Weekly Vulnerabilities Reports > May 25 to 31, 2020
Overview
133 new vulnerabilities reported during this period, including 5 critical vulnerabilities and 20 high severity vulnerabilities. This weekly summary report vulnerabilities in 337 products from 64 vendors including Debian, IBM, Opensuse, Canonical, and Freerdp. Vulnerabilities are notably categorized as "Information Exposure", "Cross-site Scripting", "Out-of-bounds Read", "Improper Input Validation", and "Incorrect Authorization".
- 98 reported vulnerabilities are remotely exploitables.
- 38 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 86 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 24 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
5 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-29 | CVE-2020-12493 | Swarco | Unspecified vulnerability in Swarco CPU Ls4000 Firmware G4 An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... | 10.0 |
2020-05-26 | CVE-2020-12388 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. | 10.0 |
2020-05-26 | CVE-2020-12395 | Mozilla Canonical | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. | 10.0 |
2020-05-29 | CVE-2020-11844 | Microfocus | Incorrect Authorization vulnerability in Microfocus Service Management Automation Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. | 9.8 |
2020-05-28 | CVE-2020-11950 | Vivotek | OS Command Injection vulnerability in Vivotek products VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). | 9.0 |
20 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-29 | CVE-2020-12675 | Mappresspro | Unrestricted Upload of File with Dangerous Type vulnerability in Mappresspro Mappress The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. | 8.8 |
2020-05-26 | CVE-2020-8168 | UI | Cross-Site Request Forgery (CSRF) vulnerability in UI Airos We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Attackers can abuse multiple end-points not protected against cross-site request forgery (CSRF), as a result authenticated users can be persuaded to visit malicious web pages, which allows attackers to perform arbitrary actions, such as downgrade the device's firmware to older versions, modify configuration, upload arbitrary firmware, exfiltrate files and tokens.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. | 8.8 |
2020-05-28 | CVE-2020-8330 | Lenovo | Improper Input Validation vulnerability in Lenovo products A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, preventing subsequent print jobs until the printer is rebooted. | 7.8 |
2020-05-28 | CVE-2020-8329 | Lenovo | Improper Input Validation vulnerability in Lenovo products A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, causing an error to be displayed and preventing printer from functioning until the printer is rebooted. | 7.8 |
2020-05-27 | CVE-2020-10936 | Sympa Fedoraproject Debian Canonical | Improper Privilege Management vulnerability in multiple products Sympa before 6.2.56 allows privilege escalation. | 7.8 |
2020-05-29 | CVE-2020-13693 | Bbpress | Unspecified vulnerability in Bbpress An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled. | 7.5 |
2020-05-28 | CVE-2020-11079 | Node DNS Sync Project | Command Injection vulnerability in Node-Dns-Sync Project Node-Dns-Sync 0.1.3 node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . | 7.5 |
2020-05-28 | CVE-2020-7812 | Kaoni | Download of Code Without Integrity Check vulnerability in Kaoni Ezhttptrans 1.0.0.70 Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download arbitrary file by setting the arguments to the activex method. | 7.5 |
2020-05-27 | CVE-2020-8606 | Trendmicro | Improper Authentication vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance. | 7.5 |
2020-05-26 | CVE-2020-6831 | Mozilla Canonical Debian Opensuse | Classic Buffer Overflow vulnerability in multiple products A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. | 7.5 |
2020-05-26 | CVE-2020-12390 | Mozilla | Deserialization of Untrusted Data vulnerability in Mozilla Firefox Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. | 7.5 |
2020-05-26 | CVE-2020-12389 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. | 7.5 |
2020-05-26 | CVE-2020-12396 | Mozilla | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 75. | 7.5 |
2020-05-26 | CVE-2020-8171 | UI | OS Command Injection vulnerability in UI Airos We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:There are certain end-points containing functionalities that are vulnerable to command injection. | 7.5 |
2020-05-25 | CVE-2020-13442 | Dext5 | Unrestricted Upload of File with Dangerous Type vulnerability in Dext5 2.7.1402870 A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. | 7.5 |
2020-05-25 | CVE-2020-5537 | Cybozu | Improper Input Validation vulnerability in Cybozu Desktop Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors. | 7.5 |
2020-05-25 | CVE-2020-13482 | EM Http Request Project Fedoraproject | Improper Certificate Validation vulnerability in multiple products EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. | 7.4 |
2020-05-27 | CVE-2020-6774 | Bosch | Exposure of Resource to Wrong Sphere vulnerability in Bosch Recording Station Firmware Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system. | 7.2 |
2020-05-26 | CVE-2020-9046 | Johnsoncontrols | Improper Privilege Management vulnerability in Johnsoncontrols Kantech Entrapass 8.22 A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files. | 7.2 |
2020-05-27 | CVE-2020-13630 | Sqlite Fedoraproject Canonical Netapp Brocade Debian Siemens Apple Oracle | Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | 7.0 |
78 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-29 | CVE-2020-3957 | Vmware | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare Fusion, Horizon Client and Remote Console VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. | 6.9 |
2020-05-29 | CVE-2020-11039 | Freerdp Opensuse Debian | Integer Overflow or Wraparound vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. | 6.8 |
2020-05-28 | CVE-2019-6342 | Drupal | Improper Input Validation vulnerability in Drupal 8.7.4 An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. | 6.8 |
2020-05-28 | CVE-2020-13643 | Siteorigin | Cross-Site Request Forgery (CSRF) vulnerability in Siteorigin Page Builder An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. | 6.8 |
2020-05-28 | CVE-2020-13642 | Siteorigin | Cross-Site Request Forgery (CSRF) vulnerability in Siteorigin Page Builder An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. | 6.8 |
2020-05-28 | CVE-2020-13641 | Infolific | Cross-Site Request Forgery (CSRF) vulnerability in Infolific Real-Time Find and Replace An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. | 6.8 |
2020-05-26 | CVE-2020-12387 | Mozilla | Use After Free vulnerability in Mozilla Firefox A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. | 6.8 |
2020-05-25 | CVE-2020-13458 | Verbb | Cross-Site Request Forgery (CSRF) vulnerability in Verbb Image Resizer An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. | 6.8 |
2020-05-29 | CVE-2020-8816 | PI Hole | OS Command Injection vulnerability in Pi-Hole Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease. | 6.5 |
2020-05-29 | CVE-2020-11019 | Freerdp Opensuse Debian | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. | 6.5 |
2020-05-29 | CVE-2020-11018 | Freerdp Opensuse Debian | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. | 6.5 |
2020-05-29 | CVE-2020-11017 | Freerdp Opensuse Debian | Double Free vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. | 6.5 |
2020-05-28 | CVE-2020-13645 | Gnome Canonical Fedoraproject Netapp Broadcom | Improper Certificate Validation vulnerability in multiple products In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. | 6.5 |
2020-05-27 | CVE-2020-8605 | Trendmicro | OS Command Injection vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. | 6.5 |
2020-05-27 | CVE-2020-11075 | Anchore | Unspecified vulnerability in Anchore Engine 0.7.0 In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. | 6.5 |
2020-05-26 | CVE-2020-10719 | Redhat Netapp | HTTP Request Smuggling vulnerability in multiple products A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. | 6.5 |
2020-05-25 | CVE-2020-13485 | Verbb | Incorrect Comparison vulnerability in Verbb Knock The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header. | 6.4 |
2020-05-27 | CVE-2020-10737 | Redhat | Race Condition vulnerability in Redhat Oddjob A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the homedir path. | 6.3 |
2020-05-29 | CVE-2020-13634 | Youhua | Improper Input Validation vulnerability in Youhua Windows Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558 | 6.1 |
2020-05-26 | CVE-2020-10751 | Kernel Redhat | Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in multiple products A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. | 6.1 |
2020-05-26 | CVE-2020-13614 | Axel Project Fedoraproject Opensuse | Improper Certificate Validation vulnerability in multiple products An issue was discovered in ssl.c in Axel before 2.17.8. | 5.9 |
2020-05-29 | CVE-2020-1832 | Huawei | Out-of-bounds Write vulnerability in Huawei E6878-370 Firmware 10.0.3.1(H557Sp27C233)/10.0.3.1(H563Sp1C233) E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. | 5.8 |
2020-05-29 | CVE-2020-4490 | IBM | Unspecified vulnerability in IBM products IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. | 5.8 |
2020-05-25 | CVE-2020-13486 | Verbb | Open Redirect vulnerability in Verbb Knock The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection. | 5.8 |
2020-05-29 | CVE-2020-11089 | Freerdp Opensuse Debian | Out-of-bounds Read vulnerability in multiple products In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). | 5.5 |
2020-05-28 | CVE-2020-4246 | IBM | XXE vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
2020-05-27 | CVE-2020-13632 | Sqlite Fedoraproject Canonical Netapp Brocade Debian Siemens Oracle | NULL Pointer Dereference vulnerability in multiple products ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. | 5.5 |
2020-05-27 | CVE-2020-13631 | Sqlite Fedoraproject Canonical Netapp Brocade Siemens Apple Oracle | SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. | 5.5 |
2020-05-29 | CVE-2020-11088 | Freerdp Opensuse Debian | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. | 5.4 |
2020-05-29 | CVE-2020-11087 | Freerdp Opensuse Debian | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. | 5.4 |
2020-05-29 | CVE-2020-11086 | Freerdp Opensuse Debian | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. | 5.4 |
2020-05-29 | CVE-2020-11038 | Freerdp Opensuse Debian | Integer Overflow to Buffer Overflow vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. | 5.4 |
2020-05-29 | CVE-2020-6937 | Mulesoft | Resource Exhaustion vulnerability in Mulesoft Mule Runtime A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion. | 5.0 |
2020-05-29 | CVE-2020-1870 | Huawei | Missing Release of Resource after Effective Lifetime vulnerability in Huawei products There is a denial of service vulnerability in some Huawei products. | 5.0 |
2020-05-28 | CVE-2020-4245 | IBM | Weak Password Requirements vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 5.0 |
2020-05-28 | CVE-2020-4244 | IBM | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow an unauthorized user to obtain sensitive information through user enumeration. | 5.0 |
2020-05-28 | CVE-2020-4233 | IBM | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. | 5.0 |
2020-05-28 | CVE-2020-4232 | IBM | Insufficiently Protected Credentials vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system. | 5.0 |
2020-05-28 | CVE-2020-13649 | Jerryscript | NULL Pointer Dereference vulnerability in Jerryscript 2.2.0 parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure. | 5.0 |
2020-05-27 | CVE-2020-8604 | Trendmicro | Path Traversal vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations. | 5.0 |
2020-05-27 | CVE-2020-11059 | Aegir Project | Information Exposure vulnerability in Aegir Project Aegir In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir publish and aegir build may leak secrets from environment variables in the browser bundle published to npm. | 5.0 |
2020-05-27 | CVE-2020-4379 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2020-05-27 | CVE-2020-4350 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2020-05-27 | CVE-2020-4349 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2020-05-27 | CVE-2020-4226 | IBM | Information Exposure vulnerability in IBM Mobilefirst Platform Foundation 8.0.0.0 IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters. | 5.0 |
2020-05-27 | CVE-2020-13623 | Jerryscript | Resource Exhaustion vulnerability in Jerryscript 2.2.0 JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation. | 5.0 |
2020-05-27 | CVE-2020-13622 | Jerryscript | Reachable Assertion vulnerability in Jerryscript 2.2.0 JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data. | 5.0 |
2020-05-26 | CVE-2020-6830 | Mozilla | Information Exposure vulnerability in Mozilla Firefox For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. | 5.0 |
2020-05-26 | CVE-2020-12391 | Mozilla | Incorrect Authorization vulnerability in Mozilla Firefox Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. | 5.0 |
2020-05-26 | CVE-2020-3811 | Netqmail Debian Canonical | Incorrect Authorization vulnerability in multiple products qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. | 5.0 |
2020-05-28 | CVE-2020-13173 | Teradici | Race Condition vulnerability in Teradici Pcoip Graphics Agent and Pcoip Standard Agent Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe. | 4.6 |
2020-05-28 | CVE-2019-20807 | VIM Debian Opensuse Canonical Apple Starwindsoftware | OS Command Injection vulnerability in multiple products In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). | 4.6 |
2020-05-26 | CVE-2020-12393 | Mozilla | Injection vulnerability in Mozilla Firefox The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. | 4.6 |
2020-05-29 | CVE-2020-4352 | IBM | Improper Privilege Management vulnerability in IBM MQ for HPE Nonstop 8.0.4/8.1.0 IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. | 4.4 |
2020-05-27 | CVE-2020-13386 | Smartdraw | Incorrect Permission Assignment for Critical Resource vulnerability in Smartdraw 2020 27.0.0.0 In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. | 4.4 |
2020-05-29 | CVE-2020-7654 | Synk | Information Exposure vulnerability in Synk Broker All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. | 4.3 |
2020-05-28 | CVE-2020-11082 | Kaminari Project Debian | Cross-site Scripting vulnerability in multiple products In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. | 4.3 |
2020-05-28 | CVE-2020-13245 | Netgear | Improper Certificate Validation vulnerability in Netgear products Certain NETGEAR devices are affected by Missing SSL Certificate Validation. | 4.3 |
2020-05-27 | CVE-2020-8603 | Trendmicro | Cross-site Scripting vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. | 4.3 |
2020-05-27 | CVE-2020-13633 | Fork CMS | Cross-site Scripting vulnerability in Fork-Cms Fork CMS Fork before 5.8.3 allows XSS via navigation_title or title. | 4.3 |
2020-05-27 | CVE-2020-13628 | Centreon | Cross-site Scripting vulnerability in Centreon products Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. | 4.3 |
2020-05-27 | CVE-2020-13627 | Centreon | Cross-site Scripting vulnerability in Centreon products Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. | 4.3 |
2020-05-27 | CVE-2020-10946 | Centreon | Cross-site Scripting vulnerability in Centreon products Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. | 4.3 |
2020-05-26 | CVE-2020-13616 | Pichi Project | Improper Certificate Validation vulnerability in Pichi Project Pichi The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification. | 4.3 |
2020-05-26 | CVE-2020-13615 | Qore | Improper Certificate Validation vulnerability in Qore lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates. | 4.3 |
2020-05-26 | CVE-2020-8170 | UI | Cross-site Scripting vulnerability in UI Airos We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. | 4.3 |
2020-05-29 | CVE-2020-7650 | Synk | Information Exposure vulnerability in Synk Broker All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. | 4.0 |
2020-05-29 | CVE-2020-7648 | Synk | Information Exposure vulnerability in Synk Broker All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. | 4.0 |
2020-05-29 | CVE-2020-7653 | Synk | Information Exposure vulnerability in Synk Broker All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. | 4.0 |
2020-05-29 | CVE-2020-7652 | Synk | Path Traversal vulnerability in Synk Broker All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. | 4.0 |
2020-05-29 | CVE-2020-7651 | Synk | Information Exposure vulnerability in Synk Broker All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary File Read. | 4.0 |
2020-05-28 | CVE-2020-4248 | IBM | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.0 |
2020-05-28 | CVE-2020-4249 | IBM | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. | 4.0 |
2020-05-28 | CVE-2020-4231 | IBM | Improper Input Validation vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. | 4.0 |
2020-05-28 | CVE-2020-11949 | Vivotek | Information Exposure vulnerability in Vivotek products testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. | 4.0 |
2020-05-27 | CVE-2020-4378 | IBM | Unspecified vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. | 4.0 |
2020-05-27 | CVE-2020-4357 | IBM | Information Exposure vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.0 |
2020-05-27 | CVE-2020-4348 | IBM | Incorrect Authorization vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. | 4.0 |
30 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-28 | CVE-2020-13361 | Qemu Debian Opensuse Canonical | Out-of-bounds Write vulnerability in multiple products In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation. | 3.9 |
2020-05-29 | CVE-2020-11085 | Freerdp Opensuse Debian | Out-of-bounds Read vulnerability in multiple products In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. | 3.5 |
2020-05-29 | CVE-2020-4306 | IBM | Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting. | 3.5 |
2020-05-28 | CVE-2020-13660 | Cmsmadesimple | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name. | 3.5 |
2020-05-28 | CVE-2020-4419 | IBM | Cross-site Scripting vulnerability in IBM Jazz Reporting Service 6.0.6/6.0.6.1/7.0 IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. | 3.5 |
2020-05-28 | CVE-2020-13644 | Pickplugins | Cross-site Scripting vulnerability in Pickplugins Accordion An issue was discovered in the Accordion plugin before 2.2.9 for WordPress. | 3.5 |
2020-05-27 | CVE-2020-4358 | IBM | Cross-site Scripting vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. | 3.5 |
2020-05-26 | CVE-2020-13487 | Bbpress | Cross-site Scripting vulnerability in Bbpress The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. | 3.5 |
2020-05-25 | CVE-2020-13459 | Verbb | Cross-site Scripting vulnerability in Verbb Image Resizer An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. | 3.5 |
2020-05-27 | CVE-2020-10945 | Centreon | Information Exposure vulnerability in Centreon Centreon before 19.10.7 exposes Session IDs in server responses. | 3.3 |
2020-05-28 | CVE-2020-13362 | Qemu Debian Opensuse Canonical | Out-of-bounds Read vulnerability in multiple products In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. | 3.2 |
2020-05-29 | CVE-2020-11043 | Freerdp Opensuse Debian | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. | 2.7 |
2020-05-29 | CVE-2020-11040 | Freerdp Opensuse Debian | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. | 2.7 |
2020-05-29 | CVE-2020-11041 | Freerdp Opensuse Debian | Improper Validation of Array Index vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). | 2.7 |
2020-05-28 | CVE-2020-5357 | Dell | Uncontrolled Search Path Element vulnerability in Dell products Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. | 2.6 |
2020-05-29 | CVE-2020-8482 | ABB | Insecure Storage of Sensitive Information vulnerability in ABB Device Library Wizard 6.0.3.2/6.1.0 Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data | 2.1 |
2020-05-29 | CVE-2020-3959 | Vmware | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in the VMCI module. | 2.1 |
2020-05-29 | CVE-2020-3958 | Vmware | Improper Input Validation vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerability in the shader functionality. | 2.1 |
2020-05-29 | CVE-2020-1833 | Huawei | Improper Authentication vulnerability in Huawei Honor 9X Firmware Honor 9X smartphones with versions earlier than 9.1.1.172(C00E170R8P1) have an improper authentication vulnerability. | 2.1 |
2020-05-29 | CVE-2020-1809 | Huawei | Information Exposure vulnerability in Huawei Mate 10 Firmware HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability. | 2.1 |
2020-05-29 | CVE-2020-1797 | Huawei | Incorrect Authorization vulnerability in Huawei Mate 20 Firmware HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. | 2.1 |
2020-05-29 | CVE-2020-1798 | Huawei | Improper Authentication vulnerability in Huawei P30 Firmware HUAWEI P30 smartphones with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. | 2.1 |
2020-05-29 | CVE-2020-5573 | Cybozu | Information Exposure vulnerability in Cybozu Kintone Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors. | 2.1 |
2020-05-29 | CVE-2020-5572 | Cybozu | Information Exposure vulnerability in Cybozu Mailwise 1.0.1 Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors. | 2.1 |
2020-05-27 | CVE-2020-13253 | Qemu Canonical Debian | Out-of-bounds Read vulnerability in multiple products sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. | 2.1 |
2020-05-27 | CVE-2019-20806 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 5.2. | 2.1 |
2020-05-26 | CVE-2020-12392 | Mozilla Canonical | Path Traversal vulnerability in multiple products The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. | 2.1 |
2020-05-26 | CVE-2020-12394 | Mozilla | Unspecified vulnerability in Mozilla Firefox A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. | 2.1 |
2020-05-26 | CVE-2020-3812 | Netqmail Debian Canonical | Improper Privilege Management vulnerability in multiple products qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. | 2.1 |
2020-05-29 | CVE-2020-1831 | Huawei | Incorrect Authorization vulnerability in Huawei Mate 20 Firmware HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. | 1.9 |