Weekly Vulnerabilities Reports > May 11 to 17, 2020
Overview
264 new vulnerabilities reported during this period, including 38 critical vulnerabilities and 115 high severity vulnerabilities. This weekly summary report vulnerabilities in 403 products from 93 vendors including Google, IBM, Paloaltonetworks, SAP, and Debian. Vulnerabilities are notably categorized as "Out-of-bounds Write", "Cross-site Scripting", "Missing Authorization", "Improper Input Validation", and "Out-of-bounds Read".
- 173 reported vulnerabilities are remotely exploitables.
- 4 reported vulnerabilities have public exploit available.
- 60 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 140 reported vulnerabilities are exploitable by an anonymous user.
- Google has the most reported vulnerabilities, with 32 reported vulnerabilities.
- Google has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
38 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-14 | CVE-2020-11066 | Typo3 | Unspecified vulnerability in Typo3 In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, calling unserialize() on malicious user-submitted content can lead to modification of dynamically-determined object attributes and result in triggering deletion of an arbitrary directory in the file system, if it is writable for the web server. | 10.0 |
2020-05-17 | CVE-2020-13126 | Elementor | Unrestricted Upload of File with Dangerous Type vulnerability in Elementor Page Builder An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. | 9.9 |
2020-05-16 | CVE-2020-13118 | Mikrotik Router Monitoring System Project | SQL Injection vulnerability in Mikrotik-Router-Monitoring-System Project Mikrotik-Router-Monitoring-System 20181022 An issue was discovered in Mikrotik-Router-Monitoring-System through 2018-10-22. | 9.8 |
2020-05-16 | CVE-2020-13109 | Seta | Out-of-bounds Write vulnerability in Seta Morita Shogi 64 20200502 Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remote attackers to execute arbitrary code via crafted packet data to the built-in modem because 0x800b3e94 (aka the IF subcommand to top-level command 7) has a stack-based buffer overflow. | 9.8 |
2020-05-15 | CVE-2020-8149 | Logkitty Project | Code Injection vulnerability in Logkitty Project Logkitty Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1. | 9.8 |
2020-05-15 | CVE-2020-13092 | Scikit Learn | Deserialization of Untrusted Data vulnerability in Scikit-Learn scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load() function, if __reduce__ makes an os.system call. | 9.8 |
2020-05-15 | CVE-2020-13091 | Numfocus | Deserialization of Untrusted Data vulnerability in Numfocus Pandas pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the read_pickle() function, if __reduce__ makes an os.system call. | 9.8 |
2020-05-15 | CVE-2020-12889 | Misp | Unspecified vulnerability in Misp Misp-Maltego 1.4.4 MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across users in a remote-transform use case. | 9.8 |
2020-05-15 | CVE-2020-12651 | Vandyke | Integer Overflow or Wraparound vulnerability in Vandyke Securecrt SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that exceeds INT_MAX. | 9.8 |
2020-05-15 | CVE-2019-18666 | Dlink | Missing Authentication for Critical Function vulnerability in Dlink Dap-1360 Revision F Firmware 6.12B01 An issue was discovered on D-Link DAP-1360 revision F devices. | 9.8 |
2020-05-15 | CVE-2020-12834 | EQ 3 | Incorrect Default Permissions vulnerability in Eq-3 Ccu3 Firmware and Homematic Ccu2 Firmware eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup (or factory reset). | 9.8 |
2020-05-14 | CVE-2020-10620 | Opto22 | Missing Authorization vulnerability in Opto22 Softpac Project 9.6 Opto 22 SoftPAC Project Version 9.6 and prior. | 9.8 |
2020-05-14 | CVE-2020-0221 | Incorrect Calculation vulnerability in Google Android Airbrush FW's scratch memory allocator is susceptible to numeric overflow. | 9.8 | |
2020-05-14 | CVE-2020-0103 | Release of Invalid Pointer or Reference vulnerability in Google Android 10.0/9.0 In a2dp_aac_decoder_cleanup of a2dp_aac_decoder.cc, there is a possible invalid free due to memory corruption. | 9.8 | |
2020-05-14 | CVE-2020-12874 | Veritas | Improper Authentication vulnerability in Veritas Aptare Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server. | 9.8 |
2020-05-14 | CVE-2020-11973 | Apache Oracle | Deserialization of Untrusted Data vulnerability in multiple products Apache Camel Netty enables Java deserialization by default. | 9.8 |
2020-05-14 | CVE-2020-11972 | Apache Oracle | Deserialization of Untrusted Data vulnerability in multiple products Apache Camel RabbitMQ enables Java deserialization by default. | 9.8 |
2020-05-14 | CVE-2019-17562 | Apache | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apache Cloudstack A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. | 9.8 |
2020-05-14 | CVE-2019-13022 | Jetstream | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Jetstream Jetselect Bond JetSelect (all versions) has an issue in the Java class (ENCtool.jar) and corresponding password generation algorithm (used to set initial passwords upon first installation). | 9.8 |
2020-05-13 | CVE-2020-2001 | Paloaltonetworks | Out-of-bounds Write vulnerability in Paloaltonetworks Pan-Os An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. | 9.8 |
2020-05-13 | CVE-2020-12832 | Simplefilelist | Path Traversal vulnerability in Simplefilelist Simple-File-List WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. | 9.8 |
2020-05-13 | CVE-2020-9502 | Dahuasecurity | Use of Insufficiently Random Values vulnerability in Dahuasecurity products Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. | 9.8 |
2020-05-13 | CVE-2020-7454 | Freebsd | Out-of-bounds Write vulnerability in Freebsd 11.3/11.4/12.1 In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was built into the module. | 9.8 |
2020-05-13 | CVE-2019-15880 | Freebsd | Improper Input Validation vulnerability in Freebsd 12.1 In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic. | 9.8 |
2020-05-13 | CVE-2020-12763 | Trendnet | Out-of-bounds Write vulnerability in Trendnet Tv-Ip512Wn Firmware 1.0.4 TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. | 9.8 |
2020-05-13 | CVE-2020-10654 | Pingidentity | Out-of-bounds Write vulnerability in Pingidentity Pingid SSH Integration Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. | 9.8 |
2020-05-12 | CVE-2020-6242 | SAP | Missing Authentication for Critical Function vulnerability in SAP Businessobjects Business Intelligence Platform SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an attacker to logon on the Central Management Console without password in case of the BIPRWS application server was not protected with some specific certificate, leading to Missing Authentication Check. | 9.8 |
2020-05-12 | CVE-2020-12823 | Infradead Fedoraproject Debian Opensuse | Classic Buffer Overflow vulnerability in multiple products OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c. | 9.8 |
2020-05-12 | CVE-2020-1939 | Apache | NULL Pointer Dereference vulnerability in Apache Nuttx The Apache NuttX (Incubating) project provides an optional separate "apps" repository which contains various optional components and example programs. | 9.8 |
2020-05-12 | CVE-2020-8159 | Rubyonrails Debian | Path Traversal vulnerability in multiple products There is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view. | 9.8 |
2020-05-11 | CVE-2020-10022 | Zephyrproject | Classic Buffer Overflow vulnerability in Zephyrproject Zephyr 2.1.0/2.2.0 A malformed JSON payload that is received from an UpdateHub server may trigger memory corruption in the Zephyr OS. | 9.8 |
2020-05-11 | CVE-2018-1285 | Apache Fedoraproject Oracle Netapp | XXE vulnerability in multiple products Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. | 9.8 |
2020-05-11 | CVE-2020-12753 | Out-of-bounds Write vulnerability in Google Android An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. | 9.8 | |
2020-05-11 | CVE-2020-12747 | Out-of-bounds Write vulnerability in Google Android 10.0 An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos980 9630 and Exynos990 9830 chipsets) software. | 9.8 | |
2020-05-11 | CVE-2020-12746 | Out-of-bounds Write vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) (Exynos chipsets) software. | 9.8 | |
2020-05-11 | CVE-2020-12743 | Gazie Project | Files or Directories Accessible to External Parties vulnerability in Gazie Project Gazie An issue was discovered in Gazie 7.32. | 9.8 |
2020-05-14 | CVE-2020-10612 | Opto22 | Missing Authorization vulnerability in Opto22 Softpac Project 9.6 Opto 22 SoftPAC Project Version 9.6 and prior. | 9.1 |
2020-05-13 | CVE-2020-2018 | Paloaltonetworks | Improper Authentication vulnerability in Paloaltonetworks Pan-Os An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. | 9.0 |
115 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-14 | CVE-2020-10616 | Opto22 | Uncontrolled Search Path Element vulnerability in Opto22 Softpac Project 9.6 Opto 22 SoftPAC Project Version 9.6 and prior. | 8.8 |
2020-05-14 | CVE-2020-5577 | Sixapart | Unrestricted Upload of File with Dangerous Type vulnerability in Sixapart Movable Type Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allow remote authenticated attackers to upload arbitrary files and execute a php script via unspecified vectors. | 8.8 |
2020-05-14 | CVE-2020-5576 | Sixapart | Cross-Site Request Forgery (CSRF) vulnerability in Sixapart Movable Type Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
2020-05-14 | CVE-2020-11069 | Typo3 | Unspecified vulnerability in Typo3 In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has been discovered that the backend user interface and install tool are vulnerable to a same-site request forgery. | 8.8 |
2020-05-14 | CVE-2020-11067 | Typo3 | Deserialization of Untrusted Data vulnerability in Typo3 In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has been discovered that backend user settings (in $BE_USER->uc) are vulnerable to insecure deserialization. | 8.8 |
2020-05-13 | CVE-2020-2015 | Paloaltonetworks | Classic Buffer Overflow vulnerability in Paloaltonetworks Pan-Os A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. | 8.8 |
2020-05-13 | CVE-2020-2014 | Paloaltonetworks | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. | 8.8 |
2020-05-13 | CVE-2020-2013 | Paloaltonetworks | Cleartext Transmission of Sensitive Information vulnerability in Paloaltonetworks Pan-Os A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. | 8.8 |
2020-05-13 | CVE-2020-2006 | Paloaltonetworks | Out-of-bounds Write vulnerability in Paloaltonetworks Pan-Os A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. | 8.8 |
2020-05-13 | CVE-2020-1998 | Paloaltonetworks | Incorrect Authorization vulnerability in Paloaltonetworks Pan-Os An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. | 8.8 |
2020-05-13 | CVE-2020-1714 | Redhat Quarkus | Improper Input Validation vulnerability in multiple products A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. | 8.8 |
2020-05-13 | CVE-2020-5407 | Pivotal Software | Improper Verification of Cryptographic Signature vulnerability in Pivotal Software Spring Security Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. | 8.8 |
2020-05-13 | CVE-2020-12427 | Westerndigital | Cross-Site Request Forgery (CSRF) vulnerability in Westerndigital WD Discovery 2.12.127 The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space. | 8.8 |
2020-05-13 | CVE-2019-16112 | Tylertech | Deserialization of Untrusted Data vulnerability in Tylertech Eagle 2018.3.11 TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI. | 8.8 |
2020-05-12 | CVE-2020-1718 | Redhat | Improper Authentication vulnerability in Redhat Keycloak A flaw was found in the reset credential flow in all Keycloak versions before 8.0.0. | 8.8 |
2020-05-12 | CVE-2020-11057 | Xwiki | Code Injection vulnerability in Xwiki In XWiki Platform 7.2 through 11.10.2, registered users without scripting/programming permissions are able to execute python/groovy scripts while editing personal dashboards. | 8.8 |
2020-05-12 | CVE-2020-12772 | Igniterealtime | Information Exposure vulnerability in Igniterealtime Spark 2.8.3 An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. | 8.8 |
2020-05-12 | CVE-2020-11060 | Glpi Project | Cross-Site Request Forgery (CSRF) vulnerability in Glpi-Project Glpi In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. | 8.8 |
2020-05-12 | CVE-2020-6262 | SAP | Code Injection vulnerability in SAP Application Server Service Data Download in SAP Application Server ABAP (ST-PI, before versions 2008_1_46C, 2008_1_620, 2008_1_640, 2008_1_700, 2008_1_710, 740) allows an attacker to inject code that can be executed by the application. | 8.8 |
2020-05-12 | CVE-2020-6249 | SAP | SQL Injection vulnerability in SAP products The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAP_BS_FND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection. | 8.8 |
2020-05-12 | CVE-2020-6243 | SAP | Code Injection vulnerability in SAP Adaptive Server Enterprise 15.7/16.0 Under certain conditions, SAP Adaptive Server Enterprise (XP Server on Windows Platform), versions 15.7, 16.0, does not perform the necessary checks for an authenticated user while executing the extended stored procedure, allowing an attacker to read, modify, delete restricted data on connected servers, leading to Code Injection. | 8.8 |
2020-05-12 | CVE-2020-6241 | SAP | SQL Injection vulnerability in SAP Adaptive Server Enterprise 16.0 SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection. | 8.8 |
2020-05-12 | CVE-2020-5897 | F5 | Use After Free vulnerability in F5 Big-Ip Access Policy Manager In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component. | 8.8 |
2020-05-11 | CVE-2020-12760 | Opennms | Deserialization of Untrusted Data vulnerability in Opennms Horizon and Opennms Meridian An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian before 2018.1.19 and 2019 before 2019.1.7. | 8.8 |
2020-05-11 | CVE-2020-11108 | PI Hole | Unrestricted Upload of File with Dangerous Type vulnerability in Pi-Hole The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. | 8.8 |
2020-05-12 | CVE-2020-11072 | Simpleledger | Incorrect Comparison vulnerability in Simpleledger Slp-Validate 1.0.0 In SLP Validate (npm package slp-validate) before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. | 8.6 |
2020-05-12 | CVE-2020-11071 | Simpleledger | Incorrect Comparison vulnerability in Simpleledger Slpjs SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. | 8.6 |
2020-05-15 | CVE-2019-20390 | Intelliants | Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion 4.2.1 A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Subrion CMS 4.2.1 that allows a remote attacker to remove files on the server without a victim's knowledge, by enticing an authenticated user to visit an attacker's web page. | 8.1 |
2020-05-13 | CVE-2020-2002 | Paloaltonetworks | Authentication Bypass by Spoofing vulnerability in Paloaltonetworks Pan-Os An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. | 8.1 |
2020-05-13 | CVE-2019-9682 | Dahuasecurity | Incorrect Default Permissions vulnerability in Dahuasecurity products Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. | 8.1 |
2020-05-12 | CVE-2020-8153 | Nextcloud Fedoraproject | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same name. | 8.1 |
2020-05-11 | CVE-2020-12785 | Cpanel | Unspecified vulnerability in Cpanel cPanel before 86.0.14 allows attackers to obtain access to the current working directory via the account backup feature (SEC-540). | 8.1 |
2020-05-12 | CVE-2020-6252 | SAP | Unspecified vulnerability in SAP Adaptive Server Enterprise Cockpit 16.0 Under certain conditions SAP Adaptive Server Enterprise (Cockpit), version 16.0, allows an attacker with access to local network, to get sensitive and confidential information, leading to Information Disclosure. | 8.0 |
2020-05-16 | CVE-2020-13110 | Kerberos Project | Uncontrolled Search Path Element vulnerability in Kerberos Project Kerberos The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search. | 7.8 |
2020-05-15 | CVE-2020-12798 | SUN Denshi | Improper Privilege Management vulnerability in Sun-Denshi Universal Forensic Extraction Device Firmware 5.0/7.5.0.845 Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system policies that can be circumvented to obtain a command prompt via the Windows file dialog that is reachable via the Certificate-Based Authentication option of the Wireless Network Connection screen. | 7.8 |
2020-05-15 | CVE-2019-19721 | Videolan | Off-by-one Error vulnerability in Videolan VLC Media Player An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted image file. | 7.8 |
2020-05-15 | CVE-2018-10756 | Transmissionbt Debian Fedoraproject | Use After Free vulnerability in multiple products Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file. | 7.8 |
2020-05-14 | CVE-2020-0110 | Google Intel | Out-of-bounds Write vulnerability in multiple products In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
2020-05-14 | CVE-2020-0109 | Missing Authorization vulnerability in Google Android 10.0/9.0 In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. | 7.8 | |
2020-05-14 | CVE-2020-0105 | Missing Authorization vulnerability in Google Android 10.0/9.0 In onKeyguardVisibilityChanged of key_store_service.cpp, there is a missing permission check. | 7.8 | |
2020-05-14 | CVE-2020-0102 | Out-of-bounds Write vulnerability in Google Android In GattServer::SendResponse of gatt_server.cc, there is a possible out of bounds write due to an incorrect bounds check. | 7.8 | |
2020-05-14 | CVE-2020-0098 | Unspecified vulnerability in Google Android In navigateUpToLocked of ActivityStack.java, there is a possible permission bypass due to a confused deputy. | 7.8 | |
2020-05-14 | CVE-2020-0097 | Incorrect Authorization vulnerability in Google Android 10.0/9.0 In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. | 7.8 | |
2020-05-14 | CVE-2020-0096 | Unspecified vulnerability in Google Android 8.0/8.1/9.0 In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. | 7.8 | |
2020-05-14 | CVE-2020-0094 | Out-of-bounds Write vulnerability in Google Android 10.0/9.0 In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. | 7.8 | |
2020-05-14 | CVE-2020-0024 | Incorrect Default Permissions vulnerability in Google Android In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. | 7.8 | |
2020-05-14 | CVE-2020-4468 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. | 7.8 |
2020-05-14 | CVE-2020-4467 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. | 7.8 |
2020-05-14 | CVE-2020-4422 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
2020-05-14 | CVE-2020-4343 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
2020-05-14 | CVE-2020-4288 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. | 7.8 |
2020-05-14 | CVE-2020-4287 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. | 7.8 |
2020-05-14 | CVE-2020-4285 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. | 7.8 |
2020-05-14 | CVE-2020-4266 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
2020-05-14 | CVE-2020-4264 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
2020-05-14 | CVE-2020-4263 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
2020-05-14 | CVE-2020-4262 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
2020-05-14 | CVE-2020-4261 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
2020-05-14 | CVE-2020-4258 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
2020-05-14 | CVE-2020-4257 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
2020-05-14 | CVE-2020-10626 | Fazecast Schneider Electric | Uncontrolled Search Path Element vulnerability in multiple products In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code. | 7.8 |
2020-05-13 | CVE-2020-11073 | Autoswitch Python Virtualenv Project | Path Traversal vulnerability in Autoswitch Python Virtualenv Project Autoswitch Python Virtualenv In Autoswitch Python Virtualenv before version 0.16.0, a user who enters a directory with a malicious `.venv` file could run arbitrary code without any user interaction. | 7.8 |
2020-05-13 | CVE-2019-15878 | Freebsd | Use After Free vulnerability in Freebsd 11.3/12.1 In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when an application tries to update an SCTP-AUTH shared key. | 7.8 |
2020-05-12 | CVE-2020-6244 | SAP | Uncontrolled Search Path Element vulnerability in SAP Business Client 7.0 SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. | 7.8 |
2020-05-12 | CVE-2020-5896 | F5 | Incorrect Default Permissions vulnerability in F5 Big-Ip Access Policy Manager On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions. | 7.8 |
2020-05-11 | CVE-2020-10067 | Zephyrproject | Integer Overflow or Wraparound vulnerability in Zephyrproject Zephyr 1.14.1/2.1.0 A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. | 7.8 |
2020-05-11 | CVE-2020-10058 | Zephyrproject | Improper Input Validation vulnerability in Zephyrproject Zephyr 2.1.0 Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. | 7.8 |
2020-05-11 | CVE-2020-10028 | Zephyrproject | Improper Input Validation vulnerability in Zephyrproject Zephyr 1.14.0/2.1.0 Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. | 7.8 |
2020-05-11 | CVE-2020-10027 | Zephyrproject | Incorrect Comparison vulnerability in Zephyrproject Zephyr 1.14.0/2.1.0 An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. | 7.8 |
2020-05-11 | CVE-2020-10024 | Zephyrproject | Incorrect Comparison vulnerability in Zephyrproject Zephyr 1.14.2/2.1.0 The arm platform-specific code uses a signed integer comparison when validating system call numbers. | 7.8 |
2020-05-11 | CVE-2020-10021 | Zephyrproject | Out-of-bounds Write vulnerability in Zephyrproject Zephyr Out-of-bounds Write in the USB Mass Storage memoryWrite handler with unaligned Sizes See NCC-ZEP-024, NCC-ZEP-025, NCC-ZEP-026 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. | 7.8 |
2020-05-11 | CVE-2020-10019 | Zephyrproject | Classic Buffer Overflow vulnerability in Zephyrproject Zephyr USB DFU has a potential buffer overflow where the requested length (wLength) is not checked against the buffer size. | 7.8 |
2020-05-11 | CVE-2020-5837 | Symantec | Link Following vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege. | 7.8 |
2020-05-11 | CVE-2020-5836 | Symantec | Unspecified vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled. | 7.8 |
2020-05-11 | CVE-2019-19162 | Tobesoft | Use After Free vulnerability in Tobesoft Xplatform A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1 to 9.2.2 may lead to code execution on a system running it. | 7.8 |
2020-05-11 | CVE-2020-12754 | Unspecified vulnerability in Google Android An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. | 7.8 | |
2020-05-11 | CVE-2020-12751 | Out-of-bounds Write vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) software. | 7.8 | |
2020-05-11 | CVE-2020-12749 | Classic Buffer Overflow vulnerability in Google Android 9.0 An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. | 7.8 | |
2020-05-11 | CVE-2020-11866 | Libemf Project Opensuse Fedoraproject | Use After Free vulnerability in multiple products libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free. | 7.8 |
2020-05-11 | CVE-2020-11865 | Libemf Project Opensuse Fedoraproject | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. | 7.8 |
2020-05-11 | CVE-2020-5538 | Jalinfotec | Unspecified vulnerability in Jalinfotec Pallet Control 6.2/6.3 Improper Access Control in PALLET CONTROL Ver. | 7.8 |
2020-05-12 | CVE-2020-8154 | Nextcloud | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Server An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint. | 7.7 |
2020-05-16 | CVE-2020-13111 | Naviserver Project | Out-of-bounds Write vulnerability in Naviserver Project Naviserver NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/driver.c ChunkedDecode function not properly validating the length of a chunk. | 7.5 |
2020-05-15 | CVE-2020-8100 | Bitdefender | Improper Input Validation vulnerability in Bitdefender Engines Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample. | 7.5 |
2020-05-14 | CVE-2020-12877 | Veritas | Missing Authentication for Critical Function vulnerability in Veritas Aptare Veritas APTARE versions prior to 10.4 allowed sensitive information to be accessible without authentication. | 7.5 |
2020-05-14 | CVE-2020-12876 | Veritas | Incorrect Authorization vulnerability in Veritas Aptare Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. | 7.5 |
2020-05-14 | CVE-2020-11971 | Apache Oracle | Apache Camel's JMX is vulnerable to Rebind Flaw. | 7.5 |
2020-05-13 | CVE-2020-2012 | Paloaltonetworks | XXE vulnerability in Paloaltonetworks Pan-Os Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system. | 7.5 |
2020-05-13 | CVE-2020-2011 | Paloaltonetworks | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. | 7.5 |
2020-05-13 | CVE-2020-3341 | Cisco Canonical Fedoraproject Debian | Improper Input Validation vulnerability in multiple products A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
2020-05-13 | CVE-2020-3327 | Cisco Debian Fedoraproject Canonical | Improper Input Validation vulnerability in multiple products A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
2020-05-12 | CVE-2020-6247 | SAP | Unspecified vulnerability in SAP Businessobjects Business Intelligence Platform 4.2 SAP Business Objects Business Intelligence Platform, version 4.2, allows an unauthenticated attacker to prevent legitimate users from accessing a service. | 7.5 |
2020-05-12 | CVE-2020-6240 | SAP | Unspecified vulnerability in SAP Netweaver Application Server Abap SAP NetWeaver AS ABAP (Web Dynpro ABAP), versions (SAP_UI 750, 752, 753, 754 and SAP_BASIS 700, 710, 730, 731, 804) allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service leading to Denial of Service | 7.5 |
2020-05-12 | CVE-2020-1763 | Libreswan | Unspecified vulnerability in Libreswan An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. | 7.5 |
2020-05-12 | CVE-2020-8151 | Rubyonrails Fedoraproject | Incorrect Authorization vulnerability in multiple products There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information. | 7.5 |
2020-05-11 | CVE-2020-9840 | Apple | Unspecified vulnerability in Apple Nioextras In SwiftNIO Extras before 1.4.1, a logic issue was addressed with improved restrictions. | 7.5 |
2020-05-11 | CVE-2020-12790 | Nystudio107 | Injection vulnerability in Nystudio107 Seomatic In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMeta.php does not properly sanitize the URL. | 7.5 |
2020-05-11 | CVE-2019-5500 | Netapp | Unspecified vulnerability in Netapp products Certain versions of the NetApp Service Processor and Baseboard Management Controller firmware allow a remote unauthenticated attacker to cause a Denial of Service (DoS). | 7.5 |
2020-05-11 | CVE-2020-12752 | Improper Restriction of Excessive Authentication Attempts vulnerability in Google Android 10.0/9.0 An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. | 7.5 | |
2020-05-11 | CVE-2020-12750 | Unspecified vulnerability in Google Android 10.0 An issue was discovered on Samsung mobile devices with Q(10.0) software. | 7.5 | |
2020-05-11 | CVE-2020-12745 | Missing Authorization vulnerability in Google Android 10.0 An issue was discovered on Samsung mobile devices with Q(10.0) software. | 7.5 | |
2020-05-11 | CVE-2020-12783 | Exim Fedoraproject Debian Canonical | Out-of-bounds Read vulnerability in multiple products Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. | 7.5 |
2020-05-13 | CVE-2019-15879 | Freebsd | Missing Release of Resource after Effective Lifetime vulnerability in Freebsd 11.3/12.1 In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel memory. | 7.4 |
2020-05-14 | CVE-2020-4265 | IBM | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.3 |
2020-05-13 | CVE-2020-2010 | Paloaltonetworks | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. | 7.2 |
2020-05-13 | CVE-2020-2009 | Paloaltonetworks | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Paloaltonetworks Pan-Os An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. | 7.2 |
2020-05-13 | CVE-2020-2008 | Paloaltonetworks | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. | 7.2 |
2020-05-13 | CVE-2020-2007 | Paloaltonetworks | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. | 7.2 |
2020-05-12 | CVE-2020-6253 | SAP | SQL Injection vulnerability in SAP Adaptive Server Enterprise 15.7/16.0 Under certain conditions, SAP Adaptive Server Enterprise (Web Services), versions 15.7, 16.0, allows an authenticated user to execute crafted database queries to elevate their privileges, modify database objects, or execute commands they are not otherwise authorized to execute, leading to SQL Injection. | 7.2 |
2020-05-12 | CVE-2020-6248 | SAP | Improper Input Validation vulnerability in SAP Adaptive Server Enterprise Backup Server 16.0 SAP Adaptive Server Enterprise (Backup Server), version 16.0, does not perform the necessary validation checks for an authenticated user while executing DUMP or LOAD command allowing arbitrary code execution or Code Injection. | 7.2 |
2020-05-15 | CVE-2020-1808 | Huawei | Out-of-bounds Read vulnerability in Huawei products Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.176(C00E60R2P11);9.1.0.135(C00E133R2P1); versions earlier than 10.1.0.123(C431E22R3P5), versions earlier than 10.1.0.126(C636E5R3P4), versions earlier than 10.1.0.160(C00E160R2P11); versions earlier than 10.1.0.126(C185E8R5P1), versions earlier than 10.1.0.126(C636E9R2P4), versions earlier than 10.1.0.160(C00E160R2P8); versions earlier than 10.0.0.179(C636E3R4P3), versions earlier than 10.0.0.180(C185E3R3P3), versions earlier than 10.0.0.180(C432E10R3P4), versions earlier than 10.0.0.181(C675E5R1P2) have an out of bound read vulnerability. | 7.1 |
2020-05-12 | CVE-2020-12825 | Gnome | Uncontrolled Recursion vulnerability in Gnome Libcroco libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption. | 7.1 |
2020-05-13 | CVE-2020-2016 | Paloaltonetworks | Race Condition vulnerability in Paloaltonetworks Pan-Os A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. | 7.0 |
2020-05-12 | CVE-2020-8156 | Nextcloud Fedoraproject | Improper Certificate Validation vulnerability in multiple products A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack. | 7.0 |
2020-05-11 | CVE-2020-5835 | Symantec | Race Condition vulnerability in Symantec Endpoint Protection Manager Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine. | 7.0 |
102 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-12 | CVE-2020-6250 | SAP | Unspecified vulnerability in SAP Adaptive Server Enterprise 16.0 SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain misconfigured endpoints exposed over the adjacent network, to read system administrator password leading to Information Disclosure. | 6.8 |
2020-05-11 | CVE-2020-10023 | Zephyrproject | Classic Buffer Overflow vulnerability in Zephyrproject Zephyr 1.14.1/2.1.0 The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. | 6.8 |
2020-05-14 | CVE-2020-0220 | Out-of-bounds Write vulnerability in Google Android In crus_afe_callback of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. | 6.7 | |
2020-05-12 | CVE-2020-6245 | SAP | Injection vulnerability in SAP Businessobjects Business Intelligence Platform 4.2 SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers. | 6.7 |
2020-05-15 | CVE-2020-11524 | Freerdp Canonical Opensuse | Out-of-bounds Write vulnerability in multiple products libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | 6.6 |
2020-05-15 | CVE-2020-11523 | Freerdp Debian Canonical Opensuse | Integer Overflow or Wraparound vulnerability in multiple products libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. | 6.6 |
2020-05-15 | CVE-2020-11521 | Freerdp Canonical Opensuse Debian | Integer Overflow or Wraparound vulnerability in multiple products libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | 6.6 |
2020-05-12 | CVE-2020-10706 | Redhat | Unspecified vulnerability in Redhat Openshift Container Platform A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the encryption of data at rest is enabled. | 6.6 |
2020-05-17 | CVE-2020-13125 | Brainstormforce | Unspecified vulnerability in Brainstormforce Ultimate Addons for Elementor An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. | 6.5 |
2020-05-15 | CVE-2020-11522 | Freerdp Debian Canonical Opensuse | Out-of-bounds Read vulnerability in multiple products libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. | 6.5 |
2020-05-14 | CVE-2020-12068 | Codesys | Unspecified vulnerability in Codesys products An issue was discovered in CODESYS Development System before 3.5.16.0. | 6.5 |
2020-05-14 | CVE-2020-12042 | Opto22 | Improper Verification of Cryptographic Signature vulnerability in Opto22 Softpac Project 9.6 Opto 22 SoftPAC Project Version 9.6 and prior. | 6.5 |
2020-05-14 | CVE-2020-5408 | Pivotal Software Vmware | Use of Insufficiently Random Values vulnerability in multiple products Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. | 6.5 |
2020-05-14 | CVE-2019-13023 | Jetstream | Insufficiently Protected Credentials vulnerability in Jetstream Jetselect An issue was discovered in all versions of Bond JetSelect. | 6.5 |
2020-05-14 | CVE-2019-13021 | Jetstream | Cleartext Storage of Sensitive Information vulnerability in Jetstream Jetselect The administrative passwords for all versions of Bond JetSelect are stored within an unprotected file on the filesystem, rather than encrypted within the MySQL database. | 6.5 |
2020-05-14 | CVE-2020-4259 | IBM | Incorrect Default Permissions vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove or add modules from the cookie to access functionality not authorized to. | 6.5 |
2020-05-14 | CVE-2020-12717 | Alberta Tracetogether Health GOV | The COVIDSafe (Australia) app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. | 6.5 |
2020-05-13 | CVE-2020-2003 | Paloaltonetworks | Unspecified vulnerability in Paloaltonetworks Pan-Os An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary system files affecting the integrity of the system or causing denial of service to all PAN-OS services. | 6.5 |
2020-05-12 | CVE-2020-6259 | SAP | Missing Authorization vulnerability in SAP Adaptive Server Enterprise 15.7/16.0 Under certain conditions SAP Adaptive Server Enterprise, versions 15.7, 16.0, allows an attacker to access information which would otherwise be restricted leading to Missing Authorization Check. | 6.5 |
2020-05-12 | CVE-2020-6258 | SAP | Missing Authorization vulnerability in SAP Identity Management 8.0 SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to view certain sensitive information of the victim, leading to Missing Authorization Check. | 6.5 |
2020-05-12 | CVE-2020-6251 | SAP | Unspecified vulnerability in SAP Businessobjects Business Intelligence Platform 4.2 Under certain conditions or error scenarios SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker to access information which would otherwise be restricted. | 6.5 |
2020-05-12 | CVE-2019-4478 | IBM | Unspecified vulnerability in IBM Maximo Asset Management 7.6.0.0/7.6.1/7.6.1.1 IBM Maximo Asset Management 7.6.0, and 7.6.1 could allow an authenticated user to obtain highly sensitive information that they should not normally have access to. | 6.5 |
2020-05-11 | CVE-2020-10060 | Zephyrproject | Access of Uninitialized Pointer vulnerability in Zephyrproject Zephyr 2.1.0/2.2.0/2.3.0 In updatehub_probe, right after JSON parsing is complete, objects\[1] is accessed from the output structure in two different places. | 6.5 |
2020-05-14 | CVE-2020-12875 | Veritas | Incorrect Authorization vulnerability in Veritas Aptare Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. | 6.3 |
2020-05-14 | CVE-2020-1945 | Apache Canonical Fedoraproject Opensuse Oracle | Exposure of Resource to Wrong Sphere vulnerability in multiple products Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. | 6.3 |
2020-05-16 | CVE-2020-13121 | Rcos | Open Redirect vulnerability in Rcos Submitty Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt. | 6.1 |
2020-05-15 | CVE-2019-20389 | Intelliants | Cross-site Scripting vulnerability in Intelliants Subrion 4.2.1 An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page. | 6.1 |
2020-05-15 | CVE-2020-12685 | Redhat | Cross-site Scripting vulnerability in Redhat Interchange XSS in the admin help system admin/help.html and admin/quicklinks.html in Interchange 4.7.0 through 5.11.x allows remote attackers to steal credentials or data via browser JavaScript. | 6.1 |
2020-05-15 | CVE-2020-7809 | Altools | Cross-site Scripting vulnerability in Altools Alsong 3.46 ALSong 3.46 and earlier version contain a Document Object Model (DOM) based cross-site scripting vulnerability caused by improper validation of user input. | 6.1 |
2020-05-14 | CVE-2020-12677 | Progress | Cross-site Scripting vulnerability in Progress Moveit Automation An issue was discovered in Progress MOVEit Automation Web Admin. | 6.1 |
2020-05-14 | CVE-2020-1941 | Apache Oracle | Cross-site Scripting vulnerability in multiple products In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue. | 6.1 |
2020-05-14 | CVE-2019-15083 | Zohocorp | Cross-site Scripting vulnerability in Zohocorp Manageengine Servicedesk Plus 10.0.0 Default installations of Zoho ManageEngine ServiceDesk Plus 10.0 before 10500 are vulnerable to XSS injected by a workstation local administrator. | 6.1 |
2020-05-14 | CVE-2020-5575 | Sixapart | Cross-site Scripting vulnerability in Sixapart Movable Type Cross-site scripting vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to inject arbitrary script or HTML via unspecified vectors. | 6.1 |
2020-05-14 | CVE-2020-5409 | Pivotal Software | Open Redirect vulnerability in Pivotal Software Concourse Pivotal Concourse, most versions prior to 6.0.0, allows redirects to untrusted websites in its login flow. | 6.1 |
2020-05-13 | CVE-2020-2017 | Paloaltonetworks | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. | 6.1 |
2020-05-13 | CVE-2020-2005 | Paloaltonetworks | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. | 6.1 |
2020-05-13 | CVE-2020-1997 | Paloaltonetworks | Open Redirect vulnerability in Paloaltonetworks Pan-Os An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. | 6.1 |
2020-05-13 | CVE-2020-8020 | Opensuse Debian | A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. | 6.1 |
2020-05-13 | CVE-2020-12742 | Iubenda | Improper Input Validation vulnerability in Iubenda Iubenda-Cookie-Law-Solution The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does not restrict URL sanitization to http protocols. | 6.1 |
2020-05-13 | CVE-2020-12699 | DKD | Open Redirect vulnerability in DKD Direct Mail The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl. | 6.1 |
2020-05-12 | CVE-2020-6254 | SAP | Cross-site Scripting vulnerability in SAP Enterprise Threat Detection 1.0/2.0 SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting. | 6.1 |
2020-05-15 | CVE-2020-1758 | Redhat | Improper Certificate Validation vulnerability in Redhat Keycloak A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. | 5.9 |
2020-05-11 | CVE-2019-4667 | IBM | Cleartext Transmission of Sensitive Information vulnerability in IBM Urbancode Deploy 7.0.5.2 IBM UrbanCode Deploy (UCD) 7.0.5.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
2020-05-14 | CVE-2020-12046 | Opto22 | Improper Verification of Cryptographic Signature vulnerability in Opto22 Softpac Project 9.6 Opto 22 SoftPAC Project Version 9.6 and prior. | 5.7 |
2020-05-15 | CVE-2020-12872 | Yaws | Inadequate Encryption Strength vulnerability in Yaws yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0. | 5.5 |
2020-05-15 | CVE-2020-3810 | Debian Fedoraproject Canonical | Out-of-bounds Read vulnerability in multiple products Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. | 5.5 |
2020-05-14 | CVE-2020-0106 | Missing Authorization vulnerability in Google Android 10.0 In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a missing SDK version check. | 5.5 | |
2020-05-14 | CVE-2020-0104 | Unspecified vulnerability in Google Android 10.0/9.0 In onShowingStateChanged of KeyguardStateMonitor.java, there is a possible inappropriate read due to a logic error. | 5.5 | |
2020-05-14 | CVE-2020-0101 | Missing Initialization of Resource vulnerability in Google Android In BnCrypto::onTransact of ICrypto.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 | |
2020-05-14 | CVE-2020-0100 | Out-of-bounds Read vulnerability in Google Android 8.0/8.1 In onTransact of IHDCP.cpp, there is a possible out of bounds read due to incorrect error handling. | 5.5 | |
2020-05-14 | CVE-2020-0091 | Unspecified vulnerability in Google Android In mnld, an incorrect configuration in driver_cfg of mnld for meta factory mode.Product: AndroidVersions: Android SoCAndroid ID: A-149808700 | 5.5 | |
2020-05-14 | CVE-2020-0090 | Unspecified vulnerability in Google Android An improper authorization in the receiver component of Email.Product: AndroidVersions: Android SoCAndroid ID: A-149813048 | 5.5 | |
2020-05-14 | CVE-2020-0065 | Unspecified vulnerability in Google Android An improper authorization in the receiver component of the Android Suite Daemon.Product: AndroidVersions: Android SoCAndroid ID: A-149813448 | 5.5 | |
2020-05-14 | CVE-2020-0064 | Unspecified vulnerability in Google Android An improper authorization while processing the provisioning data.Product: AndroidVersions: Android SoCAndroid ID: A-149866855 | 5.5 | |
2020-05-13 | CVE-2020-2004 | Paloaltonetworks | Information Exposure Through Log Files vulnerability in Paloaltonetworks Globalprotect Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. | 5.5 |
2020-05-13 | CVE-2020-9501 | Dahuasecurity | Unspecified vulnerability in Dahuasecurity web P2P Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. | 5.5 |
2020-05-13 | CVE-2020-7455 | Freebsd | Missing Release of Resource after Effective Lifetime vulnerability in Freebsd 11.3/11.4/12.1 In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT) or natd process space (for userspace natd). | 5.5 |
2020-05-12 | CVE-2020-5898 | F5 | Unspecified vulnerability in F5 Big-Ip Access Policy Manager In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. | 5.5 |
2020-05-11 | CVE-2020-11864 | Libemf Project Opensuse Fedoraproject | libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2). | 5.5 |
2020-05-11 | CVE-2020-11863 | Libemf Project Opensuse Fedoraproject | libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2). | 5.5 |
2020-05-11 | CVE-2020-1698 | Redhat | Information Exposure Through Log Files vulnerability in Redhat Keycloak A flaw was found in keycloak in versions before 9.0.0. | 5.5 |
2020-05-11 | CVE-2020-10685 | Redhat Debian | Incomplete Cleanup vulnerability in multiple products A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. | 5.5 |
2020-05-15 | CVE-2020-12882 | Rcos | Cross-site Scripting vulnerability in Rcos Submitty Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow. | 5.4 |
2020-05-13 | CVE-2020-11065 | Typo3 | Cross-site Scripting vulnerability in Typo3 In TYPO3 CMS greater than or equal to 9.5.12 and less than 9.5.17, and greater than or equal to 10.2.0 and less than 10.4.2, it has been discovered that link tags generated by typolink functionality are vulnerable to cross-site scripting; properties being assigned as HTML attributes have not been parsed correctly. | 5.4 |
2020-05-13 | CVE-2020-11064 | Typo3 | Cross-site Scripting vulnerability in Typo3 In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. | 5.4 |
2020-05-13 | CVE-2020-1993 | Paloaltonetworks | Session Fixation vulnerability in Paloaltonetworks Pan-Os The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's session ID. | 5.4 |
2020-05-13 | CVE-2020-11070 | Typo3 | Cross-site Scripting vulnerability in Typo3 SVG Sanitizer 1.0.0/1.0.1/1.0.2 The SVG Sanitizer extension for TYPO3 has a cross-site scripting vulnerability in versions before 1.0.3. | 5.4 |
2020-05-12 | CVE-2020-11062 | Glpi Project | Cross-site Scripting vulnerability in Glpi-Project Glpi In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. | 5.4 |
2020-05-12 | CVE-2020-6257 | SAP | Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence Platform 4.2 SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad) 4.2 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. | 5.4 |
2020-05-12 | CVE-2020-4195 | IBM | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM API Connect IBM API Connect V2018.4.1.0 through 2018.4.1.10 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
2020-05-12 | CVE-2020-8155 | Nextcloud | Cross-site Scripting vulnerability in Nextcloud Server An outdated 3rd party library in the Files PDF viewer for Nextcloud Server 18.0.2 caused a Cross-site scripting vulnerability when opening a malicious PDF. | 5.4 |
2020-05-15 | CVE-2020-13093 | Ispyconnect | Path Traversal vulnerability in Ispyconnect Agent DVR 2.7.0.0 iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. | 5.3 |
2020-05-15 | CVE-2020-12888 | Linux Fedoraproject Opensuse Debian Canonical Netapp | Improper Handling of Exceptional Conditions vulnerability in multiple products The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. | 5.3 |
2020-05-14 | CVE-2019-17572 | Apache | Path Traversal vulnerability in Apache Rocketmq In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like “../../../../topic2020” is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. | 5.3 |
2020-05-14 | CVE-2020-5574 | Sixapart | Injection vulnerability in Sixapart Movable Type HTML attribute value injection vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to inject arbitrary HTML attribute value via unspecified vectors. | 5.3 |
2020-05-13 | CVE-2020-1996 | Paloaltonetworks | Missing Authorization vulnerability in Paloaltonetworks Pan-Os A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. | 5.3 |
2020-05-13 | CVE-2020-12831 | Linuxfoundation | Incorrect Permission Assignment for Critical Resource vulnerability in Linuxfoundation Free Range Routing An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. | 5.3 |
2020-05-13 | CVE-2019-2388 | Mongodb | Forced Browsing vulnerability in Mongodb OPS Manager 4.0.10/4.0.9/4.1.5 In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. | 5.3 |
2020-05-13 | CVE-2020-12697 | DKD | Allocation of Resources Without Limits or Throttling vulnerability in DKD Direct Mail The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries. | 5.3 |
2020-05-12 | CVE-2020-12826 | Linux Redhat Canonical | Integer Overflow or Wraparound vulnerability in multiple products A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. | 5.3 |
2020-05-12 | CVE-2020-5248 | Glpi Project | Use of Hard-coded Credentials vulnerability in Glpi-Project Glpi GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. | 5.3 |
2020-05-12 | CVE-2020-4346 | IBM | Unspecified vulnerability in IBM API Connect IBM API Connect's V2018.4.1.0 through 2018.4.1.10 management server has an unsecured api which can be exploited by an unauthenticated attacker to obtain sensitive information. | 5.3 |
2020-05-11 | CVE-2020-7647 | Jooby | Path Traversal vulnerability in Jooby All versions before 1.6.7 and all versions after 2.0.0 inclusive and before 2.8.2 of io.jooby:jooby and org.jooby:jooby are vulnerable to Directory Traversal via two separate vectors. | 5.3 |
2020-05-11 | CVE-2020-5834 | Symantec | Path Traversal vulnerability in Symantec Endpoint Protection Manager Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory. | 5.3 |
2020-05-11 | CVE-2020-12784 | Cpanel | Unspecified vulnerability in Cpanel cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings (SEC-505). | 5.3 |
2020-05-11 | CVE-2020-12748 | Unspecified vulnerability in Google Android 10.0 An issue was discovered on Samsung mobile devices with Q(10.0) software. | 5.3 | |
2020-05-15 | CVE-2020-10744 | Redhat | Race Condition vulnerability in Redhat Ansible and Ansible Tower An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. | 5.0 |
2020-05-14 | CVE-2020-0093 | Google Debian Canonical Libexif Project Opensuse | Out-of-bounds Read vulnerability in multiple products In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. | 5.0 |
2020-05-14 | CVE-2020-0092 | Information Exposure vulnerability in Google Android 10.0 In setHideSensitive of NotificationStackScrollLayout.java, there is a possible disclosure of sensitive notification content due to a permissions bypass. | 5.0 | |
2020-05-12 | CVE-2020-1746 | Redhat Debian | A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. | 5.0 |
2020-05-13 | CVE-2020-1995 | Paloaltonetworks | NULL Pointer Dereference vulnerability in Paloaltonetworks Pan-Os 9.1.0/9.1.1 A NULL pointer dereference vulnerability in Palo Alto Networks PAN-OS allows an authenticated administrator to send a request that causes the rasmgr daemon to crash. | 4.9 |
2020-05-13 | CVE-2020-5838 | Symantec | Cross-site Scripting vulnerability in Symantec IT Analytics Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can potentially enable attackers to inject client-side scripts into web pages viewed by other users. | 4.8 |
2020-05-11 | CVE-2020-10059 | Zephyrproject | Improper Certificate Validation vulnerability in Zephyrproject Zephyr 2.1.0/2.2.0 The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. | 4.8 |
2020-05-14 | CVE-2020-1960 | Apache | Unspecified vulnerability in Apache Flink A vulnerability in Apache Flink (1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 to 1.3.3, 1.4.0 to 1.4.2, 1.5.0 to 1.5.6, 1.6.0 to 1.6.4, 1.7.0 to 1.7.2, 1.8.0 to 1.8.3, 1.9.0 to 1.9.2, 1.10.0) where, when running a process with an enabled JMXReporter, with a port configured via metrics.reporter.reporter_name>.port, an attacker with local access to the machine and JMX port can execute a man-in-the-middle attack using a specially crafted request to rebind the JMXRMI registry to one under the attacker's control. | 4.7 |
2020-05-13 | CVE-2020-1994 | Paloaltonetworks | Unspecified vulnerability in Paloaltonetworks Pan-Os A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell access to corrupt arbitrary system files affecting the integrity of the system. | 4.4 |
2020-05-14 | CVE-2020-4365 | IBM | Server-Side Request Forgery (SSRF) vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.5 is vulnerable to server-side request forgery. | 4.3 |
2020-05-14 | CVE-2020-4299 | IBM | Unspecified vulnerability in IBM Sterling File Gateway IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 could expose sensitive information to a user through a specially crafted HTTP request. | 4.3 |
2020-05-13 | CVE-2020-4312 | IBM | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 trough 6.0.3.1 could allow an authenticated user to obtain sensitive information from a cached web page. | 4.3 |
2020-05-13 | CVE-2020-12700 | DKD | Missing Authorization vulnerability in DKD Direct Mail The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query. | 4.3 |
2020-05-13 | CVE-2020-12698 | DKD | Missing Authorization vulnerability in DKD Direct Mail The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables. | 4.3 |
2020-05-12 | CVE-2020-6256 | SAP | Missing Authorization vulnerability in SAP Master Data Governance SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check. | 4.3 |
2020-05-11 | CVE-2020-1724 | Redhat | Insufficient Session Expiration vulnerability in Redhat Keycloak A flaw was found in Keycloak in versions before 9.0.2. | 4.3 |
9 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-13 | CVE-2020-11063 | Typo3 | Information Exposure Through Discrepancy vulnerability in Typo3 10.4.0/10.4.1 In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. | 3.7 |
2020-05-17 | CVE-2020-4345 | IBM | SQL Injection vulnerability in IBM I 7.2/7.3/7.4 IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. | 3.3 |
2020-05-15 | CVE-2020-11931 | Pulseaudio Canonical | Exposure of Resource to Wrong Sphere vulnerability in multiple products An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. | 3.3 |
2020-05-11 | CVE-2020-5833 | Symantec | Out-of-bounds Read vulnerability in Symantec Endpoint Protection Manager Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program. | 3.3 |
2020-05-15 | CVE-2020-9073 | Huawei | Improper Authentication vulnerability in Huawei P20 Firmware Huawei P20 smartphones with versions earlier than 10.0.0.156(C00E156R1P4) have an improper authentication vulnerability. | 2.4 |
2020-05-13 | CVE-2020-11932 | Canonical | Information Exposure Through Log Files vulnerability in Canonical Subiquity It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered. | 2.3 |
2020-05-15 | CVE-2020-11526 | Freerdp Canonical Opensuse Debian | Integer Overflow or Wraparound vulnerability in multiple products libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read. | 2.2 |
2020-05-15 | CVE-2020-11525 | Freerdp Debian Canonical Opensuse | Out-of-bounds Read vulnerability in multiple products libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read. | 2.2 |
2020-05-12 | CVE-2020-11058 | Freerdp Canonical Debian | In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. | 2.2 |