Weekly Vulnerabilities Reports > May 18 to 24, 2020

Overview

322 new vulnerabilities reported during this period, including 41 critical vulnerabilities and 164 high severity vulnerabilities. This weekly summary report vulnerabilities in 255 products from 112 vendors including Microsoft, Debian, Opensuse, Fedoraproject, and Google. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Incorrect Default Permissions", "Use After Free", and "Improper Input Validation".

  • 214 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 59 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 199 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 112 reported vulnerabilities.
  • Debian has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

41 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-21 CVE-2020-1112 Microsoft Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

9.9
2020-05-24 CVE-2020-13433 Adminpanel Project SQL Injection vulnerability in Adminpanel Project Adminpanel 4.0

Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter.

9.8
2020-05-22 CVE-2020-13417 Aviatrix Unspecified vulnerability in Aviatrix Controller and Gateway

An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224.

9.8
2020-05-22 CVE-2020-13394 Tendacn Classic Buffer Overflow vulnerability in Tendacn products

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices.

9.8
2020-05-22 CVE-2020-13393 Tendacn Classic Buffer Overflow vulnerability in Tendacn products

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices.

9.8
2020-05-22 CVE-2020-13392 Tendacn Classic Buffer Overflow vulnerability in Tendacn products

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices.

9.8
2020-05-22 CVE-2020-13391 Tendacn Classic Buffer Overflow vulnerability in Tendacn products

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices.

9.8
2020-05-22 CVE-2020-13390 Tendacn Classic Buffer Overflow vulnerability in Tendacn products

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices.

9.8
2020-05-22 CVE-2020-13389 Tendacn Classic Buffer Overflow vulnerability in Tendacn products

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices.

9.8
2020-05-22 CVE-2020-13388 Python OS Command Injection vulnerability in Python Jw.Util

An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python.

9.8
2020-05-22 CVE-2020-7813 Kaoni Download of Code Without Integrity Check vulnerability in Kaoni Ezhttptrans 1.0.0.70

Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download and execute arbitrary file by setting the arguments to the activex method.

9.8
2020-05-22 CVE-2020-3280 Cisco Deserialization of Untrusted Data vulnerability in Cisco Unified Contact Center Express 12.0/12.0(1)

A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.

9.8
2020-05-21 CVE-2020-0901 Microsoft Unspecified vulnerability in Microsoft 365 Apps and Office

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

9.8
2020-05-21 CVE-2018-21234 Jodd
Apache
Deserialization of Untrusted Data vulnerability in multiple products

Jodd before 5.0.4 performs Deserialization of Untrusted JSON Data when setClassMetadataName is set.

9.8
2020-05-21 CVE-2020-7808 Raonwiz Argument Injection or Modification vulnerability in Raonwiz Raon K Upload 2018.0.2.51

In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check on update module(web.js) allows an attacker to modify arguments which causes downloading a random DLL and injection on it.

9.8
2020-05-21 CVE-2020-12828 Pango Unrestricted Upload of File with Dangerous Type vulnerability in Pango Virtual Private Network Software Development KIT

An issue was discovered in AnchorFree VPN SDK before 1.3.3.218.

9.8
2020-05-20 CVE-2020-1955 Apache Missing Authentication for Critical Function vulnerability in Apache Couchdb 3.0.0

CouchDB version 3.0.0 shipped with a new configuration setting that governs access control to the entire database server called `require_valid_user_except_for_up`.

9.8
2020-05-20 CVE-2020-11716 Panasonic Incorrect Default Permissions vulnerability in Panasonic products

Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices through 2020-04-10 have Insecure Permissions.

9.8
2020-05-20 CVE-2020-9409 Tibco
Oracle
Incorrect Default Permissions vulnerability in multiple products

The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated attacker to obtain the permissions of a JasperReports Server "superuser" for the affected systems.

9.8
2020-05-20 CVE-2020-12835 Smartbear Deserialization of Untrusted Data vulnerability in Smartbear Readyapi 3.2.5

An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5.

9.8
2020-05-20 CVE-2020-13226 Wso2 Server-Side Request Forgery (SSRF) vulnerability in Wso2 API Manager 3.0.0

WSO2 API Manager 3.0.0 does not properly restrict outbound network access from a Publisher node, opening up the possibility of SSRF to this node's entire intranet.

9.8
2020-05-20 CVE-2019-5997 Panasonic Code Injection vulnerability in Panasonic Video Insight VMS 7.3.2.5/7.5

Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vectors.

9.8
2020-05-19 CVE-2020-13167 Netsweeper OS Command Injection vulnerability in Netsweeper

Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain Referer headers) launches a command line with client-supplied parameters, and allows injection of shell metacharacters.

9.8
2020-05-19 CVE-2020-13166 Mylittletools Use of Hard-coded Credentials vulnerability in Mylittletools Mylittleadmin 3.8

The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.config, and can be used to send serialized ASP code.

9.8
2020-05-19 CVE-2020-11715 Panasonic Unspecified vulnerability in Panasonic P99 Firmware 20200410

Panasonic P99 devices through 2020-04-10 have Incorrect Access Control.

9.8
2020-05-19 CVE-2020-8434 Jenzabar Session Fixation vulnerability in Jenzabar Internet Campus Solution

Jenzabar JICS (aka Internet Campus Solution) before 9.0.1 Patch 3, 9.1 before 9.1.2 Patch 2, and 9.2 before 9.2.2 Patch 8 has session cookies that are a deterministic function of the username.

9.8
2020-05-18 CVE-2020-1897 Facebook Use After Free vulnerability in Facebook Proxygen

A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence.

9.8
2020-05-18 CVE-2019-7247 AMD Unspecified vulnerability in AMD Overdrive

An issue was discovered in AODDriver2.sys in AMD OverDrive.

9.8
2020-05-18 CVE-2020-12856 Alberta
Tracetogether
Health
OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTraceTogether, and other applications on iOS and Android, allows remote attackers to conduct long-term re-identification attacks and possibly have unspecified other impact, because of how Bluetooth is used.
9.8
2020-05-18 CVE-2019-20800 Cherokee Project Out-of-bounds Write vulnerability in Cherokee-Project Cherokee

In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1" headers.

9.8
2020-05-21 CVE-2020-6471 Google
Fedoraproject
Opensuse
Debian
Incorrect Default Permissions vulnerability in multiple products

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

9.6
2020-05-21 CVE-2020-6469 Google
Debian
Opensuse
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

9.6
2020-05-21 CVE-2020-6466 Google
Debian
Opensuse
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6
2020-05-21 CVE-2020-6465 Google
Debian
Opensuse
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6
2020-05-21 CVE-2020-6462 Google
Debian
Use After Free vulnerability in multiple products

Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6
2020-05-21 CVE-2020-6461 Google
Debian
Use After Free vulnerability in multiple products

Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6
2020-05-21 CVE-2020-6457 Google
Debian
Use After Free vulnerability in multiple products

Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

9.6
2020-05-22 CVE-2020-6091 Epson Improper Authentication vulnerability in Epson Eb-1470Ui Firmware

An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303.

9.1
2020-05-21 CVE-2020-13112 Libexif Project
Debian
Canonical
Opensuse
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in libexif before 0.6.22.

9.1
2020-05-20 CVE-2020-9753 Naver Improper Verification of Cryptographic Signature vulnerability in Naver Whale Browser Installer

Whale Browser Installer before 1.2.0.5 versions don't support signature verification for Flash installer.

9.1
2020-05-18 CVE-2020-12258 Rconfig Session Fixation vulnerability in Rconfig 3.9.4

rConfig 3.9.4 is vulnerable to session fixation because session expiry and randomization are mishandled.

9.1

164 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-22 CVE-2020-13412 Aviatrix Cross-Site Request Forgery (CSRF) vulnerability in Aviatrix Controller

An issue was discovered in Aviatrix Controller before 5.4.1204.

8.8
2020-05-22 CVE-2020-1956 Apache OS Command Injection vulnerability in Apache Kylin

Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation.

8.8
2020-05-22 CVE-2020-13384 Monstra Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4

Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.

8.8
2020-05-21 CVE-2020-1171 Microsoft Unspecified vulnerability in Microsoft Visual Studio Code

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'.

8.8
2020-05-21 CVE-2020-1126 Microsoft Out-of-bounds Write vulnerability in Microsoft products

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.

8.8
2020-05-21 CVE-2020-1117 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in the way that the Color Management Module (ICM32.dll) handles objects in memory, aka 'Microsoft Color Management Remote Code Execution Vulnerability'.

8.8
2020-05-21 CVE-2020-1102 Microsoft Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.

8.8
2020-05-21 CVE-2020-1069 Microsoft NULL Pointer Dereference vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.

8.8
2020-05-21 CVE-2020-1067 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.

8.8
2020-05-21 CVE-2020-1061 Microsoft Out-of-bounds Write vulnerability in Microsoft products

A remote code execution vulnerability exists in the way that the Microsoft Script Runtime handles objects in memory, aka 'Microsoft Script Runtime Remote Code Execution Vulnerability'.

8.8
2020-05-21 CVE-2020-1024 Microsoft Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.

8.8
2020-05-21 CVE-2020-1023 Microsoft Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.

8.8
2020-05-21 CVE-2019-20804 Gilacms Cross-Site Request Forgery (CSRF) vulnerability in Gilacms Gila CMS

Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account.

8.8
2020-05-21 CVE-2020-10738 Moodle Improper Input Validation vulnerability in Moodle

A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions.

8.8
2020-05-21 CVE-2020-6474 Google
Opensuse
Fedoraproject
Debian
Use After Free vulnerability in multiple products

Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-05-21 CVE-2020-6468 Google
Fedoraproject
Debian
Opensuse
Type Confusion vulnerability in multiple products

Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-05-21 CVE-2020-6467 Google
Debian
Opensuse
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-05-21 CVE-2020-6464 Google
Debian
Opensuse
Type Confusion vulnerability in multiple products

Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-05-21 CVE-2020-6463 Google
Fedoraproject
Canonical
Debian
Opensuse
Use After Free vulnerability in multiple products

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-05-21 CVE-2020-6459 Google
Debian
Use After Free vulnerability in multiple products

Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-05-21 CVE-2020-6458 Google
Debian
Out-of-bounds Write vulnerability in multiple products

Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8
2020-05-21 CVE-2020-13252 Centreon OS Command Injection vulnerability in Centreon

Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.

8.8
2020-05-21 CVE-2020-12647 Unisys Unspecified vulnerability in Unisys Algol Compiler 58.1/59.1/60.0

Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 60.0 before 60.0a.5 can emit invalid code sequences under rare circumstances related to syntax.

8.8
2020-05-20 CVE-2020-13249 Mariadb
Opensuse
Fedoraproject
libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server.
8.8
2020-05-20 CVE-2020-3956 Vmware Expression Language Injection vulnerability in VMWare Vcloud Director

VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability.

8.8
2020-05-20 CVE-2020-9410 Tibco
Oracle
Cross-site Scripting vulnerability in multiple products

The report generator component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an attacker to exploit HTML injection to gain full control of a web interface containing the output of the report generator component with the privileges of any user that views the affected report(s).

8.8
2020-05-19 CVE-2020-7138 HPE Unspecified vulnerability in HPE Nimbleos

Potential remote code execution security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to gain elevated privileges on the array.

8.8
2020-05-19 CVE-2020-2025 Katacontainers Improper Preservation of Permissions vulnerability in Katacontainers Runtime

Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host.

8.8
2020-05-19 CVE-2020-11766 Ifax
Avantfax
OS Command Injection vulnerability in multiple products

sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web Interface before 0.2.5 allows authenticated Command Injection.

8.8
2020-05-19 CVE-2020-10030 Powerdns Out-of-bounds Read vulnerability in Powerdns Recursor

An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0.

8.8
2020-05-18 CVE-2020-13146 EDX Improper Neutralization of Formula Elements in a CSV File vulnerability in EDX Open EDX Platform 2.5

Studio in Open edX Ironwood 2.5 allows CSV injection because an added cohort in Course>Instructor>Cohorts may contain a formula that is exported via the "Course>Data Downloads>Reports>Download profile info" feature.

8.8
2020-05-18 CVE-2020-13144 EDX Missing Authorization vulnerability in EDX Open EDX Platform 2.5

Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create New course>New section>New subsection>New unit>Add new component>Problem button>Advanced tab>Custom Python evaluated code" screen, edit the problem, and execute Python code.

8.8
2020-05-18 CVE-2020-6074 Gonitro Use After Free vulnerability in Gonitro Nitro PRO 13.9.1.155

An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155.

8.8
2020-05-18 CVE-2020-11551 Netgear Use of Insufficiently Random Values vulnerability in Netgear Rbs50Y Firmware, Srr60 Firmware and Srs60 Firmware

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106.

8.8
2020-05-18 CVE-2020-11549 Netgear Use of Hard-coded Credentials vulnerability in Netgear Rbs50Y Firmware, Srr60 Firmware and Srs60 Firmware

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106.

8.8
2020-05-18 CVE-2020-12255 Rconfig Unrestricted Upload of File with Dangerous Type vulnerability in Rconfig 3.9.4

rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality.

8.8
2020-05-18 CVE-2020-12257 Rconfig Cross-Site Request Forgery (CSRF) vulnerability in Rconfig 3.9.4

rConfig 3.9.4 is vulnerable to cross-site request forgery (CSRF) because it lacks implementation of CSRF protection such as a CSRF token.

8.8
2020-05-19 CVE-2020-8616 ISC
Debian
Resource Exhaustion vulnerability in multiple products

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral.

8.6
2020-05-18 CVE-2019-20798 Cherokee Project Cross-site Scripting vulnerability in Cherokee-Project Cherokee

An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104.

8.4
2020-05-22 CVE-2020-13398 Freerdp
Debian
Opensuse
Canonical
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in FreeRDP before 2.1.1.

8.3
2020-05-21 CVE-2020-13113 Libexif Project
Debian
Canonical
Opensuse
Use of Uninitialized Resource vulnerability in multiple products

An issue was discovered in libexif before 0.6.22.

8.2
2020-05-20 CVE-2020-12034 Rockwellautomation SQL Injection vulnerability in Rockwellautomation products

Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and prior) is vulnerable.The EDS subsystem does not provide adequate input sanitation, which may allow an attacker to craft specialized EDS files to inject SQL queries and manipulate the database storing the EDS files.

8.2
2020-05-21 CVE-2020-12693 Schedmd
Fedoraproject
Opensuse
Debian
Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel.
8.1
2020-05-21 CVE-2020-1056 Microsoft Unspecified vulnerability in Microsoft Edge

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.

8.1
2020-05-19 CVE-2020-7139 HPE Unspecified vulnerability in HPE Nimbleos

Potential remote access security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to access and modify sensitive information on the system.

8.1
2020-05-21 CVE-2020-1192 Microsoft Unspecified vulnerability in Microsoft Visual Studio Code

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'.

7.8
2020-05-21 CVE-2020-1191 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1190 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1189 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1188 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1187 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1186 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1185 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1184 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1176 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.

7.8
2020-05-21 CVE-2020-1175 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.

7.8
2020-05-21 CVE-2020-1174 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.

7.8
2020-05-21 CVE-2020-1166 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1165 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1164 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1158 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1157 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1156 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1155 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1154 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1153 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.

7.8
2020-05-21 CVE-2020-1151 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1150 Microsoft Out-of-bounds Write vulnerability in Microsoft Windows 7 and Windows Server 2008

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.

7.8
2020-05-21 CVE-2020-1149 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1144 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1143 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1142 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1140 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1139 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1138 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1137 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1136 Microsoft Out-of-bounds Write vulnerability in Microsoft products

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.

7.8
2020-05-21 CVE-2020-1135 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1134 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1132 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles file and folder links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1131 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1125 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1124 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1121 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019

An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1114 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1111 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019

An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1110 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019

An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1109 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019

An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1090 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1088 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1087 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1086 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1082 Microsoft Path Traversal vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1081 Microsoft Improper Input Validation vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1079 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows fails to properly handle objects in memory, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1078 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1077 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1070 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1068 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1066 Microsoft Unspecified vulnerability in Microsoft .Net Framework 3.0/3.5.1

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by correcting how .NET Framework activates COM objects., aka '.NET Framework Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1054 Microsoft Out-of-bounds Write vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1051 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.

7.8
2020-05-21 CVE-2020-1048 Microsoft Incorrect Resource Transfer Between Spheres vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1028 Microsoft Out-of-bounds Write vulnerability in Microsoft products

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.

7.8
2020-05-21 CVE-2020-1021 Microsoft Race Condition vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-1010 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.

7.8
2020-05-21 CVE-2020-5752 Druva Path Traversal vulnerability in Druva Insync Client 6.6.3

Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.

7.8
2020-05-21 CVE-2020-6477 Google
Fedoraproject
Opensuse
Link Following vulnerability in multiple products

Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file.

7.8
2020-05-20 CVE-2020-13241 Microweber Unrestricted Upload of File with Dangerous Type vulnerability in Microweber 1.1.18

Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/load_module:users#edit-user=1 does not verify that the file extension (used with the Add Image option on the Edit User screen) corresponds to an image file.

7.8
2020-05-19 CVE-2020-11807 Sourcefabric Unrestricted Upload of File with Dangerous Type vulnerability in Sourcefabric Newscoop 4.4.7

Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ path.

7.8
2020-05-18 CVE-2019-17066 Ivanti Improper Privilege Management vulnerability in Ivanti Workspace Control

In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries.

7.8
2020-05-18 CVE-2020-13149 MSI Incorrect Default Permissions vulnerability in MSI Dragon Center

Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges.

7.8
2020-05-18 CVE-2020-6092 Gonitro Integer Overflow or Wraparound vulnerability in Gonitro Nitro PRO 13.9.1.155

An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects.

7.8
2020-05-21 CVE-2017-18868 Digi Incorrect Default Permissions vulnerability in Digi Xbee 2 Firmware

Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built.

7.7
2020-05-20 CVE-2020-10725 Dpdk
Fedoraproject
Opensuse
Oracle
A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host.
7.7
2020-05-22 CVE-2020-13415 Aviatrix Improper Verification of Cryptographic Signature vulnerability in Aviatrix Controller

An issue was discovered in Aviatrix Controller through 5.1.

7.5
2020-05-22 CVE-2020-13414 Aviatrix Use of Hard-coded Credentials vulnerability in Aviatrix Controller

An issue was discovered in Aviatrix Controller before 5.4.1204.

7.5
2020-05-22 CVE-2020-11077 Puma
Fedoraproject
Debian
Opensuse
In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client.
7.5
2020-05-22 CVE-2020-11076 Puma
Fedoraproject
Debian
In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header.
7.5
2020-05-22 CVE-2020-3272 Cisco Improper Input Validation vulnerability in Cisco Prime Network Registrar

A vulnerability in the DHCP server of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.5
2020-05-21 CVE-2020-1161 Microsoft Unspecified vulnerability in Microsoft Asp.Net Core and Visual Studio 2017

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

7.5
2020-05-21 CVE-2020-1118 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019

A denial of service vulnerability exists in the Windows implementation of Transport Layer Security (TLS) when it improperly handles certain key exchanges, aka 'Microsoft Windows Transport Layer Security Denial of Service Vulnerability'.

7.5
2020-05-21 CVE-2020-1113 Microsoft Improper Certificate Validation vulnerability in Microsoft products

A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'.

7.5
2020-05-21 CVE-2020-1108 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

7.5
2020-05-21 CVE-2020-1096 Microsoft Unspecified vulnerability in Microsoft Edge

A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Remote Code Execution Vulnerability'.

7.5
2020-05-21 CVE-2020-1093 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11/9

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.

7.5
2020-05-21 CVE-2020-1092 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11/9

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

7.5
2020-05-21 CVE-2020-1065 Microsoft Out-of-bounds Write vulnerability in Microsoft Chakracore

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.

7.5
2020-05-21 CVE-2020-1064 Microsoft Unspecified vulnerability in Microsoft Internet Explorer 11/9

A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input.An attacker could execute arbitrary code in the context of the current user, aka 'MSHTML Engine Remote Code Execution Vulnerability'.

7.5
2020-05-21 CVE-2020-1062 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11/9

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

7.5
2020-05-21 CVE-2020-1060 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11/9

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.

7.5
2020-05-21 CVE-2020-1058 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11/9

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.

7.5
2020-05-21 CVE-2020-1037 Microsoft Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.

7.5
2020-05-21 CVE-2020-1035 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11/9

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.

7.5
2020-05-21 CVE-2020-0909 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to properly handle these network packets., aka 'Windows Hyper-V Denial of Service Vulnerability'.

7.5
2020-05-21 CVE-2020-13114 Libexif Project
Canonical
Opensuse
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

An issue was discovered in libexif before 0.6.22.

7.5
2020-05-21 CVE-2020-8572 Netapp Unspecified vulnerability in Netapp Element Healthtools and Element OS

Element OS prior to version 12.0 and Element HealthTools prior to version 2020.04.01.04 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information.

7.5
2020-05-21 CVE-2020-1799 Huawei Use After Free vulnerability in Huawei E6878-370 Firmware 10.0.3.1(H557Sp27C233)/10.0.3.1(H563Sp1C00)/10.0.3.1(H563Sp1C233)

E6878-370 with versions of 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP1C233) has a use after free vulnerability.

7.5
2020-05-20 CVE-2020-5365 Dell Use of Insufficiently Random Values vulnerability in Dell EMC Isilon Onefs

Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability.

7.5
2020-05-20 CVE-2020-5364 Dell Information Exposure vulnerability in Dell EMC Isilon Onefs

Dell EMC Isilon OneFS versions 8.2.2 and earlier contain an SNMPv2 vulnerability.

7.5
2020-05-20 CVE-2020-13246 Gitea Improper Locking vulnerability in Gitea

An issue was discovered in Gitea through 1.11.5.

7.5
2020-05-19 CVE-2020-13164 Wireshark
Debian
Opensuse
Fedoraproject
Uncontrolled Recursion vulnerability in multiple products

In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash.

7.5
2020-05-19 CVE-2020-10995 Powerdns
Fedoraproject
Debian
Opensuse
Resource Exhaustion vulnerability in multiple products

PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks.

7.5
2020-05-19 CVE-2020-1695 Redhat
Fedoraproject
A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response.
7.5
2020-05-19 CVE-2020-12663 Nlnetlabs
Debian
Opensuse
Canonical
Fedoraproject
Infinite Loop vulnerability in multiple products

Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.

7.5
2020-05-19 CVE-2020-12662 Nlnetlabs
Debian
Opensuse
Canonical
Fedoraproject
Resource Exhaustion vulnerability in multiple products

Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue.

7.5
2020-05-19 CVE-2020-12244 Powerdns
Fedoraproject
Debian
Opensuse
Improper Verification of Cryptographic Signature vulnerability in multiple products

An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.

7.5
2020-05-19 CVE-2020-12667 NIC Resource Exhaustion vulnerability in NIC Knot Resolver

Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue.

7.5
2020-05-18 CVE-2020-13136 Dlink Unspecified vulnerability in Dlink Dsp-W215 Firmware 1.26B03

D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer.

7.5
2020-05-18 CVE-2019-19454 Wowza Unspecified vulnerability in Wowza Streaming Engine

An arbitrary file download was found in the "Download Log" functionality of Wowza Streaming Engine <= 4.x.x.

7.5
2020-05-18 CVE-2020-10957 Dovecot NULL Pointer Dereference vulnerability in Dovecot

In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.

7.5
2020-05-18 CVE-2020-12858 Health Use of Insufficiently Random Values vulnerability in Health Covidsafe 1.0.11/1.0.16/1.0.17

Non-reinitialisation of random data in the advertising payload in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to re-identify Android devices running COVIDSafe by scanning for their advertising beacons.

7.5
2020-05-18 CVE-2020-12857 Health Incomplete Cleanup vulnerability in Health Covidsafe 1.0.11/1.0.16/1.0.17

Caching of GATT characteristic values (TempID) in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to long-term re-identify an Android device running COVIDSafe.

7.5
2020-05-18 CVE-2020-13128 Gwtupload Project Unrestricted Upload of File with Dangerous Type vulnerability in Gwtupload Project Gwtupload 1.0.3

An issue was discovered in Manolo GWTUpload 1.0.3.

7.5
2020-05-18 CVE-2019-20799 Cherokee Project Out-of-bounds Write vulnerability in Cherokee-Project Cherokee

In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server.

7.5
2020-05-18 CVE-2019-20797 Prboom Plus Project Out-of-bounds Write vulnerability in Prboom-Plus Project Prboom-Plus 2.5.1.5

An issue was discovered in e6y prboom-plus 2.5.1.5.

7.5
2020-05-19 CVE-2020-13163 EM Imap Project Improper Certificate Validation vulnerability in Em-Imap Project Em-Imap 0.5

em-imap 0.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library.

7.4
2020-05-22 CVE-2020-3184 Cisco SQL Injection vulnerability in Cisco Prime Collaboration Provisioning

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.

7.2
2020-05-20 CVE-2020-5579 Strangerstudios SQL Injection vulnerability in Strangerstudios Paid Memberships PRO

SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors.

7.2
2020-05-18 CVE-2020-13129 Heinekingmedia Information Exposure vulnerability in Heinekingmedia Stashcat

An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms.

7.2
2020-05-23 CVE-2020-13425 Thetrackr Missing Authorization vulnerability in Thetrackr Trackr Firmware 2.2.5/20200506/5.1.6

TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted.

7.1
2020-05-22 CVE-2020-13396 Freerdp
Debian
Opensuse
Canonical
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in FreeRDP before 2.1.1.

7.1
2020-05-19 CVE-2020-4411 IBM Improper Input Validation vulnerability in IBM Spectrum Scale

The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system.

7.1
2020-05-20 CVE-2020-9484 Apache
Debian
Opensuse
Fedoraproject
Canonical
Oracle
Mcafee
Deserialization of Untrusted Data vulnerability in multiple products

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control.

7.0

117 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-21 CVE-2020-1173 Microsoft Improper Input Validation vulnerability in Microsoft Power BI Report Server

A spoofing vulnerability exists in Microsoft Power BI Report Server in the way it validates the content-type of uploaded attachments, aka 'Microsoft Power BI Report Server Spoofing Vulnerability'.

6.8
2020-05-21 CVE-2020-1071 Microsoft Improper Handling of Exceptional Conditions vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Windows improperly handles errors tied to Remote Access Common Dialog, aka 'Windows Remote Access Common Dialog Elevation of Privilege Vulnerability'.

6.8
2020-05-20 CVE-2020-11078 Httplib2 Project
Fedoraproject
Debian
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server.
6.8
2020-05-19 CVE-2020-7137 HPE Improper Input Validation vulnerability in HPE Superdome Flex Server Firmware 3.20.186/3.20.206

A validation issue in HPE Superdome Flex's RMC component may allow local elevation of privilege.

6.7
2020-05-19 CVE-2020-10723 Dpdk
Canonical
Fedoraproject
Opensuse
Oracle
A memory corruption issue was found in DPDK versions 17.05 and above.
6.7
2020-05-19 CVE-2020-10722 Dpdk
Canonical
Fedoraproject
Opensuse
Oracle
A vulnerability was found in DPDK versions 18.05 and above.
6.7
2020-05-18 CVE-2019-7246 AMD Unspecified vulnerability in AMD Atillk64 5.11.9.0

An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0.

6.7
2020-05-21 CVE-2020-12431 Splashtop Incorrect Permission Assignment for Critical Resource vulnerability in Splashtop Software Updater and Streamer

A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16.

6.6
2020-05-24 CVE-2020-13440 Rockcarry Out-of-bounds Write vulnerability in Rockcarry Ffjpeg

ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.

6.5
2020-05-24 CVE-2020-13439 Rockcarry Out-of-bounds Read vulnerability in Rockcarry Ffjpeg

ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.

6.5
2020-05-24 CVE-2020-13438 Rockcarry Out-of-bounds Read vulnerability in Rockcarry Ffjpeg

ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.

6.5
2020-05-23 CVE-2020-13424 Xcloner Unspecified vulnerability in Xcloner 3.5.1

The XCloner component before 3.5.4 for Joomla! allows Authenticated Local File Disclosure.

6.5
2020-05-22 CVE-2020-13416 Aviatrix Cross-Site Request Forgery (CSRF) vulnerability in Aviatrix Controller

An issue was discovered in Aviatrix Controller before 5.4.1066.

6.5
2020-05-21 CVE-2020-1179 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

6.5
2020-05-21 CVE-2020-1103 Microsoft Cross-Site Request Forgery (CSRF) vulnerability in Microsoft products

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).When users are simultaneously logged in to Microsoft SharePoint Server and visit a malicious web page, the attacker can, through standard browser functionality, induce the browser to invoke search queries as the logged in user, aka 'Microsoft SharePoint Information Disclosure Vulnerability'.

6.5
2020-05-21 CVE-2020-0963 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

6.5
2020-05-21 CVE-2020-9069 Huawei Unspecified vulnerability in Huawei products

There is an information leakage vulnerability in some Huawei products.

6.5
2020-05-21 CVE-2020-9045 Tyco
Johnsoncontrols
Cleartext Storage of Sensitive Information vulnerability in multiple products

During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor Video Management System v5.2, the credentials of the user used to perform the installation or upgrade are logged in a file.

6.5
2020-05-21 CVE-2020-6491 Google
Debian
Opensuse
Fedoraproject
Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name.
6.5
2020-05-21 CVE-2020-6487 Google
Debian
Opensuse
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

6.5
2020-05-21 CVE-2020-6486 Google
Debian
Opensuse
Fedoraproject
Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
6.5
2020-05-21 CVE-2020-6485 Google
Debian
Opensuse
Fedoraproject
Improper Input Validation vulnerability in multiple products

Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.

6.5
2020-05-21 CVE-2020-6484 Google
Debian
Opensuse
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted request.

6.5
2020-05-21 CVE-2020-6483 Google
Debian
Opensuse
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

6.5
2020-05-21 CVE-2020-6482 Google
Opensuse
Fedoraproject
Debian
Incorrect Default Permissions vulnerability in multiple products

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.

6.5
2020-05-21 CVE-2020-6481 Google
Opensuse
Fedoraproject
Debian
Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name.
6.5
2020-05-21 CVE-2020-6480 Google
Opensuse
Fedoraproject
Debian
Incorrect Default Permissions vulnerability in multiple products

Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions.

6.5
2020-05-21 CVE-2020-6479 Google
Debian
Opensuse
Fedoraproject
Inappropriate implementation in sharing in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
6.5
2020-05-21 CVE-2020-6478 Google
Debian
Opensuse
Fedoraproject
Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
6.5
2020-05-21 CVE-2020-6476 Google
Opensuse
Fedoraproject
Debian
Incorrect Default Permissions vulnerability in multiple products

Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.

6.5
2020-05-21 CVE-2020-6475 Google
Opensuse
Fedoraproject
Debian
Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
6.5
2020-05-21 CVE-2020-6473 Google
Fedoraproject
Opensuse
Debian
Information Exposure Through Discrepancy vulnerability in multiple products

Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5
2020-05-21 CVE-2020-6472 Google
Fedoraproject
Opensuse
Debian
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension.
6.5
2020-05-21 CVE-2020-6460 Google
Debian
Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to perform domain spoofing via a crafted domain name.
6.5
2020-05-20 CVE-2020-13231 Cacti
Fedoraproject
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change.

6.5
2020-05-20 CVE-2020-4461 IBM Unspecified vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.7.1 could allow an authenticated user to bypass security by allowing id_token claims manipulation without verification.

6.5
2020-05-19 CVE-2020-2024 Katacontainers Link Following vulnerability in Katacontainers Runtime

An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0.

6.5
2020-05-19 CVE-2020-4286 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM products

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.5
2020-05-18 CVE-2020-13154 Zohocorp Missing Authorization vulnerability in Zohocorp Manageengine Servicedesk Plus 11.1

Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users to discover the File Protection password via a getFileProtectionSettings call to AjaxServlet.

6.5
2020-05-18 CVE-2020-13143 Linux
Opensuse
Debian
Canonical
Netapp
Out-of-bounds Read vulnerability in multiple products

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

6.5
2020-05-18 CVE-2020-13135 Dlink Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dlink Dsp-W215 Firmware 1.26B03

D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy.

6.5
2020-05-18 CVE-2020-11550 Netgear Unspecified vulnerability in Netgear Rbs50Y Firmware, Srr60 Firmware and Srs60 Firmware

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106.

6.5
2020-05-19 CVE-2020-10134 Bluetooth Interpretation Conflict vulnerability in Bluetooth Core 5.2

Pairing in Bluetooth® Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates different pairing methods in each peer device and an end-user erroneously completes both pairing procedures with the MITM using the confirmation number of one peer as the passkey of the other.

6.3
2020-05-24 CVE-2020-13430 Grafana Cross-site Scripting vulnerability in Grafana

Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.

6.1
2020-05-22 CVE-2020-7658 Meinheld HTTP Request Smuggling vulnerability in Meinheld

meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling.

6.1
2020-05-22 CVE-2020-3314 Cisco Improper Input Validation vulnerability in Cisco Advanced Malware Protection for Endpoints

A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints service.

6.1
2020-05-21 CVE-2020-1106 Microsoft Cross-site Scripting vulnerability in Microsoft products

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

6.1
2020-05-21 CVE-2020-1055 Microsoft Cross-site Scripting vulnerability in Microsoft products

A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability'.

6.1
2020-05-21 CVE-2019-20803 Gilacms Cross-site Scripting vulnerability in Gilacms Gila CMS

Gila CMS before 1.11.6 has reflected XSS via the admin/content/postcategory id parameter, which is mishandled for g_preview_theme.

6.1
2020-05-21 CVE-2020-13258 Contentful Cross-site Scripting vulnerability in Contentful Python Example 20200521

Contentful through 2020-05-21 for Python allows reflected XSS, as demonstrated by the api parameter to the-example-app.py.

6.1
2020-05-21 CVE-2020-7655 Hive HTTP Request Smuggling vulnerability in Hive Netius

netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling.

6.1
2020-05-21 CVE-2020-6470 Google
Fedoraproject
Opensuse
Debian
Cross-site Scripting vulnerability in multiple products

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents.

6.1
2020-05-19 CVE-2020-7656 Jquery
Oracle
Netapp
Juniper
Cross-site Scripting vulnerability in multiple products

jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method.

6.1
2020-05-19 CVE-2020-11845 Microfocus Cross-site Scripting vulnerability in Microfocus Service Manager

Cross Site Scripting vulnerability in Micro Focus Service Manager product.

6.1
2020-05-19 CVE-2020-6956 PCS Cross-site Scripting vulnerability in PCS Dexicon Enterprise 3.4.1

PCS DEXICON 3.4.1 allows XSS via the loginName parameter in login_action.jsp.

6.1
2020-05-18 CVE-2020-13153 Misp Cross-site Scripting vulnerability in Misp

app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 has XSS in the resolved attributes view.

6.1
2020-05-18 CVE-2020-8034 Horde Cross-site Scripting vulnerability in Horde Gollem and Groupware

Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output.

6.1
2020-05-18 CVE-2019-19456 Wowza Cross-site Scripting vulnerability in Wowza Streaming Engine

A Reflected XSS was found in the server selection box inside the login page at: enginemanager/loginfailed.html in Wowza Streaming Engine <= 4.x.x.

6.1
2020-05-18 CVE-2020-8035 Horde Cross-site Scripting vulnerability in Horde Groupware

The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload.

6.1
2020-05-18 CVE-2019-20802 Readdle Cross-site Scripting vulnerability in Readdle Documents

An issue was discovered in the Readdle Documents app before 6.9.7 for iOS.

6.1
2020-05-22 CVE-2020-10711 Linux
Redhat
Debian
Opensuse
Canonical
NULL Pointer Dereference vulnerability in multiple products

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7.

5.9
2020-05-21 CVE-2020-1195 Microsoft Improper Input Validation vulnerability in Microsoft Edge

An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'.

5.9
2020-05-19 CVE-2020-8617 ISC
Debian
Fedoraproject
Opensuse
Canonical
Reachable Assertion vulnerability in multiple products

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server.

5.9
2020-05-24 CVE-2020-13435 Sqlite
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.

5.5
2020-05-24 CVE-2020-13434 Sqlite
Debian
Fedoraproject
Canonical
Freebsd
Oracle
Apple
Integer Overflow or Wraparound vulnerability in multiple products

SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.

5.5
2020-05-22 CVE-2020-13397 Freerdp
Debian
Opensuse
Canonical
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in FreeRDP before 2.1.1.

5.5
2020-05-22 CVE-2020-3344 Cisco Classic Buffer Overflow vulnerability in Cisco Advanced Malware Protection for Endpoints

A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device.

5.5
2020-05-22 CVE-2020-3343 Cisco Classic Buffer Overflow vulnerability in Cisco Advanced Malware Protection for Endpoints

A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device.

5.5
2020-05-21 CVE-2020-1145 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'.

5.5
2020-05-21 CVE-2020-1141 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'.

5.5
2020-05-21 CVE-2020-1123 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'.

5.5
2020-05-21 CVE-2020-1116 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure Vulnerability'.

5.5
2020-05-21 CVE-2020-1084 Microsoft Improper Input Validation vulnerability in Microsoft products

A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values.An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the Connected User Experiences and Telemetry Service validates certain function values., aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'.

5.5
2020-05-21 CVE-2020-1076 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

5.5
2020-05-21 CVE-2020-1075 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'.

5.5
2020-05-21 CVE-2020-1072 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.

5.5
2020-05-20 CVE-2020-13152 KDE Memory Leak vulnerability in KDE Amarok 2.8.0

A remote user can create a specially crafted M3U file, media playlist file that when loaded by the target user, will trigger a memory leak, whereby Amarok 2.8.0 continue to waste resources over time, eventually allows attackers to cause a denial of service.

5.5
2020-05-19 CVE-2020-12038 Rockwellautomation Out-of-bounds Write vulnerability in Rockwellautomation products

Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and prior) is vulnerable.

5.5
2020-05-18 CVE-2020-6093 Gonitro Access of Uninitialized Pointer vulnerability in Gonitro Nitro PRO 13.9.1.155

An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling.

5.5
2020-05-24 CVE-2020-13429 Grafana Cross-site Scripting vulnerability in Grafana Piechart-Panel

legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1.5.0 for Grafana allows XSS via the Values Header (aka legend header) option.

5.4
2020-05-22 CVE-2020-8789 Composr Project Cross-site Scripting vulnerability in Composr Project Composr 10.0.30

Composr 10.0.30 allows Persistent XSS via a Usergroup name under the Security configuration.

5.4
2020-05-21 CVE-2020-1107 Microsoft Cross-site Scripting vulnerability in Microsoft products

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.

5.4
2020-05-21 CVE-2020-1105 Microsoft Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.

5.4
2020-05-21 CVE-2020-1104 Microsoft Cross-site Scripting vulnerability in Microsoft products

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.

5.4
2020-05-21 CVE-2020-1101 Microsoft Cross-site Scripting vulnerability in Microsoft products

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

5.4
2020-05-21 CVE-2020-1100 Microsoft Cross-site Scripting vulnerability in Microsoft products

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

5.4
2020-05-21 CVE-2020-1099 Microsoft Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

5.4
2020-05-21 CVE-2020-1063 Microsoft Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.2/9.0

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.

5.4
2020-05-20 CVE-2020-13240 Dolibarr Incorrect Default Permissions vulnerability in Dolibarr Erp/Crm 11.0.4

The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions.

5.4
2020-05-20 CVE-2020-13239 Dolibarr Cross-site Scripting vulnerability in Dolibarr Erp/Crm 11.0.4

The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link.

5.4
2020-05-19 CVE-2020-10135 Bluetooth
Opensuse
Authentication Bypass by Spoofing vulnerability in multiple products

Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access.

5.4
2020-05-19 CVE-2020-4298 IBM Cross-site Scripting vulnerability in IBM products

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting.

5.4
2020-05-18 CVE-2020-13094 Dolibarr Cross-site Scripting vulnerability in Dolibarr

Dolibarr before 11.0.4 allows XSS.

5.4
2020-05-18 CVE-2020-13145 EDX Cross-site Scripting vulnerability in EDX Open EDX Platform 2.5

Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "Content>File Uploads" screen.

5.4
2020-05-18 CVE-2020-12256 Rconfig Cross-site Scripting vulnerability in Rconfig 3.9.4

rConfig 3.9.4 is vulnerable to reflected XSS.

5.4
2020-05-18 CVE-2020-9524 Microfocus Cross-site Scripting vulnerability in Microfocus Enterprise Developer and Enterprise Server

Cross Site scripting vulnerability on Micro Focus Enterprise Server and Enterprise developer, affecting all versions prior to version 5.0 Patch Update 8.

5.4
2020-05-18 CVE-2020-12259 Rconfig Cross-site Scripting vulnerability in Rconfig 3.9.4

rConfig 3.9.4 is vulnerable to reflected XSS.

5.4
2020-05-22 CVE-2020-13413 Aviatrix Information Exposure Through Discrepancy vulnerability in Aviatrix Controller

An issue was discovered in Aviatrix Controller before 5.4.1204.

5.3
2020-05-20 CVE-2020-5753 Signal Always-Incorrect Control Flow Implementation vulnerability in Signal

Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.

5.3
2020-05-20 CVE-2019-11048 PHP Integer Overflow or Wraparound vulnerability in PHP

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request.

5.3
2020-05-19 CVE-2020-8021 Opensuse
Debian
a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5.
5.3
2020-05-19 CVE-2020-4412 IBM Unspecified vulnerability in IBM Spectrum Scale

The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability.

5.3
2020-05-18 CVE-2020-12801 Libreoffice
Opensuse
Cleartext Storage of Sensitive Information vulnerability in multiple products

If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted.

5.3
2020-05-18 CVE-2020-10967 Dovecot Improper Input Validation vulnerability in Dovecot

In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.

5.3
2020-05-18 CVE-2020-10958 Dovecot Use After Free vulnerability in Dovecot

In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.

5.3
2020-05-18 CVE-2020-12860 Health Improper Privilege Management vulnerability in Health Covidsafe 1.0.11/1.0.16/1.0.17

COVIDSafe through v1.0.17 allows a remote attacker to access phone name and model information because a BLE device can have four roles and COVIDSafe uses all of them.

5.3
2020-05-18 CVE-2020-12859 Health Cleartext Storage of Sensitive Information vulnerability in Health Covidsafe 1.0.11/1.0.16/1.0.17

Unnecessary fields in the OpenTrace/BlueTrace protocol in COVIDSafe through v1.0.17 allow a remote attacker to identify a device model by observing cleartext payload data.

5.3
2020-05-18 CVE-2019-20801 Readdle Incorrect Authorization vulnerability in Readdle Documents

An issue was discovered in the Readdle Documents app before 6.9.7 for iOS.

5.3
2020-05-20 CVE-2020-13225 Phpipam Cross-site Scripting vulnerability in PHPipam 1.4

phpIPAM 1.4 contains a stored cross site scripting (XSS) vulnerability within the Edit User Instructions field of the User Instructions widget.

4.8
2020-05-20 CVE-2020-10726 Dpdk
Fedoraproject
Opensuse
Oracle
A vulnerability was found in DPDK versions 19.11 and above.
4.4
2020-05-19 CVE-2020-10724 Dpdk
Canonical
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

A vulnerability was found in DPDK versions 18.11 and above.

4.4
2020-05-22 CVE-2020-12397 Mozilla
Canonical
Origin Validation Error vulnerability in multiple products

By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays.

4.3
2020-05-21 CVE-2020-1059 Microsoft Open Redirect vulnerability in Microsoft Edge

A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'.

4.3
2020-05-21 CVE-2020-6490 Google
Debian
Opensuse
Fedoraproject
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page.

4.3
2020-05-21 CVE-2020-6489 Google
Debian
Opensuse
Fedoraproject
Information Exposure vulnerability in multiple products

Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page.

4.3
2020-05-21 CVE-2020-6488 Google
Debian
Opensuse
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

4.3
2020-05-20 CVE-2020-13230 Cacti
Debian
Fedoraproject
Improper Preservation of Permissions vulnerability in multiple products

In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).

4.3

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS