Weekly Vulnerabilities Reports > May 4 to 10, 2020

Overview

289 new vulnerabilities reported during this period, including 15 critical vulnerabilities and 35 high severity vulnerabilities. This weekly summary report vulnerabilities in 269 products from 120 vendors including Cisco, Linux, Mcafee, IBM, and Jenkins. Vulnerabilities are notably categorized as "Cross-site Scripting", "Path Traversal", "Improper Privilege Management", "Information Exposure", and "Improper Input Validation".

  • 234 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 111 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 207 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 35 reported vulnerabilities.
  • IBM has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

15 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-08 CVE-2020-11532 Zohocorp Improper Authentication vulnerability in Zohocorp products

Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server.

10.0
2020-05-07 CVE-2020-10176 Assaabloy OS Command Injection vulnerability in Assaabloy Yale Wipc-301W Firmware 2.X.2.29/2.X.2.43

ASSA ABLOY Yale WIPC-301W 2.x.2.29 through 2.x.2.43_p1 devices allow Eval Injection of commands.

10.0
2020-05-07 CVE-2020-4429 IBM Use of Hard-coded Credentials vulnerability in IBM Data Risk Manager

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account.

10.0
2020-05-07 CVE-2020-7805 Infomark OS Command Injection vulnerability in Infomark Iml500 Firmware and Iml520 Firmware

An issue was discovered on KT Slim egg IML500 (R7283, R8112, R8424) and IML520 (R8112, R8368, R8411) wifi device.

10.0
2020-05-06 CVE-2020-8899 Google Out-of-bounds Write vulnerability in Google Android

There is a buffer overwrite vulnerability in the Quram qmg library of Samsung's Android OS versions O(8.x), P(9.0) and Q(10.0).

10.0
2020-05-07 CVE-2020-10971 Wavlink Improper Input Validation vulnerability in Wavlink products

An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the same time.

9.3
2020-05-07 CVE-2020-12608 Solarwinds Incorrect Default Permissions vulnerability in Solarwinds Managed Service Provider Patch Management Engine

An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent.

9.3
2020-05-07 CVE-2020-9474 Siedle Download of Code Without Integrity Check vulnerability in Siedle SG 150-0 Firmware 1.1.0

The S.

9.0
2020-05-07 CVE-2020-10795 Gira OS Command Injection vulnerability in Gira Tks-Ip-Gateway Firmware 4.0.7.7

Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend.

9.0
2020-05-07 CVE-2020-4428 IBM OS Command Injection vulnerability in IBM Data Risk Manager

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system.

9.0
2020-05-07 CVE-2020-4427 IBM Improper Authentication vulnerability in IBM Data Risk Manager

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication.

9.0
2020-05-06 CVE-2020-3309 Cisco Out-of-bounds Write vulnerability in Cisco Firepower Device Manager On-Box

A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device.

9.0
2020-05-04 CVE-2020-5332 RSA OS Command Injection vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain a command injection vulnerability.

9.0
2020-05-04 CVE-2020-12109 TP Link OS Command Injection vulnerability in Tp-Link products

Certain TP-Link devices allow Command Injection.

9.0
2020-05-04 CVE-2020-12111 TP Link OS Command Injection vulnerability in Tp-Link Nc260 Firmware and Nc450 Firmware

Certain TP-Link devices allow Command Injection.

9.0

35 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-06 CVE-2020-3302 Cisco Improper Input Validation vulnerability in Cisco Firepower Management Center

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device.

8.5
2020-05-04 CVE-2020-11443 Zoom Incorrect Permission Assignment for Critical Resource vulnerability in Zoom IT Installer

The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client.

8.5
2020-05-06 CVE-2020-3306 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device.

7.8
2020-05-06 CVE-2020-3305 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

7.8
2020-05-06 CVE-2020-3303 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

7.8
2020-05-06 CVE-2020-3298 Cisco Out-of-bounds Read vulnerability in Cisco products

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service (DoS) condition.

7.8
2020-05-06 CVE-2020-3254 Cisco Resource Exhaustion vulnerability in Cisco products

Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.8
2020-05-06 CVE-2020-3179 Cisco Double Free vulnerability in Cisco products

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.8
2020-05-09 CVE-2020-12766 Solis SQL Injection vulnerability in Solis Gnuteca 3.8

Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter.

7.5
2020-05-09 CVE-2020-12637 Zulipchat Improper Certificate Validation vulnerability in Zulipchat Zulip Desktop

Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option.

7.5
2020-05-08 CVE-2020-11530 Idangero SQL Injection vulnerability in Idangero Chop Slider 3.0

A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin.

7.5
2020-05-08 CVE-2020-12022 Advantech Improper Validation of Array Index vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

7.5
2020-05-08 CVE-2020-12006 Advantech Path Traversal vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

7.5
2020-05-08 CVE-2020-12002 Advantech Out-of-bounds Write vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

7.5
2020-05-08 CVE-2020-10638 Advantech Out-of-bounds Write vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

7.5
2020-05-08 CVE-2020-12735 Domainmod Insufficient Entropy vulnerability in Domainmod 4.13.0

reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover.

7.5
2020-05-08 CVE-2020-12720 Vbulletin Incorrect Authorization vulnerability in Vbulletin

vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control.

7.5
2020-05-07 CVE-2020-7646 Curlrequest Project OS Command Injection vulnerability in Curlrequest Project Curlrequest

curlrequest through 1.0.1 allows reading any file by populating the file parameter with user input.

7.5
2020-05-07 CVE-2019-18869 Blaauwproducts Unspecified vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /default.php?idx=17.

7.5
2020-05-06 CVE-2020-3318 Cisco Use of Hard-coded Credentials vulnerability in Cisco Firepower Management Center

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account.

7.5
2020-05-06 CVE-2020-3187 Cisco Path Traversal vulnerability in Cisco products

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system.

7.5
2020-05-06 CVE-2020-7806 Tobesoft Download of Code Without Integrity Check vulnerability in Tobesoft Xplatform

Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control.

7.5
2020-05-06 CVE-2019-19169 Raonwiz
Microsoft
Unspecified vulnerability in Raonwiz Dext5 2.7

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method.

7.5
2020-05-06 CVE-2019-19168 Raonwiz
Microsoft
Unspecified vulnerability in Raonwiz Dext5 2.7

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method.

7.5
2020-05-06 CVE-2019-19167 Tobesoft
Microsoft
Unspecified vulnerability in Tobesoft Nexacro 2019.9.25.1

Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method supported by Nexacro14 ActiveX Control.

7.5
2020-05-04 CVE-2020-12641 Roundcube Argument Injection or Modification vulnerability in Roundcube Webmail

rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.

7.5
2020-05-04 CVE-2020-12640 Roundcube Path Traversal vulnerability in Roundcube Webmail

Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.

7.5
2020-05-04 CVE-2020-8790 Oklok Project Weak Password Requirements vulnerability in Oklok Project Oklok 3.1.1

The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak password requirements combined with improper restriction of excessive authentication attempts, which could allow a remote attacker to discover user credentials and obtain access via a brute force attack.

7.5
2020-05-04 CVE-2020-1961 Apache Injection vulnerability in Apache Syncope

Vulnerability to Server-Side Template Injection on Mail templates for Apache Syncope 2.0.X releases prior to 2.0.15, 2.1.X releases prior to 2.1.6, enabling attackers to inject arbitrary JEXL expressions, leading to Remote Code Execution (RCE) was discovered.

7.5
2020-05-04 CVE-2020-1959 Apache Code Injection vulnerability in Apache Syncope

A Server-Side Template Injection was identified in Apache Syncope prior to 2.1.6 enabling attackers to inject arbitrary Java EL expressions, leading to an unauthenticated Remote Code Execution (RCE) vulnerability.

7.5
2020-05-04 CVE-2020-12627 Calibre WEB Project Improper Authentication vulnerability in Calibre-Web Project Calibre-Web 0.6.6

Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key.

7.5
2020-05-06 CVE-2020-3253 Cisco Unspecified vulnerability in Cisco Firepower Threat Defense

A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled.

7.2
2020-05-05 CVE-2020-12659 Linux Out-of-bounds Write vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.6.7.

7.2
2020-05-04 CVE-2020-5343 Dell Incorrect Authorization vulnerability in Dell OS Recovery Image FOR Microsoft Windows 10

Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability.

7.2
2020-05-04 CVE-2020-8018 Suse Incorrect Default Permissions vulnerability in Suse Linux Enterprise Desktop 15

A Incorrect Default Permissions vulnerability in the SLES15-SP1-CHOST-BYOS and SLES15-SP1-CAP-Deployment-BYOS images of SUSE Linux Enterprise Server 15 SP1 allows local attackers with the UID 1000 to escalate to root due to a /etc directory owned by the user This issue affects: SUSE Linux Enterprise Server 15 SP1 SLES15-SP1-CAP-Deployment-BYOS version 1.0.1 and prior versions; SLES15-SP1-CHOST-BYOS versions prior to 1.0.3 and prior versions;

7.2

194 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-08 CVE-2019-14898 Linux
Redhat
Improper Locking vulnerability in multiple products

The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete.

6.9
2020-05-07 CVE-2020-9475 Siedle Improper Privilege Management vulnerability in Siedle SG 150-0 Firmware 1.1.0

The S.

6.9
2020-05-09 CVE-2020-12762 Json C Project Integer Overflow or Wraparound vulnerability in Json-C Project Json-C

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

6.8
2020-05-08 CVE-2018-20225 Pypa Improper Input Validation vulnerability in Pypa PIP

** DISPUTED ** An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index.

6.8
2020-05-07 CVE-2020-11050 Java Websocket Project Improper Certificate Validation vulnerability in Java-Websocket Project Java-Websocket

In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation.

6.8
2020-05-07 CVE-2020-7803 Imgtech Unspecified vulnerability in Imgtech Zoneplayer 2.0.1.3/2.0.1.4

IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, version 2.0.1.4 and prior versions on Windows.

6.8
2020-05-07 CVE-2019-19164 Dext5
Raonwiz
Microsoft
Improper Input Validation vulnerability in Raonwiz Dext5 2.7

dext5.ocx ActiveX Control in Dext5 Upload 5.0.0.112 and earlier versions contains a vulnerability that could allow remote files to be executed by setting the arguments to the activex method.

6.8
2020-05-06 CVE-2020-3310 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Device Manager On-Box

A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload.

6.8
2020-05-06 CVE-2020-3125 Cisco Improper Authentication vulnerability in Cisco products

A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center (KDC) and bypass authentication on an affected device that is configured to perform Kerberos authentication for VPN or local device access.

6.8
2020-05-06 CVE-2020-6094 Accusoft Integer Overflow or Wraparound vulnerability in Accusoft Imagegear 19.4.0/19.5.0/19.6.0

An exploitable code execution vulnerability exists in the TIFF fillinraster function of the igcore19d.dll library of Accusoft ImageGear 19.4, 19.5 and 19.6.

6.8
2020-05-06 CVE-2020-6082 Accusoft Out-of-bounds Write vulnerability in Accusoft Imagegear 19.6.0

An exploitable out-of-bounds write vulnerability exists in the ico_read function of the igcore19d.dll library of Accusoft ImageGear 19.6.0.

6.8
2020-05-06 CVE-2020-6076 Accusoft Out-of-bounds Write vulnerability in Accusoft Imagegear 19.5.0

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll ICO icoread parser of the Accusoft ImageGear 19.5.0 library.

6.8
2020-05-06 CVE-2020-6075 Accusoft Out-of-bounds Write vulnerability in Accusoft Imagegear 19.5.0

An exploitable out-of-bounds write vulnerability exists in the store_data_buffer function of the igcore19d.dll library of Accusoft ImageGear 19.5.0.

6.8
2020-05-06 CVE-2020-2187 Jenkins Improper Certificate Validation vulnerability in Jenkins Amazon EC2

Jenkins Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts self-signed certificates and does not perform hostname validation, enabling man-in-the-middle attacks.

6.8
2020-05-06 CVE-2020-2185 Jenkins Unspecified vulnerability in Jenkins Amazon EC2

Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate SSH host keys when connecting agents, enabling man-in-the-middle attacks.

6.8
2020-05-05 CVE-2020-8830 Commscope Cross-Site Request Forgery (CSRF) vulnerability in Commscope Ruckus Zoneflex R500 Firmware

CSRF in login.asp on Ruckus devices allows an attacker to access the panel, and use SSRF to perform scraping or other analysis via the SUBCA-1 field on the Wireless Admin screen.

6.8
2020-05-05 CVE-2020-8829 Intelbras Cross-Site Request Forgery (CSRF) vulnerability in Intelbras CIP 92200 Firmware

CSRF on Intelbras CIP 92200 devices allows an attacker to access the panel and perform scraping or other analysis.

6.8
2020-05-05 CVE-2019-19517 Intelbras Cross-Site Request Forgery (CSRF) vulnerability in Intelbras Action RF 1200 Firmware 1.1.3

Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process.

6.8
2020-05-04 CVE-2020-5335 RSA Cross-Site Request Forgery (CSRF) vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability.

6.8
2020-05-04 CVE-2020-10622 Lcds Unspecified vulnerability in Lcds Laquis Scada 4.1.0.3870/4.3.1

LCDS LAquis SCADA Versions 4.3.1 and prior.

6.8
2020-05-04 CVE-2020-1631 Juniper Path Traversal vulnerability in Juniper Junos

A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal.

6.8
2020-05-08 CVE-2020-11531 Zohocorp Path Traversal vulnerability in Zohocorp products

The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus prior to 6.0.1 does not validate the database schema name when handling a DR-SCHEMA-SYNC request.

6.5
2020-05-08 CVE-2019-10170 Redhat Improper Privilege Management vulnerability in Redhat Keycloak

A flaw was found in the Keycloak admin console, where the realm management interface permits a script to be set via the policy.

6.5
2020-05-08 CVE-2019-10169 Redhat Improper Privilege Management vulnerability in Redhat Keycloak

A flaw was found in Keycloak’s user-managed access interface, where it would permit a script to be set in the UMA policy.

6.5
2020-05-08 CVE-2020-5741 Plex Deserialization of Untrusted Data vulnerability in Plex Media Server 0.9.9.2/1.18.2.202936236Cc4C/1.19.1.2701

Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code.

6.5
2020-05-08 CVE-2020-12026 Advantech Path Traversal vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

6.5
2020-05-08 CVE-2020-12719 Wso2 XXE vulnerability in Wso2 products

XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier.

6.5
2020-05-07 CVE-2020-11056 Barrelstrengthdesign Code Injection vulnerability in Barrelstrengthdesign Sprout Forms

In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code.

6.5
2020-05-07 CVE-2019-18871 Blaauwproducts Path Traversal vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execution.

6.5
2020-05-07 CVE-2020-6081 Codesys Insufficient Verification of Data Authenticity vulnerability in Codesys Runtime 3.5.14.30

An exploitable code execution vulnerability exists in the PLC_Task functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30.

6.5
2020-05-07 CVE-2020-12691 Openstack Missing Encryption of Sensitive Data vulnerability in Openstack Keystone

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0.

6.5
2020-05-07 CVE-2020-12690 Openstack Insufficient Session Expiration vulnerability in Openstack Keystone

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0.

6.5
2020-05-07 CVE-2020-12689 Openstack Improper Privilege Management vulnerability in Openstack Keystone

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0.

6.5
2020-05-06 CVE-2020-12669 Dolibarr Incorrect Authorization vulnerability in Dolibarr

core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter.

6.5
2020-05-06 CVE-2020-2189 Jenkins Deserialization of Untrusted Data vulnerability in Jenkins Source Code Management Filter Jervis 0.1/0.2/0.2.1

Jenkins SCM Filter Jervis Plugin 0.2.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

6.5
2020-05-05 CVE-2020-11032 Glpi Project SQL Injection vulnerability in Glpi-Project Glpi 9.4.5

In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances.

6.5
2020-05-05 CVE-2020-12104 WP Advanced Search Project SQL Injection vulnerability in Wp-Advanced-Search Project Wp-Advanced-Search

The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file.

6.5
2020-05-04 CVE-2020-10686 Redhat Incorrect Authorization vulnerability in Redhat Keycloak 8.0.2/9.0.0

A flaw was found in Keycloak version 8.0.2 and 9.0.0, and was fixed in Keycloak version 9.0.1, where a malicious user registers as oneself.

6.5
2020-05-09 CVE-2020-12761 Enlightenment Integer Overflow or Wraparound vulnerability in Enlightenment Imlib2 1.6.0

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.

6.4
2020-05-08 CVE-2020-12740 Appneta Out-of-bounds Read vulnerability in Appneta Tcpreplay

tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation.

6.4
2020-05-07 CVE-2020-11431 Inetsoftware Path Traversal vulnerability in Inetsoftware Clear Reports, Helpdesk and Pdfc

The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal.

6.4
2020-05-05 CVE-2020-11035 Glpi Project Use of a Broken or Risky Cryptographic Algorithm vulnerability in Glpi-Project Glpi

In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm.

6.4
2020-05-05 CVE-2020-10634 SAE IT Path Traversal vulnerability in Sae-It Net-Line Fw-50 Firmware

SAE IT-systems FW-50 Remote Telemetry Unit (RTU).

6.4
2020-05-06 CVE-2020-3334 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device.

6.1
2020-05-07 CVE-2020-6651 Eaton Improper Input Validation vulnerability in Eaton Intelligent Power Manager 1.6/1.67

Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application.

6.0
2020-05-05 CVE-2020-11033 Glpi Project
Fedoraproject
Information Exposure vulnerability in multiple products

In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User.

6.0
2020-05-08 CVE-2020-12010 Advantech Path Traversal vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

5.8
2020-05-07 CVE-2020-11053 Oauth2 Proxy Project Open Redirect vulnerability in Oauth2 Proxy Project Oauth2 Proxy

In OAuth2 Proxy before 5.1.1, there is an open redirect vulnerability.

5.8
2020-05-07 CVE-2020-5894 F5 Session Fixation vulnerability in F5 Nginx Controller

On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side session token after users log out.

5.8
2020-05-06 CVE-2020-3311 Cisco Open Redirect vulnerability in Cisco Firepower Management Center

A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.

5.8
2020-05-06 CVE-2020-3178 Cisco Open Redirect vulnerability in Cisco Content Security Management Appliance

Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.

5.8
2020-05-05 CVE-2020-12666 GO Macaron Open Redirect vulnerability in Go-Macaron Macaron

macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL.

5.8
2020-05-05 CVE-2020-11034 Glpi Project Open Redirect vulnerability in Glpi-Project Glpi

In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp.

5.8
2020-05-05 CVE-2020-7983 Commscope Cross-Site Request Forgery (CSRF) vulnerability in Commscope Ruckus Zoneflex R500 Firmware 3.4.2.0.384

A CSRF issue in login.asp on Ruckus R500 3.4.2.0.384 devices allows remote attackers to access the panel or conduct SSRF attacks.

5.8
2020-05-05 CVE-2017-18864 Netgear Classic Buffer Overflow vulnerability in Netgear products

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker.

5.8
2020-05-04 CVE-2020-5337 RSA Open Redirect vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL redirection vulnerability.

5.8
2020-05-04 CVE-2020-5336 RSA Injection vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability.

5.8
2020-05-04 CVE-2020-11671 Teampass Improper Privilege Management vulnerability in Teampass

Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls.

5.8
2020-05-07 CVE-2020-12692 Openstack Missing Encryption of Sensitive Data vulnerability in Openstack Keystone

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0.

5.5
2020-05-06 CVE-2020-4421 IBM Improper Authentication vulnerability in IBM Websphere Application Server

IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify.

5.5
2020-05-04 CVE-2020-4209 IBM Path Traversal vulnerability in IBM Spectrum Protect Plus

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system.

5.5
2020-05-07 CVE-2020-10916 TP Link Improper Authentication vulnerability in Tp-Link Tl-Wa855Re Firmware 190408/191213

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders.

5.2
2020-05-05 CVE-2017-18865 Netgear Out-of-bounds Write vulnerability in Netgear R8300 Firmware and R8500 Firmware

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user.

5.2
2020-05-10 CVE-2020-9315 Oracle Inadequate Encryption Strength vulnerability in Oracle Iplanet web Server 7.0/7.0.27

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys.

5.0
2020-05-09 CVE-2020-12765 Solis Path Traversal vulnerability in Solis Miolo 2.0

Solis Miolo 2.0 allows index.php?module=install&action=view&item= Directory Traversal.

5.0
2020-05-09 CVE-2020-12764 Solis Path Traversal vulnerability in Solis Gnuteca 3.8

Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal.

5.0
2020-05-08 CVE-2020-12018 Advantech Out-of-bounds Read vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

5.0
2020-05-08 CVE-2020-12014 Advantech SQL Injection vulnerability in Advantech Webaccess

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0.

5.0
2020-05-07 CVE-2020-11052 Sorcery Project Improper Restriction of Excessive Authentication Attempts vulnerability in Sorcery Project Sorcery

In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery.

5.0
2020-05-07 CVE-2020-10794 Gira Path Traversal vulnerability in Gira Tks-Ip-Gateway Firmware 4.0.7.7

Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to unauthenticated path traversal that allows an attacker to download the application database.

5.0
2020-05-07 CVE-2020-12116 Zohocorp Information Exposure vulnerability in Zohocorp Manageengine Opmanager

Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request.

5.0
2020-05-07 CVE-2020-10974 Wavlink Insufficiently Protected Credentials vulnerability in Wavlink Wl-Wn575A3 Firmware and Wl-Wn579G3 Firmware

An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password.

5.0
2020-05-07 CVE-2020-10973 Wavlink Insufficiently Protected Credentials vulnerability in Wavlink Wn530Hg4 Firmware M30Hg4.V5030.191116

An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administrator password.

5.0
2020-05-07 CVE-2020-10972 Wavlink Insufficiently Protected Credentials vulnerability in Wavlink Wn530Hg4 Firmware M30Hg4.V5030.191116

An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page.

5.0
2020-05-07 CVE-2020-12448 Gitlab Path Traversal vulnerability in Gitlab

GitLab EE 12.8 and later allows Exposure of Sensitive Information to an Unauthorized Actor via NuGet.

5.0
2020-05-07 CVE-2020-8983 Citrix Path Traversal vulnerability in Citrix Sharefile Storagezones Controller

An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution.

5.0
2020-05-07 CVE-2020-8982 Citrix Path Traversal vulnerability in Citrix Sharefile Storagezones Controller

An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020.

5.0
2020-05-07 CVE-2020-7473 Citrix Path Traversal vulnerability in Citrix Sharefile Storagezones Controller

In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users.

5.0
2020-05-07 CVE-2019-18872 Blaauwproducts Weak Password Requirements vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords (e.g., 1 or 1234).

5.0
2020-05-07 CVE-2019-18866 Blaauwproducts SQL Injection vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database.

5.0
2020-05-07 CVE-2019-18864 Blaauwproducts Information Exposure vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

/server-info and /server-status in Blaauw Remote Kiln Control through v3.00r4 allow an unauthenticated attacker to gain sensitive information about the host machine.

5.0
2020-05-07 CVE-2019-18868 Blaauwproducts Insufficiently Protected Credentials vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL credentials in cleartext in /engine/db.inc, /lang/nl.bak, or /lang/en.bak.

5.0
2020-05-07 CVE-2019-18867 Blaauwproducts Information Exposure vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code.

5.0
2020-05-07 CVE-2019-18865 Blaauwproducts Information Exposure vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

Information disclosure via error message discrepancies in authentication functions in Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to enumerate valid usernames.

5.0
2020-05-07 CVE-2018-5493 Atto Unspecified vulnerability in Atto Fibrebridge 7500N Firmware

ATTO FibreBridge 7500N firmware versions prior to 2.90 are susceptible to a vulnerability which allows an unauthenticated remote attacker to cause Denial of Service (DoS).

5.0
2020-05-06 CVE-2018-8956 NTP Improper Input Validation vulnerability in NTP 4.2.8

ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets.

5.0
2020-05-06 CVE-2020-3315 Cisco Exposure of Resource to Wrong Sphere vulnerability in Cisco products

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system.

5.0
2020-05-06 CVE-2020-3312 Cisco Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Firepower Management Center

A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device.

5.0
2020-05-06 CVE-2020-3307 Cisco Improper Input Validation vulnerability in Cisco Firepower Management Center

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to write arbitrary entries to the log file on an affected device.

5.0
2020-05-06 CVE-2020-3285 Cisco Improper Input Validation vulnerability in Cisco Firepower Threat Defense

A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL.

5.0
2020-05-06 CVE-2020-3283 Cisco Out-of-bounds Write vulnerability in Cisco products

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device.

5.0
2020-05-06 CVE-2020-3259 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information.

5.0
2020-05-06 CVE-2020-3255 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

5.0
2020-05-06 CVE-2020-3196 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition.

5.0
2020-05-06 CVE-2020-3195 Cisco Memory Leak vulnerability in Cisco products

A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device.

5.0
2020-05-06 CVE-2020-3191 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition.

5.0
2020-05-06 CVE-2020-3189 Cisco Memory Leak vulnerability in Cisco products

A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes.

5.0
2020-05-06 CVE-2020-3188 Cisco Insufficient Session Expiration vulnerability in Cisco products

A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition.

5.0
2020-05-06 CVE-2020-3186 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system.

5.0
2020-05-06 CVE-2020-10704 Samba
Fedoraproject
Opensuse
Classic Buffer Overflow vulnerability in multiple products

A flaw was found when using samba as an Active Directory Domain Controller.

5.0
2020-05-06 CVE-2020-10693 Redhat
IBM
Quarkus
Improper Input Validation vulnerability in multiple products

A flaw was found in Hibernate Validator version 6.1.2.Final.

5.0
2020-05-06 CVE-2020-4092 Hcltech Cleartext Transmission of Sensitive Information vulnerability in Hcltech HCL Nomad

"If port encryption is not enabled on the Domino Server, HCL Nomad on Android and iOS Platforms will communicate in clear text and does not currently have a user interface option to change the setting to request an encrypted communication channel with the Domino server.

5.0
2020-05-06 CVE-2020-12672 Graphicsmagick Out-of-bounds Write vulnerability in Graphicsmagick

GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.

5.0
2020-05-05 CVE-2020-12439 Grin Improper Resource Shutdown or Release vulnerability in Grin

Grin before 3.1.0 allows attackers to adversely affect availability of data on a Mimblewimble blockchain.

5.0
2020-05-05 CVE-2020-12649 Gurbalib Project Path Traversal vulnerability in Gurbalib Project Gurbalib 20200430

Gurbalib through 2020-04-30 allows lib/cmds/player/help.c directory traversal for reading administrative paths.

5.0
2020-05-04 CVE-2020-12642 Reportportal XXE vulnerability in Reportportal Service-Api

An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal.

5.0
2020-05-04 CVE-2020-10933 Ruby Lang Information Exposure vulnerability in Ruby-Lang Ruby

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0.

5.0
2020-05-04 CVE-2020-8792 Oklok Project Information Exposure vulnerability in Oklok Project Oklok 3.1.1

The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has an information-exposure issue.

5.0
2020-05-04 CVE-2020-12110 TP Link Use of Hard-coded Credentials vulnerability in Tp-Link products

Certain TP-Link devices have a Hardcoded Encryption Key.

5.0
2020-05-04 CVE-2020-10876 Oklok Project Improper Restriction of Excessive Authentication Attempts vulnerability in Oklok Project Oklok 3.1.1

The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwords, nor does it properly restrict excessive verification attempts.

5.0
2020-05-04 CVE-2019-13285 Cososys Injection vulnerability in Cososys Endpoint Protector 5.1.0.2

CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection.

5.0
2020-05-04 CVE-2020-11842 Microfocus Information Exposure vulnerability in Microfocus Verastream Host Integrator

Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49).

5.0
2020-05-04 CVE-2019-11823 Synology Out-of-bounds Read vulnerability in Synology Router Manager

CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.

5.0
2020-05-10 CVE-2020-9314 Oracle Injection vulnerability in Oracle Iplanet web Server 7.0/7.0.27

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI.

4.9
2020-05-09 CVE-2020-12771 Linux Improper Input Validation vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 5.6.11.

4.9
2020-05-09 CVE-2020-12769 Linux Improper Input Validation vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.4.17.

4.9
2020-05-07 CVE-2020-11047 Freerdp
Canonical
Out-of-bounds Read vulnerability in multiple products

In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results.

4.9
2020-05-07 CVE-2020-11045 Freerdp Out-of-bounds Read vulnerability in Freerdp 1.1.0/1.2.0

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer.

4.9
2020-05-07 CVE-2020-11042 Freerdp Out-of-bounds Read vulnerability in Freerdp 1.1.0/1.2.0

In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info.

4.9
2020-05-04 CVE-2020-1732 Redhat Improper Input Validation vulnerability in Redhat products

A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request.

4.9
2020-05-09 CVE-2019-20794 Linux Resource Exhaustion vulnerability in Linux Kernel

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed.

4.7
2020-05-05 CVE-2020-12652 Linux Race Condition vulnerability in Linux Kernel

The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a.

4.7
2020-05-09 CVE-2020-12770 Linux
Fedoraproject
An issue was discovered in the Linux kernel through 5.6.11.
4.6
2020-05-08 CVE-2020-7291 Mcafee Improper Privilege Management vulnerability in Mcafee Active Response

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Mac prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

4.6
2020-05-08 CVE-2020-7290 Mcafee Improper Privilege Management vulnerability in Mcafee Active Response

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Linux prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

4.6
2020-05-08 CVE-2020-7289 Mcafee Improper Privilege Management vulnerability in Mcafee Active Response

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Windows prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

4.6
2020-05-08 CVE-2020-7288 Mcafee Improper Privilege Management vulnerability in Mcafee Endpoint Detection and Response 3.1.0

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Mac prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

4.6
2020-05-08 CVE-2020-7287 Mcafee Improper Privilege Management vulnerability in Mcafee Endpoint Detection and Response 3.1.0

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Linux prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

4.6
2020-05-08 CVE-2020-7286 Mcafee Improper Privilege Management vulnerability in Mcafee Endpoint Detection and Response

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Windows prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

4.6
2020-05-08 CVE-2020-7285 Mcafee Improper Privilege Management vulnerability in Mcafee Mvision Endpoint 18.11.31.62

Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.5.0.94 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

4.6
2020-05-07 CVE-2020-6652 Eaton Improper Privilege Management vulnerability in Eaton Intelligent Power Manager 1.6/1.67

Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests.

4.6
2020-05-07 CVE-2020-5895 F5 Unspecified vulnerability in F5 Nginx Controller 3.1.0/3.2.0/3.3.0

On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and world-writable permissions on its socket, which allows processes or users on the local system to write arbitrary data into the socket.

4.6
2020-05-05 CVE-2020-12463 Avira Improper Privilege Management vulnerability in Avira Software Updater

An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links.

4.6
2020-05-05 CVE-2017-18867 Netgear Improper Input Validation vulnerability in Netgear products

Certain NETGEAR devices are affected by incorrect configuration of security settings.

4.6
2020-05-05 CVE-2020-12657 Linux Use After Free vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.6.5.

4.6
2020-05-05 CVE-2020-12653 Linux Improper Privilege Management vulnerability in Linux Kernel

An issue was found in Linux kernel before 5.5.4.

4.6
2020-05-08 CVE-2020-10690 Linux
Redhat
Use After Free vulnerability in multiple products

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation.

4.4
2020-05-08 CVE-2012-0953 Nvidia Race Condition vulnerability in Nvidia Display Driver 295.49

A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace.

4.4
2020-05-08 CVE-2012-0952 Nvidia Out-of-bounds Write vulnerability in Nvidia Display Driver 295.49

A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes.

4.4
2020-05-06 CVE-2019-19166 Tobesoft
Microsoft
Unspecified vulnerability in Tobesoft Xplatform

Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files.

4.4
2020-05-07 CVE-2014-1423 Signond Project
Ubports
Insufficiently Protected Credentials vulnerability in multiple products

signond before 8.57+15.04.20141127.1-0ubuntu1, as used in Ubuntu Touch, did not properly restrict applications from querying oath tokens due to incorrect checks and the missing installation of the signon-apparmor-extension.

4.3
2020-05-07 CVE-2020-11054 Qutebrowser Incorrect Provision of Specified Functionality vulnerability in Qutebrowser

In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL.

4.3
2020-05-07 CVE-2020-12708 PHP Fusion Cross-site Scripting vulnerability in PHP-Fusion 9.03.50

Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the cat_id parameter to downloads/downloads.php or article.php.

4.3
2020-05-07 CVE-2020-12707 Lepton CMS Cross-site Scripting vulnerability in Lepton-Cms Lepton CMS 4.5.0

An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0.

4.3
2020-05-07 CVE-2020-12705 Lepton CMS Cross-site Scripting vulnerability in Lepton-Cms Leptoncms

Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS before 4.6.0.

4.3
2020-05-07 CVE-2020-12704 Ulicms Cross-site Scripting vulnerability in Ulicms 2019.1/2019.2

UliCMS before 2020.2 has PageController stored XSS.

4.3
2020-05-07 CVE-2020-12703 Ulicms Cross-site Scripting vulnerability in Ulicms 2019.1/2019.2

UliCMS before 2020.2 has XSS during PackageController uninstall.

4.3
2020-05-07 CVE-2020-5750 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature.

4.3
2020-05-07 CVE-2020-5748 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature.

4.3
2020-05-07 CVE-2020-5745 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Cross-site request forgery in TCExam 14.2.2 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.

4.3
2020-05-07 CVE-2020-12679 Mitel Cross-site Scripting vulnerability in Mitel Mivoice Connect and Shoretel Conference web

A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATH_INFO to home.php.

4.3
2020-05-07 CVE-2020-12696 Iframe Project Cross-site Scripting vulnerability in Iframe Project Iframe

The iframe plugin before 4.5 for WordPress does not sanitize a URL.

4.3
2020-05-06 CVE-2020-11727 Algolplus Cross-site Scripting vulnerability in Algolplus Advanced Order Export 3.1.3

A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter.

4.3
2020-05-06 CVE-2020-3313 Cisco Cross-site Scripting vulnerability in Cisco Firepower Management Center

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the FMC Software.

4.3
2020-05-06 CVE-2020-3246 Cisco Injection vulnerability in Cisco Umbrella

A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user of an affected service.

4.3
2020-05-06 CVE-2020-12108 GNU Injection vulnerability in GNU Mailman

/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.

4.3
2020-05-06 CVE-2020-2186 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Amazon EC2

A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.50.1 and earlier allows attackers to provision instances.

4.3
2020-05-06 CVE-2020-2184 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Current Versions Systems

A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and earlier allows attackers to create and manipulate tags, and to connect to an attacker-specified URL.

4.3
2020-05-05 CVE-2020-10630 SAE IT Cross-site Scripting vulnerability in Sae-It Net-Line Fw-50 Firmware

SAE IT-systems FW-50 Remote Telemetry Unit (RTU).

4.3
2020-05-05 CVE-2020-8033 Commscope Cross-site Scripting vulnerability in Commscope Ruckus Zoneflex R500 Firmware 3.4.2.0.384

Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Name field.

4.3
2020-05-05 CVE-2020-5517 Blueonyx Cross-Site Request Forgery (CSRF) vulnerability in Blueonyx 5209R Firmware

CSRF in the /login URI in BlueOnyx 5209R allows an attacker to access the dashboard and perform scraping or other analysis.

4.3
2020-05-05 CVE-2019-19515 Ayision Cross-site Scripting vulnerability in Ayision Ays-Wr01 Firmware V28K.Rpt.20161224

Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in wireless settings.

4.3
2020-05-05 CVE-2020-11737 Zimbra Cross-site Scripting vulnerability in Zimbra 9.0.0

A cross-site scripting (XSS) vulnerability in Web Client in Zimbra 9.0 allows a remote attacker to craft links in an E-Mail message or calendar invite to execute arbitrary JavaScript.

4.3
2020-05-05 CVE-2017-18866 Netgear Cross-site Scripting vulnerability in Netgear products

Certain NETGEAR devices are affected by stored XSS.

4.3
2020-05-05 CVE-2020-12654 Linux Out-of-bounds Write vulnerability in Linux Kernel

An issue was found in Linux kernel before 5.5.4.

4.3
2020-05-04 CVE-2020-8896 Google Classic Buffer Overflow vulnerability in Google Earth

A Buffer Overflow vulnerability in the khcrypt implementation in Google Earth Pro versions up to and including 7.3.2 allows an attacker to perform a Man-in-the-Middle attack using a specially crafted key to read data past the end of the buffer used to hold it.

4.3
2020-05-04 CVE-2020-5334 RSA Cross-site Scripting vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability.

4.3
2020-05-04 CVE-2020-10618 Lcds Information Exposure vulnerability in Lcds Laquis Scada

LCDS LAquis SCADA Versions 4.3.1 and prior.

4.3
2020-05-04 CVE-2018-21233 Google Out-of-bounds Read vulnerability in Google Tensorflow

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory.

4.3
2020-05-04 CVE-2020-12639 Phplist Cross-site Scripting vulnerability in PHPlist

phpList before 3.5.3 allows XSS, with resultant privilege elevation, via lists/admin/template.php.

4.3
2020-05-04 CVE-2020-11462 Openvpn XML Entity Expansion vulnerability in Openvpn Access Server

An issue was discovered in OpenVPN Access Server before 2.7.0 and 2.8.x before 2.8.3.

4.3
2020-05-04 CVE-2020-10187 Doorkeeper Project Information Exposure vulnerability in Doorkeeper Project Doorkeeper

Doorkeeper version 5.0.0 and later contains an information disclosure vulnerability that allows an attacker to retrieve the client secret only intended for the OAuth application owner.

4.3
2020-05-04 CVE-2020-12626 Roundcube
Debian
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

An issue was discovered in Roundcube Webmail before 1.4.4.

4.3
2020-05-04 CVE-2020-12625 Roundcube
Debian
Cross-site Scripting vulnerability in multiple products

An issue was discovered in Roundcube Webmail before 1.4.4.

4.3
2020-05-08 CVE-2020-12737 Maxum Path Traversal vulnerability in Maxum Rumpus

An issue was discovered in Maxum Rumpus before 8.2.12 on macOS.

4.0
2020-05-07 CVE-2020-4430 IBM Path Traversal vulnerability in IBM Data Risk Manager

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system.

4.0
2020-05-07 CVE-2020-5744 Tecnick Path Traversal vulnerability in Tecnick Tcexam 14.2.2

Relative Path Traversal in TCExam 14.2.2 allows a remote, authenticated attacker to read the contents of arbitrary files on disk.

4.0
2020-05-07 CVE-2020-5743 Tecnick Information Exposure vulnerability in Tecnick Tcexam 14.2.2

Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission.

4.0
2020-05-07 CVE-2020-12687 Serpico Project Exposure of Resource to Wrong Sphere vulnerability in Serpico Project Serpico 1.3.0

An issue was discovered in Serpico before 1.3.3.

4.0
2020-05-07 CVE-2019-18870 Blaauwproducts Path Traversal vulnerability in Blaauwproducts Remote Kiln Control 3.0.0

A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine.

4.0
2020-05-06 CVE-2020-3329 Cisco Improper Privilege Management vulnerability in Cisco products

A vulnerability in role-based access control of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system.

4.0
2020-05-06 CVE-2020-3308 Cisco Improper Verification of Cryptographic Signature vulnerability in Cisco products

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device.

4.0
2020-05-06 CVE-2020-3256 Cisco XXE vulnerability in Cisco Hosted Collaboration Mediation Fulfillment

A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system.

4.0
2020-05-06 CVE-2020-4446 IBM Incorrect Authorization vulnerability in IBM products

IBM Business Process Manager 8.0, 8.5, and 8.6 and IBM Business Automation Workflow 18.0 and 19.0 could allow a remote attacker to bypass security restrictions, caused by the failure to perform insufficient authorization checks.

4.0
2020-05-06 CVE-2020-2188 Jenkins Incorrect Authorization vulnerability in Jenkins Amazon EC2

A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

4.0
2020-05-06 CVE-2020-2183 Jenkins Incorrect Default Permissions vulnerability in Jenkins Copy Artifact

Jenkins Copy Artifact Plugin 1.43.1 and earlier performs improper permission checks, allowing attackers to copy artifacts from jobs they have no permission to access.

4.0
2020-05-06 CVE-2020-2182 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Credentials Binding

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets containing a `$` character in some circumstances.

4.0
2020-05-06 CVE-2020-2181 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Credentials Binding

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets in the build log when the build contains no build steps.

4.0
2020-05-05 CVE-2020-10859 Zohocorp Path Traversal vulnerability in Zohocorp Manageengine Desktop Central

Zoho ManageEngine Desktop Central before 10.0.484 allows authenticated arbitrary file writes during ZIP archive extraction via Directory Traversal in a crafted AppDependency API request.

4.0
2020-05-05 CVE-2020-12144 Silver Peak Improper Certificate Validation vulnerability in Silver-Peak products

The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated.

4.0
2020-05-05 CVE-2020-12143 Silver Peak Improper Certificate Validation vulnerability in Silver-Peak products

The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator.

4.0
2020-05-05 CVE-2020-12142 Silver Peak Exposure of Resource to Wrong Sphere vulnerability in Silver-Peak products

1.

4.0
2020-05-04 CVE-2020-5333 RSA Incorrect Authorization vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the REST API.

4.0
2020-05-04 CVE-2020-8791 Oklok Project Information Exposure vulnerability in Oklok Project Oklok 3.1.1

The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) allows remote attackers to submit API requests using authenticated but unauthorized tokens, resulting in IDOR issues.

4.0

45 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-08 CVE-2020-7267 Mcafee Improper Privilege Management vulnerability in Mcafee Virusscan Enterprise 8.8

Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.

3.6
2020-05-08 CVE-2020-7266 Mcafee Improper Privilege Management vulnerability in Mcafee Virusscan Enterprise 1.9.0/1.9.1/2.0.0

Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.

3.6
2020-05-08 CVE-2020-7265 Mcafee Improper Privilege Management vulnerability in Mcafee Endpoint Security

Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.

3.6
2020-05-08 CVE-2020-7264 Mcafee Improper Privilege Management vulnerability in Mcafee Endpoint Security

Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.

3.6
2020-05-08 CVE-2020-11006 Shopizer Cross-site Scripting vulnerability in Shopizer

In Shopizer before version 2.11.0, a script can be injected in various forms and saved in the database, then executed when information is fetched from backend.

3.5
2020-05-08 CVE-2020-12718 PHP Fusion Cross-site Scripting vulnerability in PHP-Fusion 9.03.50

In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature.

3.5
2020-05-07 CVE-2020-11055 Bookstackapp Cross-site Scripting vulnerability in Bookstackapp Bookstack

In BookStack greater than or equal to 0.18.0 and less than 0.29.2, there is an XSS vulnerability in comment creation.

3.5
2020-05-07 CVE-2020-12706 PHP Fusion Cross-site Scripting vulnerability in PHP-Fusion 9.03.50

Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faq_admin.php or shoutbox_panel/shoutbox_admin.php

3.5
2020-05-07 CVE-2020-11049 Freerdp
Canonical
Out-of-bounds Read vulnerability in multiple products

In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser.

3.5
2020-05-07 CVE-2020-11048 Freerdp
Canonical
Out-of-bounds Read vulnerability in multiple products

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read.

3.5
2020-05-07 CVE-2020-11046 Freerdp
Canonical
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.

3.5
2020-05-07 CVE-2020-11044 Freerdp Double Free vulnerability in Freerdp

In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed.

3.5
2020-05-07 CVE-2020-5751 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted operator.

3.5
2020-05-07 CVE-2020-5749 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted group.

3.5
2020-05-07 CVE-2020-5747 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.

3.5
2020-05-07 CVE-2020-5746 Tecnick Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.

3.5
2020-05-07 CVE-2020-12683 Katyshop2 Project Cross-site Scripting vulnerability in Katyshop2 Project Katyshop2

Katyshop2 before 2.12 has multiple stored XSS issues.

3.5
2020-05-06 CVE-2020-7921 Mongodb Incorrect Authorization vulnerability in Mongodb

Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechanisms following administrative action.

3.5
2020-05-06 CVE-2020-4384 IBM Cross-site Scripting vulnerability in IBM products

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting.

3.5
2020-05-05 CVE-2020-11036 Glpi Project Cross-site Scripting vulnerability in Glpi-Project Glpi

In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities.

3.5
2020-05-05 CVE-2019-20768 Servicenow Cross-site Scripting vulnerability in Servicenow IT Service Management Kingston/London/Madrid

ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do.

3.5
2020-05-05 CVE-2020-11051 Requarks Cross-site Scripting vulnerability in Requarks Wiki.Js

In Wiki.js before 2.3.81, there is a stored XSS in the Markdown editor.

3.5
2020-05-05 CVE-2019-19514 Ayision Cross-site Scripting vulnerability in Ayision Ays-Wr01 Firmware V28K.Rpt.20161224

Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in basic repeater settings via an SSID.

3.5
2020-05-05 CVE-2020-8799 Webtechideas Cross-site Scripting vulnerability in Webtechideas WTI Like Post

A Stored XSS vulnerability has been found in the administration page of the WTI Like Post plugin through 1.4.5 for WordPress.

3.5
2020-05-04 CVE-2020-12629 Enhancesoft Cross-site Scripting vulnerability in Enhancesoft Osticket

include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name.

3.5
2020-05-04 CVE-2019-17557 Apache Cross-site Scripting vulnerability in Apache Syncope

It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters.

3.5
2020-05-08 CVE-2020-6616 Google Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Google Android

Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing.

3.3
2020-05-04 CVE-2020-10700 Samba
Fedoraproject
Opensuse
Use After Free vulnerability in multiple products

A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control.

2.6
2020-05-09 CVE-2020-12768 Linux Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel

** DISPUTED ** An issue was discovered in the Linux kernel before 5.6.

2.1
2020-05-09 CVE-2020-12767 Libexif Project
Debian
Divide By Zero vulnerability in multiple products

exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.

2.1
2020-05-09 CVE-2019-20795 Iproute2 Project
Canonical
Use After Free vulnerability in multiple products

iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c.

2.1
2020-05-09 CVE-2020-12755 KDE Information Exposure vulnerability in KDE Kio-Extras

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option.

2.1
2020-05-08 CVE-2020-11541 Techsmith XXE vulnerability in Techsmith Snagit

In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity (XXE) injection issue exists that would allow a local attacker to exfiltrate data under the local Administrator account.

2.1
2020-05-08 CVE-2020-12680 Avira Insufficiently Protected Credentials vulnerability in Avira Free Antivirus

** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials.

2.1
2020-05-07 CVE-2015-7946 Ubports Information Exposure vulnerability in Ubports Unity8

Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere.

2.1
2020-05-06 CVE-2020-3301 Cisco Use of Hard-coded Credentials vulnerability in Cisco Firepower Management Center

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account.

2.1
2020-05-06 CVE-2020-6861 Ledger Information Exposure vulnerability in Ledger Monero

A flawed protocol design in the Ledger Monero app before 1.5.1 for Ledger Nano and Ledger S devices allows a local attacker to extract the master spending key by sending crafted messages to this app selected on a PIN-entered Ledger connected to a host PC.

2.1
2020-05-06 CVE-2019-4266 IBM Improper Privilege Management vulnerability in IBM Maximo Anywhere

IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does not have device jailbreak detection which could result in an attacker gaining sensitive information about the device.

2.1
2020-05-05 CVE-2020-12656 Linux Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel

** DISPUTED ** gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak.

2.1
2020-05-05 CVE-2020-12655 Linux Resource Exhaustion vulnerability in Linux Kernel

An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10.

2.1
2020-05-04 CVE-2020-10717 Qemu Resource Exhaustion vulnerability in Qemu 5.0/5.0.0

A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0.

2.1
2020-05-04 CVE-2020-5331 RSA Information Exposure vulnerability in RSA Archer

RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability.

2.1
2020-05-04 CVE-2020-12475 TP Link Path Traversal vulnerability in Tp-Link Omada Controller 3.2.6

TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar.

2.1
2020-05-04 CVE-2019-12864 Solarwinds Information Exposure vulnerability in Solarwinds products

SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter.

2.1
2020-05-04 CVE-2020-12114 Linux Race Condition vulnerability in Linux Kernel

A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.

1.9