Snagit

In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity (XXE) injection issue exists that would allow a local attacker to exfiltrate data under the local Administrator account.

5.5
2020-05-08 CVE-2020-12680 Avira Unspecified vulnerability in Avira Free Antivirus

Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials.

5.5
2020-05-07 CVE-2014-1423 Signond Project
Ubports
Insufficiently Protected Credentials vulnerability in multiple products

signond before 8.57+15.04.20141127.1-0ubuntu1, as used in Ubuntu Touch, did not properly restrict applications from querying oath tokens due to incorrect checks and the missing installation of the signon-apparmor-extension.

5.5
2020-05-06 CVE-2020-6861 Ledger Use of a Broken or Risky Cryptographic Algorithm vulnerability in Ledger Monero

A flawed protocol design in the Ledger Monero app before 1.5.1 for Ledger Nano and Ledger S devices allows a local attacker to extract the master spending key by sending crafted messages to this app selected on a PIN-entered Ledger connected to a host PC.

5.5
2020-05-05 CVE-2020-12656 Linux
Canonical
Opensuse
Memory Leak vulnerability in multiple products

gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak.

5.5
2020-05-05 CVE-2020-12655 Linux Infinite Loop vulnerability in Linux Kernel

An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10.

5.5
2020-05-04 CVE-2020-5331 RSA Information Exposure vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability.

5.5
2020-05-04 CVE-2020-10618 Lcds Information Exposure vulnerability in Lcds Laquis Scada

LCDS LAquis SCADA Versions 4.3.1 and prior.

5.5
2020-05-04 CVE-2020-12475 TP Link Path Traversal vulnerability in Tp-Link Omada Controller 3.2.6

TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar.

5.5
2020-05-04 CVE-2019-12864 Solarwinds Information Exposure Through an Error Message vulnerability in Solarwinds products

SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter.

5.5
2020-05-08 CVE-2020-11006 Shopizer Cross-site Scripting vulnerability in Shopizer

In Shopizer before version 2.11.0, a script can be injected in various forms and saved in the database, then executed when information is fetched from backend.

5.4
2020-05-08 CVE-2020-12718 PHP Fusion Cross-site Scripting vulnerability in PHP-Fusion 9.03.50

In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature.

5.4
2020-05-07 CVE-2020-11055 Bookstackapp Cross-site Scripting vulnerability in Bookstackapp Bookstack

In BookStack greater than or equal to 0.18.0 and less than 0.29.2, there is an XSS vulnerability in comment creation.

5.4
2020-05-07 CVE-2020-12706 PHP Fusion Cross-site Scripting vulnerability in PHP-Fusion 9.03.50

Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faq_admin.php or shoutbox_panel/shoutbox_admin.php

5.4
2020-05-07 CVE-2020-5751 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted operator.

5.4
2020-05-07 CVE-2020-5749 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted group.

5.4
2020-05-07 CVE-2020-5747 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.

5.4
2020-05-07 CVE-2020-5746 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.

5.4
2020-05-07 CVE-2020-12683 Katyshop2 Project Cross-site Scripting vulnerability in Katyshop2 Project Katyshop2

Katyshop2 before 2.12 has multiple stored XSS issues.

5.4
2020-05-07 CVE-2020-12692 Openstack
Canonical
Authentication Bypass by Capture-replay vulnerability in multiple products

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0.

5.4
2020-05-06 CVE-2020-4421 IBM Authentication Bypass by Spoofing vulnerability in IBM Websphere Application Server

IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify.

5.4
2020-05-06 CVE-2020-4384 IBM Cross-site Scripting vulnerability in IBM products

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting.

5.4
2020-05-05 CVE-2020-11036 Glpi Project Cross-site Scripting vulnerability in Glpi-Project Glpi

In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities.

5.4
2020-05-05 CVE-2019-20768 Servicenow Cross-site Scripting vulnerability in Servicenow IT Service Management Kingston/London/Madrid

ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do.

5.4
2020-05-05 CVE-2019-19514 Ayision Cross-site Scripting vulnerability in Ayision Ays-Wr01 Firmware V28K.Rpt.20161224

Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in basic repeater settings via an SSID.

5.4
2020-05-04 CVE-2020-4209 IBM Path Traversal vulnerability in IBM Spectrum Protect Plus

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system.

5.4
2020-05-04 CVE-2020-12629 Enhancesoft Cross-site Scripting vulnerability in Enhancesoft Osticket

include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name.

5.4
2020-05-04 CVE-2019-17557 Apache Cross-site Scripting vulnerability in Apache Syncope

It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters.

5.4
2020-05-09 CVE-2020-12765 Solis Path Traversal vulnerability in Solis Miolo 2.0

Solis Miolo 2.0 allows index.php?module=install&action=view&item= Directory Traversal.

5.3
2020-05-09 CVE-2020-12764 Solis Path Traversal vulnerability in Solis Gnuteca 3.8

Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal.

5.3
2020-05-07 CVE-2020-12448 Gitlab Path Traversal vulnerability in Gitlab

GitLab EE 12.8 and later allows Exposure of Sensitive Information to an Unauthorized Actor via NuGet.

5.3
2020-05-07 CVE-2019-18865 Blaauwproducts Information Exposure Through an Error Message vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Information disclosure via error message discrepancies in authentication functions in Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to enumerate valid usernames.

5.3
2020-05-06 CVE-2018-8956 NTP Improper Input Validation vulnerability in NTP 4.2.8

ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets.

5.3
2020-05-06 CVE-2020-3315 Cisco Exposure of Resource to Wrong Sphere vulnerability in Cisco Firepower Threat Defense

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system.

5.3
2020-05-06 CVE-2020-3307 Cisco Improper Input Validation vulnerability in Cisco Secure Firewall Management Center

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to write arbitrary entries to the log file on an affected device.

5.3
2020-05-06 CVE-2020-3188 Cisco Insufficient Session Expiration vulnerability in Cisco products

A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition.

5.3
2020-05-06 CVE-2020-3186 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system.

5.3
2020-05-06 CVE-2020-7921 Mongodb Incorrect Authorization vulnerability in Mongodb

Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechanisms following administrative action.

5.3
2020-05-06 CVE-2020-10693 Redhat
IBM
Quarkus
Oracle
A flaw was found in Hibernate Validator version 6.1.2.Final.
5.3
2020-05-06 CVE-2020-4092 Hcltech Cleartext Transmission of Sensitive Information vulnerability in Hcltech HCL Nomad

"If port encryption is not enabled on the Domino Server, HCL Nomad on Android and iOS Platforms will communicate in clear text and does not currently have a user interface option to change the setting to request an encrypted communication channel with the Domino server.

5.3
2020-05-05 CVE-2020-12439 Grin Improper Resource Shutdown or Release vulnerability in Grin

Grin before 3.1.0 allows attackers to adversely affect availability of data on a Mimblewimble blockchain.

5.3
2020-05-04 CVE-2020-10700 Samba
Fedoraproject
Opensuse
Use After Free vulnerability in multiple products

A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control.

5.3
2020-05-04 CVE-2020-10933 Ruby Lang
Fedoraproject
Debian
Use of Uninitialized Resource vulnerability in multiple products

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0.

5.3
2020-05-04 CVE-2020-8792 Oklok Project Use of Insufficiently Random Values vulnerability in Oklok Project Oklok 3.1.1

The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has an information-exposure issue.

5.3
2020-05-08 CVE-2012-0953 Nvidia Race Condition vulnerability in Nvidia Display Driver 295.49

A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace.

5.0
2020-05-08 CVE-2012-0952 Nvidia Out-of-bounds Write vulnerability in Nvidia Display Driver 295.49

A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes.

5.0
2020-05-07 CVE-2020-5744 Tecnick Path Traversal vulnerability in Tecnick Tcexam 14.2.2

Relative Path Traversal in TCExam 14.2.2 allows a remote, authenticated attacker to read the contents of arbitrary files on disk.

4.9
2020-05-06 CVE-2020-3310 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Device Manager On-Box

A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload.

4.9
2020-05-06 CVE-2020-3308 Cisco Improper Verification of Cryptographic Signature vulnerability in Cisco products

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device.

4.9
2020-05-06 CVE-2020-3256 Cisco XXE vulnerability in Cisco Hosted Collaboration Mediation Fulfillment

A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system.

4.9
2020-05-05 CVE-2020-12144 Silver Peak Improper Certificate Validation vulnerability in Silver-Peak products

The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated.

4.9
2020-05-05 CVE-2020-12143 Silver Peak Improper Certificate Validation vulnerability in Silver-Peak products

The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator.

4.9
2020-05-05 CVE-2020-12142 Silver Peak Exposure of Resource to Wrong Sphere vulnerability in Silver-Peak products

1.

4.9
2020-05-10 CVE-2020-9314 Oracle Cross-site Scripting vulnerability in Oracle Iplanet web Server 7.0/7.0.27

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI.

4.8
2020-05-05 CVE-2020-11051 Requarks Cross-site Scripting vulnerability in Requarks Wiki.Js

In Wiki.js before 2.3.81, there is a stored XSS in the Markdown editor.

4.8
2020-05-05 CVE-2020-8799 Webtechideas Cross-site Scripting vulnerability in Webtechideas WTI Like Post

A Stored XSS vulnerability has been found in the administration page of the WTI Like Post plugin through 1.4.5 for WordPress.

4.8
2020-05-09 CVE-2019-20794 Linux Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed.

4.7
2020-05-04 CVE-2020-10686 Redhat Unspecified vulnerability in Redhat Keycloak 8.0.2/9.0.0

A flaw was found in Keycloak version 8.0.2 and 9.0.0, and was fixed in Keycloak version 9.0.1, where a malicious user registers as oneself.

4.7
2020-05-04 CVE-2020-12114 Linux Race Condition vulnerability in Linux Kernel

A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.

4.7
2020-05-07 CVE-2015-7946 Ubports Information Exposure vulnerability in Ubports Unity8

Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere.

4.6
2020-05-09 CVE-2019-20795 Iproute2 Project
Canonical
Use After Free vulnerability in multiple products

iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c.

4.4
2020-05-06 CVE-2020-3301 Cisco Use of Hard-coded Credentials vulnerability in Cisco Secure Firewall Management Center

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account.

4.4
2020-05-07 CVE-2020-4430 IBM Path Traversal vulnerability in IBM Data Risk Manager

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system.

4.3
2020-05-07 CVE-2020-5743 Tecnick Authorization Bypass Through User-Controlled Key vulnerability in Tecnick Tcexam 14.2.2

Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission.

4.3
2020-05-06 CVE-2020-3329 Cisco Unspecified vulnerability in Cisco products

A vulnerability in role-based access control of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system.

4.3
2020-05-06 CVE-2020-3246 Cisco Injection vulnerability in Cisco Umbrella

A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user of an affected service.

4.3
2020-05-06 CVE-2020-4446 IBM Incorrect Authorization vulnerability in IBM products

IBM Business Process Manager 8.0, 8.5, and 8.6 and IBM Business Automation Workflow 18.0 and 19.0 could allow a remote attacker to bypass security restrictions, caused by the failure to perform insufficient authorization checks.

4.3
2020-05-06 CVE-2020-2188 Jenkins Incorrect Authorization vulnerability in Jenkins Amazon EC2

A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

4.3
2020-05-06 CVE-2020-2186 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Amazon EC2

A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.50.1 and earlier allows attackers to provision instances.

4.3
2020-05-06 CVE-2020-2184 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Current Versions Systems

A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and earlier allows attackers to create and manipulate tags, and to connect to an attacker-specified URL.

4.3
2020-05-06 CVE-2020-2182 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Credentials Binding

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets containing a `$` character in some circumstances.

4.3
2020-05-04 CVE-2020-5333 RSA Incorrect Authorization vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the REST API.

4.3
2020-05-04 CVE-2020-1732 Redhat Improper Input Validation vulnerability in Redhat products

A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request.

4.2
2020-05-05 CVE-2020-12652 Linux Race Condition vulnerability in Linux Kernel

The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a.

4.1

8 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-07 CVE-2020-11054 Qutebrowser
Fedoraproject
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL.
3.5
2020-05-09 CVE-2020-12755 KDE Unspecified vulnerability in KDE Kio-Extras

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option.

3.3
2020-05-07 CVE-2020-11045 Freerdp
Debian
Canonical
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer.
3.3
2020-05-06 CVE-2019-4266 IBM Improper Privilege Management vulnerability in IBM Maximo Anywhere

IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does not have device jailbreak detection which could result in an attacker gaining sensitive information about the device.

2.4
2020-05-07 CVE-2020-11049 Freerdp
Canonical
Debian
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser.
2.2
2020-05-07 CVE-2020-11048 Freerdp
Canonical
Debian
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read.
2.2
2020-05-07 CVE-2020-11046 Freerdp
Canonical
Debian
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
2.2
2020-05-07 CVE-2020-11044 Freerdp
Canonical
Debian
In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed.
2.2