Weekly Vulnerabilities Reports > May 25 to 31, 2020

Overview

133 new vulnerabilities reported during this period, including 3 critical vulnerabilities and 18 high severity vulnerabilities. This weekly summary report vulnerabilities in 312 products from 59 vendors including IBM, Freerdp, Mozilla, Huawei, and Synk. Vulnerabilities are notably categorized as "Information Exposure", "Cross-site Scripting", "Improper Input Validation", "Out-of-bounds Read", and "Improper Privilege Management".

  • 98 reported vulnerabilities are remotely exploitables.
  • 35 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 97 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 20 reported vulnerabilities.
  • Mozilla has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

3 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-29 CVE-2020-12493 Swarco Improper Privilege Management vulnerability in Swarco CPU Ls4000 Firmware G4

An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4...

10.0
2020-05-26 CVE-2020-12395 Mozilla Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox

Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7.

10.0
2020-05-28 CVE-2020-11950 Vivotek OS Command Injection vulnerability in Vivotek products

VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands).

9.0

18 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-28 CVE-2020-8330 Lenovo Improper Input Validation vulnerability in Lenovo products

A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, preventing subsequent print jobs until the printer is rebooted.

7.8
2020-05-28 CVE-2020-8329 Lenovo Improper Input Validation vulnerability in Lenovo products

A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, causing an error to be displayed and preventing printer from functioning until the printer is rebooted.

7.8
2020-05-29 CVE-2020-11844 Microfocus Incorrect Authorization vulnerability in Microfocus Service Management Automation

Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management.

7.5
2020-05-29 CVE-2020-13693 Bbpress Improper Privilege Management vulnerability in Bbpress

An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.

7.5
2020-05-28 CVE-2020-11079 Node DNS Sync Project Code Injection vulnerability in Node-Dns-Sync Project Node-Dns-Sync 0.1.3

node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands .

7.5
2020-05-28 CVE-2020-7812 Kaoni Download of Code Without Integrity Check vulnerability in Kaoni Ezhttptrans 1.0.0.70

Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download arbitrary file by setting the arguments to the activex method.

7.5
2020-05-27 CVE-2020-8606 Trendmicro Improper Authentication vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance.

7.5
2020-05-26 CVE-2020-6831 Mozilla
Canonical
Debian
Opensuse
Classic Buffer Overflow vulnerability in multiple products

A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC.

7.5
2020-05-26 CVE-2020-12390 Mozilla Deserialization of Untrusted Data vulnerability in Mozilla Firefox

Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks.

7.5
2020-05-26 CVE-2020-12389 Mozilla Improper Input Validation vulnerability in Mozilla Firefox

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape.

7.5
2020-05-26 CVE-2020-12388 Mozilla Improper Input Validation vulnerability in Mozilla Firefox

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape.

7.5
2020-05-26 CVE-2020-12396 Mozilla Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox

Mozilla developers and community members reported memory safety bugs present in Firefox 75.

7.5
2020-05-26 CVE-2020-8171 UI OS Command Injection vulnerability in UI Airos

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:There are certain end-points containing functionalities that are vulnerable to command injection.

7.5
2020-05-25 CVE-2020-13442 Dext5 Unrestricted Upload of File With Dangerous Type vulnerability in Dext5 2.7.1402870

A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870.

7.5
2020-05-25 CVE-2020-5537 Cybozu Improper Input Validation vulnerability in Cybozu Desktop

Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors.

7.5
2020-05-27 CVE-2020-10936 Sympa Improper Privilege Management vulnerability in Sympa

Sympa before 6.2.56 allows privilege escalation.

7.2
2020-05-27 CVE-2020-6774 Bosch Exposure of Resource TO Wrong Sphere vulnerability in Bosch Recording Station Firmware

Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system.

7.2
2020-05-26 CVE-2020-9046 Johnsoncontrols Improper Privilege Management vulnerability in Johnsoncontrols Kantech Entrapass 8.22

A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files.

7.2

82 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-29 CVE-2020-3957 Vmware Improper Privilege Management vulnerability in VMWare Fusion, Horizon Client and Remote Console

VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener.

6.9
2020-05-28 CVE-2019-6342 Drupal Improper Input Validation vulnerability in Drupal 8.7.4

An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled.

6.8
2020-05-28 CVE-2020-13643 Siteorigin Cross-Site Request Forgery (CSRF) vulnerability in Siteorigin Page Builder

An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress.

6.8
2020-05-28 CVE-2020-13642 Siteorigin Cross-Site Request Forgery (CSRF) vulnerability in Siteorigin Page Builder

An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress.

6.8
2020-05-28 CVE-2020-13641 Infolific Cross-Site Request Forgery (CSRF) vulnerability in Infolific Real-Time Find and Replace

An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress.

6.8
2020-05-26 CVE-2020-12387 Mozilla Race Condition vulnerability in Mozilla Firefox

A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability.

6.8
2020-05-26 CVE-2020-8168 UI Cross-Site Request Forgery (CSRF) vulnerability in UI Airos

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Attackers can abuse multiple end-points not protected against cross-site request forgery (CSRF), as a result authenticated users can be persuaded to visit malicious web pages, which allows attackers to perform arbitrary actions, such as downgrade the device's firmware to older versions, modify configuration, upload arbitrary firmware, exfiltrate files and tokens.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.

6.8
2020-05-25 CVE-2020-13458 Verbb Cross-Site Request Forgery (CSRF) vulnerability in Verbb Image Resizer

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS.

6.8
2020-05-29 CVE-2020-8816 PI Hole Unspecified vulnerability in Pi-Hole

Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.

6.5
2020-05-29 CVE-2020-12675 Mappresspro Unrestricted Upload of File With Dangerous Type vulnerability in Mappresspro Mappress

The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution.

6.5
2020-05-27 CVE-2020-8605 Trendmicro OS Command Injection vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations.

6.5
2020-05-27 CVE-2020-11075 Anchore Unspecified vulnerability in Anchore Engine 0.7.0

In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process.

6.5
2020-05-28 CVE-2020-13645 Gnome
Canonical
Fedoraproject
Netapp
Broadcom
Improper Certificate Validation vulnerability in multiple products

In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity.

6.4
2020-05-26 CVE-2020-10719 Redhat Http Request Smuggling vulnerability in Redhat Undertow 1.0.0

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes.

6.4
2020-05-25 CVE-2020-13485 Verbb Incorrect Comparison vulnerability in Verbb Knock

The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.

6.4
2020-05-29 CVE-2020-13634 Youhua Improper Input Validation vulnerability in Youhua Windows Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558

6.1
2020-05-29 CVE-2020-11089 Freerdp Out-Of-Bounds Read vulnerability in Freerdp

In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write).

6.0
2020-05-29 CVE-2020-11039 Freerdp Integer Overflow OR Wraparound vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks.

6.0
2020-05-29 CVE-2020-1832 Huawei Out-Of-Bounds Write vulnerability in Huawei E6878-370 Firmware 10.0.3.1(H557Sp27C233)/10.0.3.1(H563Sp1C233)

E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability.

5.8
2020-05-29 CVE-2020-4490 IBM Unspecified vulnerability in IBM products

IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw.

5.8
2020-05-25 CVE-2020-13486 Verbb Open Redirect vulnerability in Verbb Knock

The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.

5.8
2020-05-25 CVE-2020-13482 EM Http Request Project
Fedoraproject
Improper Certificate Validation vulnerability in multiple products

EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library.

5.8
2020-05-29 CVE-2020-11088 Freerdp Out-Of-Bounds Read vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage.

5.5
2020-05-29 CVE-2020-11087 Freerdp Out-Of-Bounds Read vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage.

5.5
2020-05-29 CVE-2020-11086 Freerdp Out-Of-Bounds Read vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure.

5.5
2020-05-29 CVE-2020-11038 Freerdp Integer Overflow OR Wraparound vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists.

5.5
2020-05-28 CVE-2020-4246 IBM XXE vulnerability in IBM Security Identity Governance and Intelligence 5.2.6

IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

5.5
2020-05-29 CVE-2020-6937 Mulesoft Resource Exhaustion vulnerability in Mulesoft Mule Runtime

A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.

5.0
2020-05-29 CVE-2020-1870 Huawei Missing Release of Resource After Effective Lifetime vulnerability in Huawei products

There is a denial of service vulnerability in some Huawei products.

5.0
2020-05-29 CVE-2020-11085 Freerdp Out-Of-Bounds Read vulnerability in Freerdp

In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list.

5.0
2020-05-29 CVE-2020-11043 Freerdp Out-Of-Bounds Read vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset.

5.0
2020-05-29 CVE-2020-11019 Freerdp Out-Of-Bounds Read vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index.

5.0
2020-05-28 CVE-2020-4245 IBM Weak Password Requirements vulnerability in IBM Security Identity Governance and Intelligence 5.2.6

IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

5.0
2020-05-28 CVE-2020-4244 IBM Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.6

IBM Security Identity Governance and Intelligence 5.2.6 could allow an unauthorized user to obtain sensitive information through user enumeration.

5.0
2020-05-28 CVE-2020-4233 IBM Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.6

IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode.

5.0
2020-05-28 CVE-2020-4232 IBM Insufficiently Protected Credentials vulnerability in IBM Security Identity Governance and Intelligence 5.2.6

IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system.

5.0
2020-05-28 CVE-2020-13649 Jerryscript Null Pointer Dereference vulnerability in Jerryscript 2.2.0

parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.

5.0
2020-05-27 CVE-2020-8604 Trendmicro Information Exposure vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations.

5.0
2020-05-27 CVE-2020-11059 Aegir Project Information Exposure vulnerability in Aegir Project Aegir

In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir publish and aegir build may leak secrets from environment variables in the browser bundle published to npm.

5.0
2020-05-27 CVE-2020-4379 IBM USE of A Broken OR Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2020-05-27 CVE-2020-4350 IBM USE of A Broken OR Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2020-05-27 CVE-2020-4349 IBM USE of A Broken OR Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2020-05-27 CVE-2020-4226 IBM Information Exposure vulnerability in IBM Mobilefirst Platform Foundation 8.0.0.0

IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters.

5.0
2020-05-27 CVE-2020-13623 Jerryscript Resource Exhaustion vulnerability in Jerryscript 2.2.0

JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation.

5.0
2020-05-27 CVE-2020-13622 Jerryscript Reachable Assertion vulnerability in Jerryscript 2.2.0

JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data.

5.0
2020-05-26 CVE-2020-6830 Mozilla Information Exposure vulnerability in Mozilla Firefox

For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions.

5.0
2020-05-26 CVE-2020-12391 Mozilla Improper Input Validation vulnerability in Mozilla Firefox

Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context.

5.0
2020-05-26 CVE-2020-3811 Netqmail
Debian
Improper Input Validation vulnerability in multiple products

qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.

5.0
2020-05-28 CVE-2020-13173 Teradici Improper Privilege Management vulnerability in Teradici Pcoip Graphics Agent and Pcoip Standard Agent

Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe.

4.6
2020-05-28 CVE-2019-20807 VIM OS Command Injection vulnerability in VIM

In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).

4.6
2020-05-26 CVE-2020-12393 Mozilla Injection vulnerability in Mozilla Firefox

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website.

4.6
2020-05-29 CVE-2020-4352 IBM Improper Privilege Management vulnerability in IBM MQ for HPE Nonstop 8.0.4/8.1.0

IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode.

4.4
2020-05-27 CVE-2020-13630 Sqlite
Fedoraproject
USE After Free vulnerability in multiple products

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.

4.4
2020-05-27 CVE-2020-13386 Smartdraw Incorrect Permission Assignment FOR Critical Resource vulnerability in Smartdraw 2020 27.0.0.0

In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder.

4.4
2020-05-29 CVE-2020-7654 Synk Information Exposure vulnerability in Synk Broker

All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure.

4.3
2020-05-28 CVE-2020-11082 Kaminari Project Cross-Site Scripting vulnerability in Kaminari Project Kaminari

In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links.

4.3
2020-05-28 CVE-2020-13245 Netgear Improper Certificate Validation vulnerability in Netgear products

Certain NETGEAR devices are affected by Missing SSL Certificate Validation.

4.3
2020-05-27 CVE-2020-8603 Trendmicro Cross-Site Scripting vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5

A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations.

4.3
2020-05-27 CVE-2020-13633 Fork CMS Cross-Site Scripting vulnerability in Fork-Cms Fork CMS

Fork before 5.8.3 allows XSS via navigation_title or title.

4.3
2020-05-27 CVE-2020-13628 Centreon Cross-Site Scripting vulnerability in Centreon products

Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php.

4.3
2020-05-27 CVE-2020-13627 Centreon Cross-Site Scripting vulnerability in Centreon products

Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php.

4.3
2020-05-27 CVE-2020-10946 Centreon Cross-Site Scripting vulnerability in Centreon products

Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php.

4.3
2020-05-26 CVE-2020-13616 Pichi Project Improper Certificate Validation vulnerability in Pichi Project Pichi

The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification.

4.3
2020-05-26 CVE-2020-13615 Qore Improper Certificate Validation vulnerability in Qore

lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates.

4.3
2020-05-26 CVE-2020-13614 Axel Project Improper Certificate Validation vulnerability in Axel Project Axel

An issue was discovered in ssl.c in Axel before 2.17.8.

4.3
2020-05-26 CVE-2020-8170 UI Cross-Site Scripting vulnerability in UI Airos

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.

4.3
2020-05-29 CVE-2020-7650 Synk Information Exposure vulnerability in Synk Broker

All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read.

4.0
2020-05-29 CVE-2020-7648 Synk Information Exposure vulnerability in Synk Broker

All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read.

4.0
2020-05-29 CVE-2020-7653 Synk Information Exposure vulnerability in Synk Broker

All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read.

4.0
2020-05-29 CVE-2020-7652 Synk Path Traversal vulnerability in Synk Broker

All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read.

4.0
2020-05-29 CVE-2020-7651 Synk Information Exposure vulnerability in Synk Broker

All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary File Read.

4.0
2020-05-29 CVE-2020-11040 Freerdp Out-Of-Bounds Read vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color.

4.0
2020-05-29 CVE-2020-11041 Freerdp Improper Validation of Array Index vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...).

4.0
2020-05-29 CVE-2020-11018 Freerdp Out-Of-Bounds Read vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed.

4.0
2020-05-29 CVE-2020-11017 Freerdp Double Free vulnerability in Freerdp

In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server.

4.0
2020-05-28 CVE-2020-4248 IBM Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.6

IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.

4.0
2020-05-28 CVE-2020-4249 IBM Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.6

IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization.

4.0
2020-05-28 CVE-2020-4231 IBM Improper Input Validation vulnerability in IBM Security Identity Governance and Intelligence 5.2.6

IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation.

4.0
2020-05-28 CVE-2020-11949 Vivotek Information Exposure vulnerability in Vivotek products

testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem.

4.0
2020-05-27 CVE-2020-4378 IBM Unspecified vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command.

4.0
2020-05-27 CVE-2020-4357 IBM Information Exposure vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.

4.0
2020-05-27 CVE-2020-4348 IBM Incorrect Authorization vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control.

4.0

30 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-05-27 CVE-2020-10737 Redhat Path Traversal vulnerability in Redhat Oddjob

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the homedir path.

3.7
2020-05-26 CVE-2020-10751 Kernel
Redhat
Insufficient Verification of Data Authenticity vulnerability in multiple products

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message.

3.6
2020-05-29 CVE-2020-4306 IBM Cross-Site Scripting vulnerability in IBM Planning Analytics Local

IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting.

3.5
2020-05-28 CVE-2020-13660 Cmsmadesimple Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name.

3.5
2020-05-28 CVE-2020-4419 IBM Cross-Site Scripting vulnerability in IBM Jazz Reporting Service 6.0.6/6.0.6.1/7.0

IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting.

3.5
2020-05-28 CVE-2020-13644 Pickplugins Cross-Site Scripting vulnerability in Pickplugins Accordion

An issue was discovered in the Accordion plugin before 2.2.9 for WordPress.

3.5
2020-05-27 CVE-2020-4358 IBM Cross-Site Scripting vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting.

3.5
2020-05-26 CVE-2020-13487 Bbpress Cross-Site Scripting vulnerability in Bbpress

The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users.

3.5
2020-05-25 CVE-2020-13459 Verbb Cross-Site Scripting vulnerability in Verbb Image Resizer

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS.

3.5
2020-05-28 CVE-2020-13361 Qemu Out-Of-Bounds Write vulnerability in Qemu 4.2.0

In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.

3.3
2020-05-27 CVE-2020-10945 Centreon Information Exposure vulnerability in Centreon

Centreon before 19.10.7 exposes Session IDs in server responses.

3.3
2020-05-28 CVE-2020-5357 Dell Uncontrolled Search Path Element vulnerability in Dell products

Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability.

2.6
2020-05-29 CVE-2020-8482 ABB Insecure Storage of Sensitive Information vulnerability in ABB Device Library Wizard 6.0.3.2/6.1.0

Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data

2.1
2020-05-29 CVE-2020-3959 Vmware Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare Esxi, Fusion and Workstation

VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in the VMCI module.

2.1
2020-05-29 CVE-2020-3958 Vmware Improper Input Validation vulnerability in VMWare Esxi, Fusion and Workstation

VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerability in the shader functionality.

2.1
2020-05-29 CVE-2020-1833 Huawei Improper Authentication vulnerability in Huawei Honor 9X Firmware

Honor 9X smartphones with versions earlier than 9.1.1.172(C00E170R8P1) have an improper authentication vulnerability.

2.1
2020-05-29 CVE-2020-1809 Huawei Information Exposure vulnerability in Huawei Mate 10 Firmware

HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability.

2.1
2020-05-29 CVE-2020-1797 Huawei Incorrect Authorization vulnerability in Huawei Mate 20 Firmware

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability.

2.1
2020-05-29 CVE-2020-1798 Huawei Improper Authentication vulnerability in Huawei P30 Firmware

HUAWEI P30 smartphones with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability.

2.1
2020-05-29 CVE-2020-5573 Cybozu Information Exposure vulnerability in Cybozu Kintone

Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors.

2.1
2020-05-29 CVE-2020-5572 Cybozu Information Exposure vulnerability in Cybozu Mailwise 1.0.1

Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors.

2.1
2020-05-28 CVE-2020-13362 Qemu Out-Of-Bounds Read vulnerability in Qemu 4.2.0

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.

2.1
2020-05-27 CVE-2020-13632 Sqlite
Fedoraproject
Null Pointer Dereference vulnerability in multiple products

ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

2.1
2020-05-27 CVE-2020-13631 Sqlite
Fedoraproject
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
2.1
2020-05-27 CVE-2020-13253 Qemu
Canonical
Debian
Out-Of-Bounds Read vulnerability in multiple products

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations.

2.1
2020-05-27 CVE-2019-20806 Linux Null Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.2.

2.1
2020-05-26 CVE-2020-12392 Mozilla Information Exposure vulnerability in Mozilla Firefox

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website.

2.1
2020-05-26 CVE-2020-12394 Mozilla Improper Input Validation vulnerability in Mozilla Firefox

A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element.

2.1
2020-05-26 CVE-2020-3812 Netqmail
Debian
Information Exposure vulnerability in multiple products

qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability.

2.1
2020-05-29 CVE-2020-1831 Huawei Incorrect Authorization vulnerability in Huawei Mate 20 Firmware

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability.

1.9