Weekly Vulnerabilities Reports > May 25 to 31, 2020
Overview
133 new vulnerabilities reported during this period, including 18 critical vulnerabilities and 42 high severity vulnerabilities. This weekly summary report vulnerabilities in 337 products from 64 vendors including Debian, IBM, Opensuse, Canonical, and Freerdp. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "OS Command Injection", "Path Traversal", and "Improper Certificate Validation".
- 98 reported vulnerabilities are remotely exploitables.
- 43 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 69 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 24 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 6 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
18 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-29 | CVE-2020-12493 | Swarco | Unspecified vulnerability in Swarco CPU Ls4000 Firmware G4 An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... | 10.0 |
2020-05-26 | CVE-2020-12389 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. | 10.0 |
2020-05-26 | CVE-2020-12388 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. | 10.0 |
2020-05-27 | CVE-2020-11075 | Anchore | Unspecified vulnerability in Anchore Engine 0.7.0 In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. | 9.9 |
2020-05-29 | CVE-2020-11844 | Microfocus | Incorrect Authorization vulnerability in Microfocus Service Management Automation Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. | 9.8 |
2020-05-29 | CVE-2020-13693 | Bbpress | Unspecified vulnerability in Bbpress An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled. | 9.8 |
2020-05-28 | CVE-2019-6342 | Drupal | Unspecified vulnerability in Drupal 8.7.4 An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. | 9.8 |
2020-05-28 | CVE-2020-11079 | Node DNS Sync Project | Command Injection vulnerability in Node-Dns-Sync Project Node-Dns-Sync 0.1.3 node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . | 9.8 |
2020-05-28 | CVE-2020-7812 | Kaoni | Download of Code Without Integrity Check vulnerability in Kaoni Ezhttptrans 1.0.0.70 Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download arbitrary file by setting the arguments to the activex method. | 9.8 |
2020-05-27 | CVE-2020-8606 | Trendmicro | Improper Authentication vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance. | 9.8 |
2020-05-26 | CVE-2020-6831 | Mozilla Canonical Debian Opensuse | Out-of-bounds Write vulnerability in multiple products A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. | 9.8 |
2020-05-26 | CVE-2020-12390 | Mozilla | Deserialization of Untrusted Data vulnerability in Mozilla Firefox Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. | 9.8 |
2020-05-26 | CVE-2020-12396 | Mozilla | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 75. | 9.8 |
2020-05-26 | CVE-2020-12395 | Mozilla Canonical | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. | 9.8 |
2020-05-26 | CVE-2020-8171 | UI | OS Command Injection vulnerability in UI Airos We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:There are certain end-points containing functionalities that are vulnerable to command injection. | 9.8 |
2020-05-25 | CVE-2020-13442 | Dext5 | Unrestricted Upload of File with Dangerous Type vulnerability in Dext5 2.7.1402870 A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. | 9.8 |
2020-05-25 | CVE-2020-5537 | Cybozu | Improper Input Validation vulnerability in Cybozu Desktop Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors. | 9.8 |
2020-05-25 | CVE-2020-13485 | Verbb | Incorrect Comparison vulnerability in Verbb Knock The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header. | 9.1 |
42 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-29 | CVE-2020-1832 | Huawei | Out-of-bounds Write vulnerability in Huawei E6878-370 Firmware 10.0.3.1(H557Sp27C233)/10.0.3.1(H563Sp1C233) E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. | 8.8 |
2020-05-29 | CVE-2020-12675 | Mappresspro | Unrestricted Upload of File with Dangerous Type vulnerability in Mappresspro Mappress The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. | 8.8 |
2020-05-28 | CVE-2020-11950 | Vivotek | OS Command Injection vulnerability in Vivotek products VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). | 8.8 |
2020-05-28 | CVE-2020-13643 | Siteorigin | Cross-Site Request Forgery (CSRF) vulnerability in Siteorigin Page Builder An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. | 8.8 |
2020-05-28 | CVE-2020-13642 | Siteorigin | Cross-Site Request Forgery (CSRF) vulnerability in Siteorigin Page Builder An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. | 8.8 |
2020-05-28 | CVE-2020-13641 | Infolific | Cross-Site Request Forgery (CSRF) vulnerability in Infolific Real-Time Find and Replace An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. | 8.8 |
2020-05-27 | CVE-2020-8605 | Trendmicro | OS Command Injection vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. | 8.8 |
2020-05-27 | CVE-2020-6774 | Bosch | Exposure of Resource to Wrong Sphere vulnerability in Bosch Recording Station Firmware Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system. | 8.8 |
2020-05-26 | CVE-2020-8168 | UI | Cross-Site Request Forgery (CSRF) vulnerability in UI Airos We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Attackers can abuse multiple end-points not protected against cross-site request forgery (CSRF), as a result authenticated users can be persuaded to visit malicious web pages, which allows attackers to perform arbitrary actions, such as downgrade the device's firmware to older versions, modify configuration, upload arbitrary firmware, exfiltrate files and tokens.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. | 8.8 |
2020-05-25 | CVE-2020-13458 | Verbb | Cross-Site Request Forgery (CSRF) vulnerability in Verbb Image Resizer An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. | 8.8 |
2020-05-26 | CVE-2020-12387 | Mozilla | Use After Free vulnerability in Mozilla Thunderbird A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. | 8.1 |
2020-05-29 | CVE-2020-13634 | Youhua | Improper Input Validation vulnerability in Youhua Windows Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558 | 7.8 |
2020-05-28 | CVE-2020-13173 | Teradici | Race Condition vulnerability in Teradici Pcoip Graphics Agent and Pcoip Standard Agent Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe. | 7.8 |
2020-05-27 | CVE-2020-10936 | Sympa Fedoraproject Debian Canonical | Improper Privilege Management vulnerability in multiple products Sympa before 6.2.56 allows privilege escalation. | 7.8 |
2020-05-26 | CVE-2020-9046 | Johnsoncontrols | Improper Privilege Management vulnerability in Johnsoncontrols Kantech Entrapass 8.22 A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files. | 7.8 |
2020-05-26 | CVE-2020-12393 | Mozilla | OS Command Injection vulnerability in Mozilla Firefox The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. | 7.8 |
2020-05-29 | CVE-2020-7654 | Synk | Information Exposure Through Log Files vulnerability in Synk Broker All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. | 7.5 |
2020-05-29 | CVE-2020-6937 | Mulesoft | Unspecified vulnerability in Mulesoft Mule Runtime A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion. | 7.5 |
2020-05-29 | CVE-2020-1870 | Huawei | Missing Release of Resource after Effective Lifetime vulnerability in Huawei products There is a denial of service vulnerability in some Huawei products. | 7.5 |
2020-05-28 | CVE-2020-8330 | Lenovo | Unspecified vulnerability in Lenovo products A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, preventing subsequent print jobs until the printer is rebooted. | 7.5 |
2020-05-28 | CVE-2020-8329 | Lenovo | Unspecified vulnerability in Lenovo products A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, causing an error to be displayed and preventing printer from functioning until the printer is rebooted. | 7.5 |
2020-05-28 | CVE-2020-4245 | IBM | Weak Password Requirements vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |
2020-05-28 | CVE-2020-4232 | IBM | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system. | 7.5 |
2020-05-28 | CVE-2020-13649 | Jerryscript | Reachable Assertion vulnerability in Jerryscript 2.2.0 parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure. | 7.5 |
2020-05-27 | CVE-2020-8604 | Trendmicro | Path Traversal vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations. | 7.5 |
2020-05-27 | CVE-2020-11059 | Aegir Project | Information Exposure vulnerability in Aegir Project Aegir In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir publish and aegir build may leak secrets from environment variables in the browser bundle published to npm. | 7.5 |
2020-05-27 | CVE-2020-4379 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2020-05-27 | CVE-2020-4350 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2020-05-27 | CVE-2020-4349 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2020-05-27 | CVE-2020-4226 | IBM | Information Exposure vulnerability in IBM Mobilefirst Platform Foundation 8.0.0.0 IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters. | 7.5 |
2020-05-27 | CVE-2020-13623 | Jerryscript | Resource Exhaustion vulnerability in Jerryscript 2.2.0 JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation. | 7.5 |
2020-05-27 | CVE-2020-13622 | Jerryscript | Reachable Assertion vulnerability in Jerryscript 2.2.0 JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data. | 7.5 |
2020-05-26 | CVE-2020-6830 | Mozilla | Information Exposure vulnerability in Mozilla Firefox For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. | 7.5 |
2020-05-26 | CVE-2020-12391 | Mozilla | Incorrect Authorization vulnerability in Mozilla Firefox Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. | 7.5 |
2020-05-26 | CVE-2020-3811 | Netqmail Debian Canonical | Incorrect Authorization vulnerability in multiple products qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. | 7.5 |
2020-05-25 | CVE-2020-13482 | EM Http Request Project Fedoraproject | Improper Certificate Validation vulnerability in multiple products EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. | 7.4 |
2020-05-27 | CVE-2020-13386 | Smartdraw | Incorrect Permission Assignment for Critical Resource vulnerability in Smartdraw 2020 27.0.0.0 In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. | 7.3 |
2020-05-29 | CVE-2020-8816 | PI Hole | OS Command Injection vulnerability in Pi-Hole Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease. | 7.2 |
2020-05-28 | CVE-2020-4246 | IBM | XXE vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
2020-05-29 | CVE-2020-3957 | Vmware | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare Fusion, Horizon Client and Remote Console VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. | 7.0 |
2020-05-29 | CVE-2020-4352 | IBM | Unspecified vulnerability in IBM MQ for HPE Nonstop 8.0.4/8.1.0 IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. | 7.0 |
2020-05-27 | CVE-2020-13630 | Sqlite Fedoraproject Canonical Netapp Brocade Debian Siemens Apple Oracle | Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | 7.0 |
61 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-29 | CVE-2020-11039 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. | 6.8 |
2020-05-29 | CVE-2020-7650 | Synk | Path Traversal vulnerability in Synk Broker All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. | 6.5 |
2020-05-29 | CVE-2020-7648 | Synk | Path Traversal vulnerability in Synk Broker All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. | 6.5 |
2020-05-29 | CVE-2020-7653 | Synk | Link Following vulnerability in Synk Broker All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. | 6.5 |
2020-05-29 | CVE-2020-7652 | Synk | Path Traversal vulnerability in Synk Broker All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. | 6.5 |
2020-05-29 | CVE-2020-11019 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. | 6.5 |
2020-05-29 | CVE-2020-11018 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. | 6.5 |
2020-05-29 | CVE-2020-11017 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. | 6.5 |
2020-05-28 | CVE-2020-4249 | IBM | Incorrect Authorization vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. | 6.5 |
2020-05-28 | CVE-2020-4231 | IBM | Improper Input Validation vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. | 6.5 |
2020-05-28 | CVE-2020-11949 | Vivotek | Unspecified vulnerability in Vivotek products testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. | 6.5 |
2020-05-28 | CVE-2020-13645 | Gnome Canonical Fedoraproject Netapp Broadcom | Improper Certificate Validation vulnerability in multiple products In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. | 6.5 |
2020-05-27 | CVE-2020-4348 | IBM | Missing Authorization vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. | 6.5 |
2020-05-26 | CVE-2020-10719 | Redhat Netapp | HTTP Request Smuggling vulnerability in multiple products A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. | 6.5 |
2020-05-27 | CVE-2020-10737 | Redhat | Race Condition vulnerability in Redhat Oddjob A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the homedir path. | 6.3 |
2020-05-29 | CVE-2020-4490 | IBM | Unspecified vulnerability in IBM products IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. | 6.1 |
2020-05-28 | CVE-2020-11082 | Kaminari Project Debian | In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. | 6.1 |
2020-05-27 | CVE-2020-8603 | Trendmicro | Cross-site Scripting vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. | 6.1 |
2020-05-27 | CVE-2020-13633 | Fork CMS | Cross-site Scripting vulnerability in Fork-Cms Fork CMS Fork before 5.8.3 allows XSS via navigation_title or title. | 6.1 |
2020-05-27 | CVE-2020-13628 | Centreon | Cross-site Scripting vulnerability in Centreon products Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. | 6.1 |
2020-05-27 | CVE-2020-13627 | Centreon | Cross-site Scripting vulnerability in Centreon products Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. | 6.1 |
2020-05-27 | CVE-2020-10946 | Centreon | Cross-site Scripting vulnerability in Centreon products Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. | 6.1 |
2020-05-26 | CVE-2020-8170 | UI | Cross-site Scripting vulnerability in UI Airos We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. | 6.1 |
2020-05-26 | CVE-2020-10751 | Kernel Redhat | A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. | 6.1 |
2020-05-25 | CVE-2020-13486 | Verbb | Open Redirect vulnerability in Verbb Knock The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection. | 6.1 |
2020-05-28 | CVE-2020-5357 | Dell | Uncontrolled Search Path Element vulnerability in Dell products Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. | 6.0 |
2020-05-28 | CVE-2020-13245 | Netgear | Improper Certificate Validation vulnerability in Netgear products Certain NETGEAR devices are affected by Missing SSL Certificate Validation. | 5.9 |
2020-05-26 | CVE-2020-13616 | Pichi Project | Improper Certificate Validation vulnerability in Pichi Project Pichi The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification. | 5.9 |
2020-05-26 | CVE-2020-13615 | Qore | Improper Certificate Validation vulnerability in Qore lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates. | 5.9 |
2020-05-26 | CVE-2020-13614 | Axel Project Fedoraproject Opensuse | Improper Certificate Validation vulnerability in multiple products An issue was discovered in ssl.c in Axel before 2.17.8. | 5.9 |
2020-05-29 | CVE-2020-8482 | ABB | Insecure Storage of Sensitive Information vulnerability in ABB Device Library Wizard 6.0.3.2/6.1.0 Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data | 5.5 |
2020-05-29 | CVE-2020-3958 | Vmware | Reachable Assertion vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerability in the shader functionality. | 5.5 |
2020-05-29 | CVE-2020-11089 | Freerdp Opensuse Debian | In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). | 5.5 |
2020-05-27 | CVE-2020-13632 | Sqlite Fedoraproject Canonical Netapp Brocade Debian Siemens Oracle | NULL Pointer Dereference vulnerability in multiple products ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. | 5.5 |
2020-05-27 | CVE-2020-13631 | Sqlite Fedoraproject Canonical Netapp Brocade Siemens Apple Oracle | SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. | 5.5 |
2020-05-27 | CVE-2020-13253 | Qemu Canonical Debian | Out-of-bounds Read vulnerability in multiple products sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. | 5.5 |
2020-05-26 | CVE-2020-12392 | Mozilla Canonical | Path Traversal vulnerability in multiple products The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. | 5.5 |
2020-05-26 | CVE-2020-3812 | Netqmail Debian Canonical | Improper Privilege Management vulnerability in multiple products qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. | 5.5 |
2020-05-29 | CVE-2020-11088 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. | 5.4 |
2020-05-29 | CVE-2020-11087 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. | 5.4 |
2020-05-29 | CVE-2020-11086 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. | 5.4 |
2020-05-29 | CVE-2020-11038 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. | 5.4 |
2020-05-29 | CVE-2020-4306 | IBM | Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting. | 5.4 |
2020-05-28 | CVE-2020-4419 | IBM | Cross-site Scripting vulnerability in IBM Jazz Reporting Service 6.0.6/6.0.6.1/7.0 IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. | 5.4 |
2020-05-28 | CVE-2020-13644 | Pickplugins | Cross-site Scripting vulnerability in Pickplugins Accordion An issue was discovered in the Accordion plugin before 2.2.9 for WordPress. | 5.4 |
2020-05-27 | CVE-2020-4358 | IBM | Cross-site Scripting vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. | 5.4 |
2020-05-25 | CVE-2020-13459 | Verbb | Cross-site Scripting vulnerability in Verbb Image Resizer An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. | 5.4 |
2020-05-28 | CVE-2020-4244 | IBM | Unspecified vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow an unauthorized user to obtain sensitive information through user enumeration. | 5.3 |
2020-05-28 | CVE-2020-4233 | IBM | Missing Encryption of Sensitive Data vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. | 5.3 |
2020-05-28 | CVE-2019-20807 | VIM Debian Opensuse Canonical Apple Starwindsoftware | OS Command Injection vulnerability in multiple products In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). | 5.3 |
2020-05-27 | CVE-2020-4378 | IBM | Unspecified vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. | 4.9 |
2020-05-28 | CVE-2020-13660 | Cmsmadesimple | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name. | 4.8 |
2020-05-26 | CVE-2020-13487 | Bbpress | Cross-site Scripting vulnerability in Bbpress The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. | 4.8 |
2020-05-29 | CVE-2020-1809 | Huawei | Unspecified vulnerability in Huawei Mate 10 Firmware HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability. | 4.6 |
2020-05-29 | CVE-2020-1798 | Huawei | Improper Authentication vulnerability in Huawei P30 Firmware HUAWEI P30 smartphones with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. | 4.6 |
2020-05-29 | CVE-2020-5573 | Cybozu | Information Exposure vulnerability in Cybozu Kintone Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors. | 4.6 |
2020-05-29 | CVE-2020-5572 | Cybozu | Information Exposure vulnerability in Cybozu Mailwise 1.0.1 Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors. | 4.6 |
2020-05-27 | CVE-2019-20806 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 5.2. | 4.4 |
2020-05-29 | CVE-2020-7651 | Synk | Path Traversal vulnerability in Synk Broker All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary File Read. | 4.3 |
2020-05-27 | CVE-2020-10945 | Centreon | Information Exposure vulnerability in Centreon and Widget-Host-Monitoring Centreon before 19.10.7 exposes Session IDs in server responses. | 4.3 |
2020-05-27 | CVE-2020-4357 | IBM | Information Exposure Through an Error Message vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
12 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-05-28 | CVE-2020-13361 | Qemu Debian Opensuse Canonical | Out-of-bounds Write vulnerability in multiple products In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation. | 3.9 |
2020-05-29 | CVE-2020-11085 | Freerdp Opensuse Debian | In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. | 3.5 |
2020-05-29 | CVE-2020-3959 | Vmware | Memory Leak vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in the VMCI module. | 3.3 |
2020-05-26 | CVE-2020-12394 | Mozilla | Unspecified vulnerability in Mozilla Firefox A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. | 3.3 |
2020-05-28 | CVE-2020-13362 | Qemu Debian Opensuse Canonical | Out-of-bounds Read vulnerability in multiple products In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. | 3.2 |
2020-05-29 | CVE-2020-11043 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. | 2.7 |
2020-05-29 | CVE-2020-11040 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. | 2.7 |
2020-05-29 | CVE-2020-11041 | Freerdp Opensuse Debian | In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). | 2.7 |
2020-05-28 | CVE-2020-4248 | IBM | Information Exposure Through an Error Message vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
2020-05-29 | CVE-2020-1831 | Huawei | Incorrect Authorization vulnerability in Huawei Mate 20 Firmware HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. | 2.4 |
2020-05-29 | CVE-2020-1833 | Huawei | Improper Authentication vulnerability in Huawei Honor 9X Firmware Honor 9X smartphones with versions earlier than 9.1.1.172(C00E170R8P1) have an improper authentication vulnerability. | 2.4 |
2020-05-29 | CVE-2020-1797 | Huawei | Unspecified vulnerability in Huawei Mate 20 Firmware HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. | 2.4 |