Weekly Vulnerabilities Reports > June 22 to 28, 2020

Overview

340 new vulnerabilities reported during this period, including 63 critical vulnerabilities and 58 high severity vulnerabilities. This weekly summary report vulnerabilities in 377 products from 122 vendors including Adobe, Canonical, Opensuse, Qualcomm, and Fedoraproject. Vulnerabilities are notably categorized as "Out-of-bounds Write", "Out-of-bounds Read", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Information Exposure".

  • 264 reported vulnerabilities are remotely exploitables.
  • 9 reported vulnerabilities have public exploit available.
  • 79 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 271 reported vulnerabilities are exploitable by an anonymous user.
  • Adobe has the most reported vulnerabilities, with 86 reported vulnerabilities.
  • Adobe has the most reported critical vulnerabilities, with 42 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

63 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-06-26 CVE-2020-9632 Magento Unspecified vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability.

10.0
2020-06-26 CVE-2020-9631 Magento Unspecified vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability.

10.0
2020-06-26 CVE-2020-15348 Zyxel Injection vulnerability in Zyxel Cloud CNM Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code.

10.0
2020-06-24 CVE-2020-10272 Aliasrobotics
Mobile Industrial Robotics
Enabled Robotics
UVD Robots
Missing Authentication for Critical Function vulnerability in multiple products

MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication.

10.0
2020-06-22 CVE-2020-13159 Articatech OS Command Injection vulnerability in Articatech Artica Proxy 4.28.030.418/4.28.030418

Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclient_mac, Hostname, or Alias field.

10.0
2020-06-22 CVE-2020-3628 Qualcomm Improper Privilege Management vulnerability in Qualcomm Apq8053 Firmware, Rennell Firmware and Sdx20 Firmware

Improper access due to socket opened by the logging application without specifying localhost address in Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, Rennell, SDX20

10.0
2020-06-22 CVE-2019-14062 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SA415M, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

10.0
2020-06-25 CVE-2018-21268 Traceroute Project Injection vulnerability in Traceroute Project Traceroute

The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter.

9.8
2020-06-24 CVE-2020-14473 Draytek Out-of-bounds Write vulnerability in Draytek products

Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and Vigor300B with firmware before 1.5.1.1.

9.8
2020-06-23 CVE-2020-9480 Apache
Oracle
Missing Authentication for Critical Function vulnerability in multiple products

In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret.

9.8
2020-06-23 CVE-2020-14993 Draytek Out-of-bounds Write vulnerability in Draytek products

A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.

9.8
2020-06-22 CVE-2020-14983 Chocolate Doom
Opensuse
Classic Buffer Overflow vulnerability in multiple products

The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow.

9.8
2020-06-22 CVE-2020-11989 Apache Unspecified vulnerability in Apache Shiro

Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass.

9.8
2020-06-22 CVE-2020-14968 Jsrsasign Project
Netapp
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An issue was discovered in the jsrsasign package before 8.0.17 for Node.js.

9.8
2020-06-22 CVE-2020-14967 Jsrsasign Project
Netapp
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An issue was discovered in the jsrsasign package before 8.0.18 for Node.js.

9.8
2020-06-26 CVE-2020-9574 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability.

9.3
2020-06-26 CVE-2020-9573 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability.

9.3
2020-06-26 CVE-2020-9572 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability.

9.3
2020-06-26 CVE-2020-9571 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability.

9.3
2020-06-26 CVE-2020-9570 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability.

9.3
2020-06-26 CVE-2020-9569 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability.

9.3
2020-06-26 CVE-2020-9568 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability.

9.3
2020-06-26 CVE-2020-9567 Adobe Use After Free vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability.

9.3
2020-06-26 CVE-2020-9566 Adobe Use After Free vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability.

9.3
2020-06-26 CVE-2020-9565 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability.

9.3
2020-06-26 CVE-2020-9564 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability.

9.3
2020-06-26 CVE-2020-9563 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability.

9.3
2020-06-26 CVE-2020-9562 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability.

9.3
2020-06-26 CVE-2020-9561 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability.

9.3
2020-06-26 CVE-2020-9560 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability.

9.3
2020-06-26 CVE-2020-9559 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability.

9.3
2020-06-26 CVE-2020-9556 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability.

9.3
2020-06-26 CVE-2020-9555 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have a stack-based buffer overflow vulnerability.

9.3
2020-06-26 CVE-2020-9554 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability.

9.3
2020-06-26 CVE-2020-9621 Adobe Out-of-bounds Write vulnerability in Adobe Digital Negative Software Development KIT 1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability.

9.3
2020-06-26 CVE-2020-9620 Adobe Out-of-bounds Write vulnerability in Adobe Digital Negative Software Development KIT 1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability.

9.3
2020-06-26 CVE-2020-9590 Adobe Out-of-bounds Write vulnerability in Adobe Digital Negative Software Development KIT 1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability.

9.3
2020-06-26 CVE-2020-9589 Adobe Out-of-bounds Write vulnerability in Adobe Digital Negative Software Development KIT 1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability.

9.3
2020-06-26 CVE-2020-9586 Adobe Classic Buffer Overflow vulnerability in Adobe Character Animator 2.1/3.2

Adobe Character Animator versions 3.2 and earlier have a buffer overflow vulnerability.

9.3
2020-06-25 CVE-2020-9662 Adobe Out-of-bounds Write vulnerability in Adobe After Effects

Adobe After Effects versions 17.1 and earlier have an out-of-bounds write vulnerability.

9.3
2020-06-25 CVE-2020-9661 Adobe Out-of-bounds Read vulnerability in Adobe After Effects

Adobe After Effects versions 17.1 and earlier have an out-of-bounds read vulnerability.

9.3
2020-06-25 CVE-2020-9660 Adobe Out-of-bounds Write vulnerability in Adobe After Effects

Adobe After Effects versions 17.1 and earlier have an out-of-bounds write vulnerability.

9.3
2020-06-25 CVE-2020-9659 Adobe Out-of-bounds Write vulnerability in Adobe Audition 13.0.5/13.0.6

Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write vulnerability.

9.3
2020-06-25 CVE-2020-9658 Adobe Out-of-bounds Write vulnerability in Adobe Audition 13.0.5/13.0.6

Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write vulnerability.

9.3
2020-06-25 CVE-2020-9657 Adobe Out-of-bounds Write vulnerability in Adobe Premiere Rush 1.5.12/1.5.8

Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds write vulnerability.

9.3
2020-06-25 CVE-2020-9656 Adobe Out-of-bounds Write vulnerability in Adobe Premiere Rush 1.5.12/1.5.8

Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds write vulnerability.

9.3
2020-06-25 CVE-2020-9655 Adobe Out-of-bounds Read vulnerability in Adobe Premiere Rush 1.5.12

Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds read vulnerability.

9.3
2020-06-25 CVE-2020-9654 Adobe Out-of-bounds Write vulnerability in Adobe Premiere PRO 14.1/14.2

Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds write vulnerability.

9.3
2020-06-25 CVE-2020-9653 Adobe Out-of-bounds Write vulnerability in Adobe Premiere PRO 14.1/14.2

Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds write vulnerability.

9.3
2020-06-25 CVE-2020-9652 Adobe Out-of-bounds Read vulnerability in Adobe Premiere PRO 14.1/14.2

Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds read vulnerability.

9.3
2020-06-25 CVE-2020-9642 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator

Adobe Illustrator versions 24.1.2 and earlier have a buffer errors vulnerability.

9.3
2020-06-25 CVE-2020-9641 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator

Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability.

9.3
2020-06-25 CVE-2020-9640 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator

Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability.

9.3
2020-06-25 CVE-2020-9639 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator

Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability.

9.3
2020-06-25 CVE-2020-9638 Adobe Out-of-bounds Write vulnerability in Adobe After Effects

Adobe After Effects versions 17.1 and earlier have a heap overflow vulnerability.

9.3
2020-06-25 CVE-2020-9637 Adobe Out-of-bounds Write vulnerability in Adobe After Effects

Adobe After Effects versions 17.1 and earlier have a heap overflow vulnerability.

9.3
2020-06-25 CVE-2020-9575 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Illustrator

Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability.

9.3
2020-06-23 CVE-2020-14978 F Secure Missing Authorization vulnerability in F-Secure Safe 17.7

An issue was discovered in F-Secure SAFE 17.7 on macOS.

9.3
2020-06-23 CVE-2020-14977 F Secure Improper Input Validation vulnerability in F-Secure Safe 17.7

An issue was discovered in F-Secure SAFE 17.7 on macOS.

9.3
2020-06-26 CVE-2020-9047 Johnsoncontrols Improper Verification of Cryptographic Signature vulnerability in Johnsoncontrols products

A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior.

9.0
2020-06-25 CVE-2019-19505 Tendacn Out-of-bounds Write vulnerability in Tendacn PA6 Firmware 1.0.1.21

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI.

9.0
2020-06-25 CVE-2019-16213 Tendacn OS Command Injection vulnerability in Tendacn PA6 Firmware 1.0.1.21

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system.

9.0
2020-06-22 CVE-2020-4066 Limdu Project OS Command Injection vulnerability in Limdu Project Limdu

In Limdu before 0.95, the trainBatch function has a command injection vulnerability.

9.0

58 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-06-24 CVE-2020-15046 Supermicro Cross-Site Request Forgery (CSRF) vulnerability in Supermicro X10Drh-It Bios and X10Drh-It Firmware

The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to add new admin users.

8.8
2020-06-24 CVE-2020-14005 Solarwinds Unspecified vulnerability in Solarwinds products

Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute arbitrary code via a defined event.

8.8
2020-06-24 CVE-2020-12861 Sane Project
Canonical
Opensuse
Out-of-bounds Write vulnerability in multiple products

A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.

8.8
2020-06-22 CVE-2020-14461 Zyxel Path Traversal vulnerability in Zyxel Wap6806 Firmware 1.00(Abal.6)C0

Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI.

8.6
2020-06-24 CVE-2020-13247 Boolebox Injection vulnerability in Boolebox

BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area.

8.5
2020-06-25 CVE-2020-11538 Python
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

8.1
2020-06-23 CVE-2020-5367 Dell Improper Certificate Validation vulnerability in Dell products

Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability.

8.1
2020-06-24 CVE-2020-12865 Sane Project
Debian
Canonical
Opensuse
Out-of-bounds Write vulnerability in multiple products

A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.

8.0
2020-06-22 CVE-2020-10736 Linuxfoundation Unspecified vulnerability in Linuxfoundation Ceph 15.2.0/15.2.1

An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources.

8.0
2020-06-25 CVE-2019-19506 Tendacn Infinite Loop vulnerability in Tendacn PA6 Firmware 1.0.1.21

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process.

7.8
2020-06-25 CVE-2020-10379 Python
Fedoraproject
Canonical
Classic Buffer Overflow vulnerability in multiple products

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.

7.8
2020-06-22 CVE-2020-8933 Google
Opensuse
Incorrect Default Permissions vulnerability in multiple products

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root.

7.8
2020-06-22 CVE-2020-8907 Google
Opensuse
Incorrect Default Permissions vulnerability in multiple products

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root.

7.8
2020-06-22 CVE-2020-8903 Google
Opensuse
Incorrect Default Permissions vulnerability in multiple products

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root.

7.8
2020-06-22 CVE-2020-4062 Cyberark Unspecified vulnerability in Cyberark Conjur OSS Helm Chart

In Conjur OSS Helm Chart before 2.0.0, a recently identified critical vulnerability resulted in the installation of the Conjur Postgres database with an open port.

7.7
2020-06-26 CVE-2020-9630 Magento Improper Privilege Management vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a business logic error vulnerability.

7.5
2020-06-26 CVE-2020-9585 Magento Unspecified vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability.

7.5
2020-06-26 CVE-2020-9583 Magento OS Command Injection vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability.

7.5
2020-06-26 CVE-2020-9582 Magento OS Command Injection vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability.

7.5
2020-06-26 CVE-2020-9580 Magento Unspecified vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability.

7.5
2020-06-26 CVE-2020-9579 Magento Unspecified vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability.

7.5
2020-06-26 CVE-2020-9578 Magento OS Command Injection vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability.

7.5
2020-06-26 CVE-2020-9576 Magento OS Command Injection vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability.

7.5
2020-06-26 CVE-2020-11996 Apache
Canonical
Oracle
Opensuse
Debian
Netapp
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds.
7.5
2020-06-24 CVE-2020-14472 Draytek Command Injection vulnerability in Draytek products

On Draytek Vigor3900, Vigor2960, and Vigor 300B devices before 1.5.1.1, there are some command-injection vulnerabilities in the mainfunction.cgi file.

7.5
2020-06-24 CVE-2020-11960 MI Unspecified vulnerability in MI Xiaomi R3600 Firmware

Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability when checking backup file in c_upload interface let attacker able to extract malicious file under any location in /tmp, lead to possible RCE and DoS

7.5
2020-06-24 CVE-2020-10561 MI Injection vulnerability in MI Mijia Inkjet Printer Firmware

An issue was discovered on Xiaomi Mi Jia ink-jet printer < 3.4.6_0138.

7.5
2020-06-24 CVE-2020-14095 MI Injection vulnerability in MI Xiaomi R3600 Firmware

In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution.

7.5
2020-06-24 CVE-2020-14094 MI Injection vulnerability in MI Xiaomi R3600 Firmware

In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution.

7.5
2020-06-24 CVE-2020-13484 Bitrix24 Server-Side Request Forgery (SSRF) vulnerability in Bitrix24 20.0.0/20.0.975

Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta name="og:image" content="' followed by an intranet URL.

7.5
2020-06-24 CVE-2020-15007 Idsoftware
Doom Vanille Project
Classic Buffer Overflow vulnerability in multiple products

A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tech 1 (aka Doom engine) allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument.

7.5
2020-06-24 CVE-2020-10279 Aliasrobotics
Mobile Industrial Robotics
Enabled Robotics
UVD Robots
Insecure Default Initialization of Resource vulnerability in multiple products

MiR robot controllers (central computation unit) makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots.

7.5
2020-06-24 CVE-2020-10276 Mobile Industrial Robots
Easyrobotics
UVD Robots
Use of Hard-coded Credentials vulnerability in multiple products

The password for the safety PLC is the default and thus easy to find (in manuals, etc.).

7.5
2020-06-24 CVE-2020-10275 Mobile Industrial Robots
Easyrobotics
UVD Robots
Inadequate Encryption Strength vulnerability in multiple products

The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface.

7.5
2020-06-23 CVE-2020-14938 Freedroid Out-of-bounds Write vulnerability in Freedroid Freedroidrpg 1.0

An issue was discovered in map.c in FreedroidRPG 1.0rc2.

7.5
2020-06-23 CVE-2020-5594 Mitsubishielectric Cleartext Transmission of Sensitive Information vulnerability in Mitsubishielectric products

Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules all versions contain a vulnerability that allows cleartext transmission of sensitive information between CPU modules and GX Works3 and/or GX Works2 via unspecified vectors.

7.5
2020-06-23 CVE-2020-12782 Openfind Injection vulnerability in Openfind Mailaudit and Mailgates

Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files.

7.5
2020-06-23 CVE-2019-20409 Atlassian Injection vulnerability in Atlassian Jira

The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gain remote code execution if they were able to exploit a server side template injection vulnerability.

7.5
2020-06-22 CVE-2020-4031 Freerdp
Fedoraproject
Opensuse
Canonical
Debian
Use After Free vulnerability in multiple products

In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject.

7.5
2020-06-22 CVE-2020-14944 Globalradar Missing Authorization vulnerability in Globalradar BSA Radar 1.6.7234.24750

Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions.

7.5
2020-06-22 CVE-2020-12053 Unisys Incorrect Authorization vulnerability in Unisys Stealth

In Unisys Stealth 3.4.x, 4.x and 5.x before 5.0.026, if certificate-based authorization is used without HTTPS, an endpoint could be authorized without a private key.

7.5
2020-06-22 CVE-2020-14972 Pisay Online E Learning System Project SQL Injection vulnerability in Pisay Online E-Learning System Project Pisay Online E-Learning System 1.0

Multiple SQL injection vulnerabilities in Sourcecodester Pisay Online E-Learning System 1.0 allow remote unauthenticated attackers to bypass authentication and achieve Remote Code Execution (RCE) via the user_email, user_pass, and id parameters on the admin login-portal and the edit-lessons webpages.

7.5
2020-06-22 CVE-2020-10740 Redhat Deserialization of Untrusted Data vulnerability in Redhat Wildfly

A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise Application Beans(EJB) due to lack of validation/filtering capabilities in wildfly.

7.5
2020-06-22 CVE-2020-4068 Apnswift Project Heap-based Buffer Overflow vulnerability in Apnswift Project Apnswift 1.0.0

In APNSwift 1.0.0, calling APNSwiftSigner.sign(digest:) is likely to result in a heap buffer overflow.

7.5
2020-06-22 CVE-2020-14966 Jsrsasign Project
Netapp
Improper Verification of Cryptographic Signature vulnerability in multiple products

An issue was discovered in the jsrsasign package through 8.0.18 for Node.js.

7.5
2020-06-22 CVE-2020-3663 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

Buffer over-write may occur during fetching track decoder specific information if cb size exceeds buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

7.5
2020-06-22 CVE-2020-3662 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow can occur while parsing eac3 header while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130

7.5
2020-06-22 CVE-2020-3661 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow will happen while parsing mp4 clip with corrupted sample atoms values which exceeds MAX_UINT32 range due to lack of validation checks in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

7.5
2020-06-22 CVE-2020-3660 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130

7.5
2020-06-22 CVE-2020-3614 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574AU, QCA6584AU, QCA9377, QCA9379, QCA9886, QCM2150, QCS405, QCS605, QM215, Rennell, SC7180, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

7.5
2020-06-22 CVE-2019-14080 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, Kamorta, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SA415M, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130

7.5
2020-06-22 CVE-2019-14073 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when processing large data or non-standard feedback messages in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SA415M, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

7.5
2020-06-26 CVE-2020-15351 Idrive Incorrect Default Permissions vulnerability in Idrive

IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES(X86)%\IDriveWindows with weak folder permissions granting any user modify permission (i.e., NT AUTHORITY\Authenticated Users:(OI)(CI)(M)) to the contents of the directory and its sub-folders.

7.2
2020-06-23 CVE-2020-14975 Iobit Improper Privilege Management vulnerability in Iobit Unlocker 1.1.2

The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary files via IOCTL code 0x222124.

7.2
2020-06-22 CVE-2019-14894 Redhat OS Command Injection vulnerability in Redhat Cloudforms Management Engine 5.10/5.11

A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup.

7.2
2020-06-22 CVE-2020-3613 Qualcomm Double Free vulnerability in Qualcomm Sm8150 Firmware

Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150

7.2
2020-06-22 CVE-2019-14047 Qualcomm Improper Input Validation vulnerability in Qualcomm products

While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8096AU, MDM9607, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCS605, SC8180X, SDA845, SDX20, SDX24, SDX55, SM8150, SXR1130

7.2
2020-06-22 CVE-2019-10597 Qualcomm Improper Input Validation vulnerability in Qualcomm products

kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996, MSM8996AU, Nicobar, QCS605, Rennell, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

7.2

186 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-06-25 CVE-2020-9614 Adobe Improper Privilege Management vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability.

6.8
2020-06-25 CVE-2020-9613 Adobe Improper Privilege Management vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability.

6.8
2020-06-25 CVE-2020-9612 Adobe Out-of-bounds Write vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a heap overflow vulnerability.

6.8
2020-06-25 CVE-2020-9607 Adobe Use After Free vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an use-after-free vulnerability.

6.8
2020-06-25 CVE-2020-9605 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a buffer error vulnerability.

6.8
2020-06-25 CVE-2020-9604 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a buffer error vulnerability.

6.8
2020-06-25 CVE-2020-9597 Adobe Out-of-bounds Write vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds write vulnerability.

6.8
2020-06-25 CVE-2020-9596 Adobe Improper Privilege Management vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability.

6.8
2020-06-25 CVE-2020-9594 Adobe Out-of-bounds Write vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds write vulnerability.

6.8
2020-06-25 CVE-2020-9592 Adobe Improper Privilege Management vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability.

6.8
2020-06-24 CVE-2020-15014 Pramod Cross-Site Request Forgery (CSRF) vulnerability in Pramod Blogcms 20191231

pramodmahato BlogCMS through 2019-12-31 has admin/changepass.php CSRF.

6.8
2020-06-23 CVE-2020-13155 Nukeviet Cross-Site Request Forgery (CSRF) vulnerability in Nukeviet 4.4

clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv=webtools&op=clearsystem URI.

6.8
2020-06-23 CVE-2020-14939 Freedroid Improper Input Validation vulnerability in Freedroid Freedroidrpg 1.0

An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2.

6.8
2020-06-22 CVE-2020-6644 Fortinet Insufficient Session Expiration vulnerability in Fortinet Fortideceptor

An insufficient session expiration vulnerability in FortiDeceptor 3.0.0 and below allows an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID via other, hypothetical attacks.

6.8
2020-06-22 CVE-2020-13279 Gitlab Injection vulnerability in Gitlab Gitlab-Vscode-Extension

Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system

6.8
2020-06-22 CVE-2020-14203 IBI Cross-Site Request Forgery (CSRF) vulnerability in IBI Webfocus Business Intelligence 8.0

WebFOCUS Business Intelligence 8.0 (SP6) allows a Cross-Site Request Forgery (CSRF) attack against administrative users within the /ibi_apps/WFServlet(.ibfs) endpoint.

6.8
2020-06-22 CVE-2020-8102 Bitdefender Improper Input Validation vulnerability in Bitdefender Total Security 2020 24.0.12.69

Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process.

6.8
2020-06-23 CVE-2020-14974 Iobit Improper Privilege Management vulnerability in Iobit Unlocker 1.1.2

The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unlock a file and kill processes (even ones running as SYSTEM) that hold a handle, via IOCTL code 0x222124.

6.6
2020-06-26 CVE-2020-9588 Magento Information Exposure Through Discrepancy vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability.

6.5
2020-06-26 CVE-2020-10753 Redhat
Fedoraproject
Opensuse
Linuxfoundation
Canonical
Injection vulnerability in multiple products

A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway).

6.5
2020-06-26 CVE-2019-4650 IBM SQL Injection vulnerability in IBM Maximo Asset Management 7.6.1.1

IBM Maximo Asset Management 7.6.1.1 is vulnerable to SQL injection.

6.5
2020-06-26 CVE-2020-15308 Turnkeylinux SQL Injection vulnerability in Turnkeylinux Support Incident Tracker 3.67

Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter.

6.5
2020-06-24 CVE-2020-13443 Expressionengine Unrestricted Upload of File with Dangerous Type vulnerability in Expressionengine

ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions.

6.5
2020-06-23 CVE-2020-11068 Semtech Classic Buffer Overflow vulnerability in Semtech Loramac-Node

In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked.

6.5
2020-06-22 CVE-2020-4033 Freerdp
Fedoraproject
Opensuse
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS.

6.5
2020-06-22 CVE-2020-4030 Freerdp
Fedoraproject
Opensuse
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse.

6.5
2020-06-22 CVE-2020-14945 Globalradar Unspecified vulnerability in Globalradar BSA Radar 1.6.7234.24750

A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator rights (i.e., the BankAdmin role) via modified SaveUser data.

6.5
2020-06-22 CVE-2020-11099 Freerdp
Opensuse
Fedoraproject
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet.

6.5
2020-06-22 CVE-2020-11098 Freerdp
Fedoraproject
Opensuse
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put.

6.5
2020-06-22 CVE-2020-11096 Freerdp
Fedoraproject
Opensuse
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order.

6.5
2020-06-22 CVE-2020-13887 Kordil Edms Project Unrestricted Upload of File with Dangerous Type vulnerability in Kordil Edms Project Kordil Edms 2.2.60

documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder.

6.5
2020-06-22 CVE-2020-14960 PHP Fusion SQL Injection vulnerability in PHP-Fusion 9.03.50

A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter,

6.5
2020-06-24 CVE-2020-15018 Playsms Session Fixation vulnerability in Playsms

playSMS through 1.4.3 is vulnerable to session fixation.

6.4
2020-06-22 CVE-2020-3658 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

6.4
2020-06-22 CVE-2019-3865 Redhat Cross-site Scripting vulnerability in Redhat Quay 2.0.0

A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay.

6.1
2020-06-23 CVE-2020-12021 Osisoft Cross-site Scripting vulnerability in Osisoft PI web API

In OSIsoft PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely execute arbitrary code.

6.0
2020-06-23 CVE-2020-9438 Tinxy Authentication Bypass by Capture-replay vulnerability in Tinxy Smart Wifi Door Lock Firmware

Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock request that occurred when the attacker was previously authorized.

5.9
2020-06-22 CVE-2020-14981 Vipre Improper Certificate Validation vulnerability in Vipre Password Vault 1.100.1090

The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Validation.

5.9
2020-06-22 CVE-2020-14980 Sophos Improper Certificate Validation vulnerability in Sophos Secure Email 3.9.4

The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation.

5.9
2020-06-23 CVE-2020-12033 Rockwellautomation Improper Input Validation vulnerability in Rockwellautomation Factorytalk Services Platform

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges.

5.8
2020-06-22 CVE-2020-14204 IBI XXE vulnerability in IBI Webfocus Business Intelligence 8.0

In WebFOCUS Business Intelligence 8.0 (SP6), the administration portal allows remote attackers to read arbitrary local files or forge server-side HTTP requests via a crafted HTTP request to /ibi_apps/WFServlet.cfg because XML external entity injection is possible.

5.8
2020-06-24 CVE-2020-12866 Sane Project
Canonical
Opensuse
NULL Pointer Dereference vulnerability in multiple products

A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.

5.7
2020-06-26 CVE-2020-10769 Redhat
Opensuse
Out-of-bounds Read vulnerability in multiple products

A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc.

5.5
2020-06-26 CVE-2020-15306 Openexr
Fedoraproject
Opensuse
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in OpenEXR before v2.5.2.

5.5
2020-06-26 CVE-2020-15305 Openexr
Fedoraproject
Opensuse
Debian
Canonical
Use After Free vulnerability in multiple products

An issue was discovered in OpenEXR before 2.5.2.

5.5
2020-06-26 CVE-2020-15304 Openexr
Fedoraproject
Opensuse
NULL Pointer Dereference vulnerability in multiple products

An issue was discovered in OpenEXR before 2.5.2.

5.5
2020-06-25 CVE-2020-10994 Python
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.

5.5
2020-06-25 CVE-2020-10378 Python
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.

5.5
2020-06-25 CVE-2020-10177 Python
Debian
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.

5.5
2020-06-25 CVE-2020-3963 Vmware Use After Free vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM.

5.5
2020-06-24 CVE-2020-10274 Mobile Industrial Robots
Easyrobotics
UVD Robots
Use of Insufficiently Random Values vulnerability in multiple products

The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly available default credentials from the Control Dashboard (refer to CVE-2020-10270 for related flaws).

5.5
2020-06-23 CVE-2020-5345 Dell Missing Authorization vulnerability in Dell products

Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability.

5.5
2020-06-22 CVE-2020-7262 Mcafee Information Exposure vulnerability in Mcafee Advanced Threat Defense

Improper Access Control vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.10.0 allows local users to view sensitive files via a carefully crafted HTTP request parameter.

5.5
2020-06-24 CVE-2020-15038 Seedprod Cross-site Scripting vulnerability in Seedprod Coming Soon Page, Under Construction & Maintenance Mode

The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS.

5.4
2020-06-23 CVE-2020-14073 Paessler Cross-site Scripting vulnerability in Paessler Prtg Network Monitor 20.1.56.1574

XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map properties.

5.4
2020-06-22 CVE-2020-14943 Globalradar Cross-site Scripting vulnerability in Globalradar BSA Radar 1.6.7234.24750

The Firstname and Lastname parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier are vulnerable to stored cross-site scripting (XSS) via Update User Profile.

5.4
2020-06-22 CVE-2020-11097 Freerdp
Fedoraproject
Opensuse
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES.

5.4
2020-06-22 CVE-2020-11095 Freerdp
Fedoraproject
Opensuse
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES.

5.4
2020-06-22 CVE-2020-1727 Redhat Improper Input Validation vulnerability in Redhat Keycloak

A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters.

5.4
2020-06-24 CVE-2020-14016 Naviwebs Weak Password Recovery Mechanism for Forgotten Password vulnerability in Naviwebs Navigate CMS 2.9

An issue was discovered in Navigate CMS 2.9 r1433.

5.3
2020-06-26 CVE-2013-7489 Beakerbrowser Deserialization of Untrusted Data vulnerability in Beakerbrowser Beaker

The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.

5.2
2020-06-24 CVE-2020-6870 ZTE Unspecified vulnerability in ZTE Netnumen U31 R10 Firmware V12.17.20T115

The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability.

5.2
2020-06-25 CVE-2020-9615 Adobe Race Condition vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a race condition vulnerability.

5.1
2020-06-28 CVE-2020-15363 Nexos Project SQL Injection vulnerability in Nexos Project Nexos

The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection.

5.0
2020-06-26 CVE-2020-9628 Adobe Out-of-bounds Read vulnerability in Adobe DNG Software Development KIT 1.4.2012/1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability.

5.0
2020-06-26 CVE-2020-9627 Adobe Out-of-bounds Read vulnerability in Adobe DNG Software Development KIT 1.4.2012/1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability.

5.0
2020-06-26 CVE-2020-9625 Adobe Out-of-bounds Read vulnerability in Adobe DNG Software Development KIT 1.4.2012/1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability.

5.0
2020-06-26 CVE-2020-9591 Magento Information Exposure vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability.

5.0
2020-06-26 CVE-2020-9587 Magento Incorrect Authorization vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability.

5.0
2020-06-26 CVE-2020-9623 Adobe Out-of-bounds Read vulnerability in Adobe Digital Negative Software Development KIT 1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability.

5.0
2020-06-26 CVE-2020-13891 Mattermost Information Exposure vulnerability in Mattermost

An issue was discovered in Mattermost Mobile Apps before 1.31.2 on iOS.

5.0
2020-06-26 CVE-2020-10628 Honeywell Cleartext Transmission of Sensitive Information vulnerability in Honeywell Controledge PLC Firmware and Controledge RTU Firmware

ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes unencrypted passwords on the network.

5.0
2020-06-26 CVE-2020-10624 Honeywell Cleartext Transmission of Sensitive Information vulnerability in Honeywell Controledge PLC Firmware and Controledge RTU Firmware

ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes a session token on the network.

5.0
2020-06-26 CVE-2020-15336 Zyxel Missing Authentication for Critical Function vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests.

5.0
2020-06-26 CVE-2020-15335 Zyxel Missing Authentication for Critical Function vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests.

5.0
2020-06-25 CVE-2020-9601 Adobe Out-of-bounds Read vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability.

5.0
2020-06-25 CVE-2020-9600 Adobe Out-of-bounds Read vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability.

5.0
2020-06-25 CVE-2020-9599 Adobe Out-of-bounds Read vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability.

5.0
2020-06-25 CVE-2020-4072 Jhipster Improper Output Neutralization for Logs vulnerability in Jhipster Generator-Jhipster-Kotlin 1.6.0

In generator-jhipster-kotlin version 1.6.0 log entries are created for invalid password reset attempts.

5.0
2020-06-25 CVE-2020-15302 Argent Missing Encryption of Sensitive Data vulnerability in Argent Recoverymanager

In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A03970E192, the executeRecovery function does not require any signatures in the zero-guardian case, which allows attackers to cause a denial of service (locking) or a takeover.

5.0
2020-06-25 CVE-2020-11735 Wolfssl Inadequate Encryption Strength vulnerability in Wolfssl

The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak."

5.0
2020-06-24 CVE-2020-11961 MI Information Exposure vulnerability in MI Xiaomi R3600 Firmware

Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface get_config_result without authentication

5.0
2020-06-24 CVE-2020-11959 MI Information Exposure vulnerability in MI Xiaomi R3600 Firmware

An unsafe configuration of nginx lead to information leak in Xiaomi router R3600 ROM before 1.0.50.

5.0
2020-06-24 CVE-2020-9494 Apache
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.

5.0
2020-06-24 CVE-2020-14017 Naviwebs Cleartext Storage of Sensitive Information vulnerability in Naviwebs Navigate CMS 2.9

An issue was discovered in Navigate CMS 2.9 r1433.

5.0
2020-06-24 CVE-2020-14015 Naviwebs Weak Password Recovery Mechanism for Forgotten Password vulnerability in Naviwebs Navigate CMS 2.9

An issue was discovered in Navigate CMS 2.9 r1433.

5.0
2020-06-24 CVE-2020-13700 ACF TO Rest API Project Information Exposure vulnerability in ACF TO Rest API Project ACF TO Rest API

An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress.

5.0
2020-06-24 CVE-2020-4342 IBM Information Exposure vulnerability in IBM Security Secret Server 10.6/10.7/10.7.000059

IBM Security Secret Server 10.7 could disclose sensitive information included in installation files to an unauthorized user.

5.0
2020-06-24 CVE-2020-4341 IBM Information Exposure Through an Error Message vulnerability in IBM Security Secret Server 10.7/10.7.000059

IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.

5.0
2020-06-24 CVE-2020-4327 IBM Information Exposure Through an Error Message vulnerability in IBM Security Secret Server 10.7/10.7.000059

IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.

5.0
2020-06-24 CVE-2020-7667 SAS Path Traversal vulnerability in SAS GO RPM Utils

In package github.com/sassoftware/go-rpmutils/cpio before version 0.1.0, the CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading ".." which leads in file extraction outside of the current directory.

5.0
2020-06-24 CVE-2020-10280 Mobile Industrial Robots
Easyrobotics
UVD Robots
Improper Resource Shutdown or Release vulnerability in multiple products

The Apache server on port 80 that host the web interface is vulnerable to a DoS by spamming incomplete HTTP headers, effectively blocking the access to the dashboard.

5.0
2020-06-24 CVE-2020-10278 Aliasrobotics
Mobile Industrial Robotics
Enabled Robotics
UVD Robots
Improper Authentication vulnerability in multiple products

The BIOS onboard MiR's Computer is not protected by password, therefore, it allows a Bad Operator to modify settings such as boot order.

5.0
2020-06-24 CVE-2020-10273 Aliasrobotics
Mobile Industrial Robotics
Enabled Robotics
UVD Robots
Cleartext Storage of Sensitive Information vulnerability in multiple products

MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way the intellectual property artifacts installed in the robots.

5.0
2020-06-24 CVE-2020-10271 Aliasrobotics
Mobile Industrial Robotics
Enabled Robotics
UVD Robots
Exposure of Resource to Wrong Sphere vulnerability in multiple products

MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph to all network interfaces, wireless and wired.

5.0
2020-06-24 CVE-2020-10270 Aliasrobotics
Mobile Industrial Robotics
Enabled Robotics
UVD Robots
Use of Hard-coded Credentials vulnerability in multiple products

Out of the wired and wireless interfaces within MiR100, MiR200 and other vehicles from the MiR fleet, it's possible to access the Control Dashboard on a hardcoded IP address.

5.0
2020-06-24 CVE-2020-10269 Aliasrobotics
Mobile Industrial Robotics
Enabled Robotics
UVD Robots
Use of Hard-coded Credentials vulnerability in multiple products

One of the wireless interfaces within MiR100, MiR200 and possibly (according to the vendor) other MiR fleet vehicles comes pre-configured in WiFi Master (Access Point) mode.

5.0
2020-06-23 CVE-2020-7668 Compression AND Archive Extensions TZ Project Path Traversal vulnerability in Compression and Archive Extensions TZ Project Compression and Archive Extensions TZ Project

In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..".

5.0
2020-06-23 CVE-2020-7664 Compression AND Archive Extensions Project Path Traversal vulnerability in Compression and Archive Extensions Project Compression and Archive Extensions ZIP Project

In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..".

5.0
2020-06-23 CVE-2020-4188 IBM Use of Insufficiently Random Values vulnerability in IBM Security Guardium 10.6/11.1

IBM Security Guardium 10.6 and 11.1 may use insufficiently random numbers or values in a security context that depends on unpredictable numbers.

5.0
2020-06-23 CVE-2020-4028 Atlassian Information Exposure Through Discrepancy vulnerability in Atlassian Jira

Versions before 8.9.1, Various resources in Jira responded with a 404 instead of redirecting unauthenticated users to the login page, in some situations this may have allowed unauthorised attackers to determine if certain resources exist or not through an Information Disclosure vulnerability.

5.0
2020-06-23 CVE-2020-14940 Herac XXE vulnerability in Herac Tuxguitar 1.5.4

An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4.

5.0
2020-06-22 CVE-2020-14049 Rakuten Unquoted Search Path or Element vulnerability in Rakuten Viber

Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler.

5.0
2020-06-22 CVE-2020-13158 Articatech Path Traversal vulnerability in Articatech Artica Proxy 4.28.030.418/4.28.030418

Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter.

5.0
2020-06-22 CVE-2020-14969 Misp Information Exposure vulnerability in Misp 2.4.127

app/Model/Attribute.php in MISP 2.4.127 lacks an ACL lookup on attribute correlations.

5.0
2020-06-22 CVE-2020-14961 Concretecms Unspecified vulnerability in Concretecms Concrete CMS

Concrete5 before 8.5.3 does not constrain the sort direction to a valid asc or desc value.

5.0
2020-06-26 CVE-2020-14955 Jiangmin Resource Exhaustion vulnerability in Jiangmin Antivirus 16.0.13.129

In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220440.

4.9
2020-06-24 CVE-2020-15025 NTP
Opensuse
Netapp
Oracle
Memory Leak vulnerability in multiple products

ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.

4.9
2020-06-23 CVE-2020-14976 Gns3 Information Exposure vulnerability in Gns3 Ubridge

GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context.

4.9
2020-06-27 CVE-2020-15360 Docker Missing Authorization vulnerability in Docker Desktop 2.3.0.3

com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification.

4.6
2020-06-25 CVE-2020-9606 Adobe Use After Free vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an use-after-free vulnerability.

4.6
2020-06-25 CVE-2020-5966 Nvidia NULL Pointer Dereference vulnerability in Nvidia GPU Display Driver

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, in which a NULL pointer is dereferenced, leading to denial of service or potential escalation of privileges.

4.6
2020-06-25 CVE-2020-3968 Vmware Out-of-bounds Write vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI).

4.6
2020-06-25 CVE-2020-5964 Nvidia Improper Validation of Integrity Check Value vulnerability in Nvidia products

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed.

4.6
2020-06-25 CVE-2020-5963 Nvidia
Canonical
Improper Privilege Management vulnerability in multiple products

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.

4.6
2020-06-24 CVE-2020-5962 Nvidia Improper Privilege Management vulnerability in Nvidia products

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.

4.6
2020-06-24 CVE-2020-10277 Mobile Industrial Robots
Easyrobotics
UVD Robots
There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually adding a new user with sudo privileges on the machine.
4.6
2020-06-23 CVE-2020-14971 PI Hole Code Injection vulnerability in Pi-Hole

Pi-hole through 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by modifying Teleporter backup files and then restoring them.

4.6
2020-06-22 CVE-2020-11520 Winmagic Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Winmagic Securedoc

The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to write to arbitrary kernel memory addresses because the IOCTL dispatcher lacks pointer validation.

4.6
2020-06-22 CVE-2020-11519 Winmagic Unspecified vulnerability in Winmagic Securedoc

The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to read or write to physical disc sectors via a \\.\SecureDocDevice handle.

4.6
2020-06-22 CVE-2020-3676 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Possible memory corruption in perfservice due to improper validation array length taken from user application.

4.6
2020-06-22 CVE-2020-3665 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

A possible buffer overflow would occur while processing command from firmware due to the group_id obtained from the firmware being out of range in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, MSM8996, MSM8996AU, QCA6174A, QCA9377, QCA9379, SDM439, SDM636, SDM660, SDX20, SDX24, SM8150

4.6
2020-06-22 CVE-2020-3642 Qualcomm Use After Free vulnerability in Qualcomm products

Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/destroy of the object in Snapdragon Consumer IOT, Snapdragon Mobile in Kamorta, QCS605, Rennell, Saipan, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

4.6
2020-06-22 CVE-2020-3635 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, Saipan, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

4.6
2020-06-22 CVE-2020-3626 Qualcomm Incorrect Default Permissions vulnerability in Qualcomm products

Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

4.6
2020-06-22 CVE-2019-14094 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

4.6
2020-06-22 CVE-2019-14091 Qualcomm Double Free vulnerability in Qualcomm products

Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130

4.6
2020-06-22 CVE-2019-14076 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

4.6
2020-06-26 CVE-2020-3768 Adobe Untrusted Search Path vulnerability in Adobe Coldfusion 2016/2018

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll search-order hijacking vulnerability.

4.4
2020-06-25 CVE-2020-3967 Vmware Out-of-bounds Write vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI).

4.4
2020-06-24 CVE-2020-3962 Vmware Use After Free vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device.

4.4
2020-06-24 CVE-2020-3969 Vmware Off-by-one Error vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device.

4.4
2020-06-28 CVE-2020-15365 Libraw Out-of-bounds Write vulnerability in Libraw 0.20

LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.

4.3
2020-06-28 CVE-2020-15364 Nexos Project Cross-site Scripting vulnerability in Nexos Project Nexos

The Nexos theme through 1.7 for WordPress allows top-map/?search_location= reflected XSS.

4.3
2020-06-26 CVE-2020-4089 Hcltech Information Exposure vulnerability in Hcltech Notes 10.0/11.0/9.0

HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol.

4.3
2020-06-26 CVE-2020-9581 Magento Cross-site Scripting vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability.

4.3
2020-06-26 CVE-2020-9577 Magento Cross-site Scripting vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability.

4.3
2020-06-26 CVE-2020-9558 Adobe Out-of-bounds Read vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability.

4.3
2020-06-26 CVE-2020-9557 Adobe Out-of-bounds Read vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability.

4.3
2020-06-26 CVE-2020-9553 Adobe Information Exposure vulnerability in Adobe Bridge

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability.

4.3
2020-06-26 CVE-2020-3809 Adobe Out-of-bounds Read vulnerability in Adobe After Effects

Adobe After Effects versions 17.0.1 and earlier have an out-of-bounds read vulnerability.

4.3
2020-06-26 CVE-2020-3798 Adobe Information Exposure vulnerability in Adobe Digital Editions

Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability.

4.3
2020-06-26 CVE-2020-3796 Adobe Information Exposure vulnerability in Adobe Coldfusion 2016/2018

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an improper access control vulnerability.

4.3
2020-06-26 CVE-2020-3767 Adobe Improper Input Validation vulnerability in Adobe Coldfusion 2016/2018

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an insufficient input validation vulnerability.

4.3
2020-06-26 CVE-2020-9629 Adobe Out-of-bounds Read vulnerability in Adobe Digital Negative Software Development KIT 1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability.

4.3
2020-06-26 CVE-2020-9626 Adobe Out-of-bounds Read vulnerability in Adobe Digital Negative Software Development KIT 1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability.

4.3
2020-06-26 CVE-2020-9624 Adobe Out-of-bounds Read vulnerability in Adobe Digital Negative Software Development KIT 1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability.

4.3
2020-06-26 CVE-2020-9622 Adobe Out-of-bounds Read vulnerability in Adobe Digital Negative Software Development KIT 1.5

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability.

4.3
2020-06-26 CVE-2020-9617 Adobe Out-of-bounds Read vulnerability in Adobe Premiere Rush 1.5.8

Adobe Premiere Rush versions 1.5.8 and earlier have an out-of-bounds read vulnerability.

4.3
2020-06-26 CVE-2020-9616 Adobe Out-of-bounds Read vulnerability in Adobe Premiere PRO 14.1

Adobe Premiere Pro versions 14.1 and earlier have an out-of-bounds read vulnerability.

4.3
2020-06-26 CVE-2020-4565 IBM Information Exposure vulnerability in IBM Spectrum Protect Plus

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an attacker to obtain sensitive information due to insecure communications being used between the application and server.

4.3
2020-06-26 CVE-2020-15017 Nedi Cross-site Scripting vulnerability in Nedi 1.9C

NeDi 1.9C is vulnerable to reflected cross-site scripting.

4.3
2020-06-26 CVE-2020-15016 Nedi Cross-site Scripting vulnerability in Nedi 1.9C

NeDi 1.9C is vulnerable to reflected cross-site scripting.

4.3
2020-06-25 CVE-2020-9618 Adobe Out-of-bounds Read vulnerability in Adobe Audition 13.0.5

Adobe Audition versions 13.0.5 and earlier have an out-of-bounds read vulnerability.

4.3
2020-06-25 CVE-2020-9611 Adobe Resource Exhaustion vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a stack exhaustion vulnerability.

4.3
2020-06-25 CVE-2020-9610 Adobe NULL Pointer Dereference vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a null pointer vulnerability.

4.3
2020-06-25 CVE-2020-9609 Adobe Out-of-bounds Read vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability.

4.3
2020-06-25 CVE-2020-9608 Adobe Out-of-bounds Read vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability.

4.3
2020-06-25 CVE-2020-9603 Adobe Out-of-bounds Read vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability.

4.3
2020-06-25 CVE-2020-9602 Adobe Out-of-bounds Read vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability.

4.3
2020-06-25 CVE-2020-9598 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an invalid memory access vulnerability.

4.3
2020-06-25 CVE-2020-9595 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an invalid memory access vulnerability.

4.3
2020-06-25 CVE-2020-9593 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an invalid memory access vulnerability.

4.3
2020-06-25 CVE-2020-9666 Adobe Out-of-bounds Read vulnerability in Adobe Campaign Classic 20.1

Adobe Campaign Classic before 20.2 have an out-of-bounds read vulnerability.

4.3
2020-06-25 CVE-2020-7355 Rapid7 Cross-site Scripting vulnerability in Rapid7 Metasploit

Cross-site Scripting (XSS) vulnerability in the 'notes' field of a discovered scan asset in Rapid7 Metasploit Pro allows an attacker with a specially-crafted network service of a scan target store an XSS sequence in the Metasploit Pro console, which will trigger when the operator views the record of that scanned host in the Metasploit Pro interface.

4.3
2020-06-25 CVE-2020-7354 Rapid7 Cross-site Scripting vulnerability in Rapid7 Metasploit

Cross-site Scripting (XSS) vulnerability in the 'host' field of a discovered scan asset in Rapid7 Metasploit Pro allows an attacker with a specially-crafted network service of a scan target to store an XSS sequence in the Metasploit Pro console, which will trigger when the operator views the record of that scanned host in the Metasploit Pro interface.

4.3
2020-06-25 CVE-2020-15047 Trojita Project Improper Certificate Validation vulnerability in Trojita Project Trojita

MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers.

4.3
2020-06-24 CVE-2020-15015 Gleamtech Cross-site Scripting vulnerability in Gleamtech Fileultimate 6.1.5.0

The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XSS via an SVG document.

4.3
2020-06-24 CVE-2020-14018 Naviwebs Cross-site Scripting vulnerability in Naviwebs Navigate CMS 2.9

An issue was discovered in Navigate CMS 2.9 r1433.

4.3
2020-06-24 CVE-2020-13483 Bitrix24 Cross-site Scripting vulnerability in Bitrix24 20.0.0

The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via the items[ITEMS][ID] parameter to the components/bitrix/mobileapp.list/ajax.php/ URI.

4.3
2020-06-24 CVE-2020-4413 IBM Information Exposure vulnerability in IBM Security Secret Server 10.6/10.7/10.7.000059

IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.

4.3
2020-06-24 CVE-2020-4323 IBM Cross-site Scripting vulnerability in IBM Security Secret Server 10.7/10.7.000059

IBM Security Secret Server 10.7 is vulnerable to cross-site scripting.

4.3
2020-06-24 CVE-2020-4322 IBM Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Security Secret Server 10.7/10.7.000059

IBM Security Secret Server 10.7 could allow a remote attacker to hijack the clicking action of the victim.

4.3
2020-06-24 CVE-2020-12863 Sane Project
Debian
Canonical
Opensuse
Out-of-bounds Read vulnerability in multiple products

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.

4.3
2020-06-24 CVE-2020-12862 Sane Project
Debian
Canonical
Opensuse
Out-of-bounds Read vulnerability in multiple products

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.

4.3
2020-06-23 CVE-2020-13157 Nukeviet Cross-Site Request Forgery (CSRF) vulnerability in Nukeviet 4.4

modules\users\admin\edit.php in NukeViet 4.4 allows CSRF to change a user's password via an admin/index.php?nv=users&op=edit&userid= URI.

4.3
2020-06-23 CVE-2020-13156 Nukeviet Cross-Site Request Forgery (CSRF) vulnerability in Nukeviet 4.4

modules\users\admin\add_user.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=user_add URI.

4.3
2020-06-22 CVE-2020-4032 Freerdp
Opensuse
Fedoraproject
Canonical
Debian
Incorrect Conversion between Numeric Types vulnerability in multiple products

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order.

4.3
2020-06-22 CVE-2020-14946 Globalradar Path Traversal vulnerability in Globalradar BSA Radar 1.6.7234.24750

downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files.

4.3
2020-06-22 CVE-2020-14973 Webtareas Project Cross-site Scripting vulnerability in Webtareas Project Webtareas 2.0

The loginForm within the general/login.php webpage in webTareas 2.0p8 suffers from a Reflected Cross Site Scripting (XSS) vulnerability via the query string.

4.3
2020-06-22 CVE-2020-13427 Victorcms Project Cross-site Scripting vulnerability in Victorcms Project Victorcms 1.0

Victor CMS 1.0 has Persistent XSS in admin/users.php?source=add_user via the user_name, user_firstname, or user_lastname parameter.

4.3
2020-06-22 CVE-2020-13426 Bdtask Cross-Site Request Forgery (CSRF) vulnerability in Bdtask Multi-Scheduler 1.0.0

The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery (CSRF) vulnerability in the forms it presents, allowing the possibility of deleting records (users) when an ID is known.

4.3
2020-06-22 CVE-2020-14202 IBI Cross-site Scripting vulnerability in IBI Webfocus Business Intelligence 8.0

WebFOCUS Business Intelligence 8.0 (SP6) was prone to XSS via arbitrary URL parameters.

4.3
2020-06-25 CVE-2019-20892 NET Snmp
Oracle
Double Free vulnerability in multiple products

net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request.

4.0
2020-06-24 CVE-2020-15026 Bludit Path Traversal vulnerability in Bludit 3.12.0

Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php.

4.0
2020-06-22 CVE-2020-4060 Semtech Use After Free vulnerability in Semtech Lora Basics Station 2.0.2/2.0.3

In LoRa Basics Station before 2.0.4, there is a Use After Free vulnerability that leads to memory corruption.

4.0

33 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-06-25 CVE-2020-3966 Vmware Race Condition vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI).

3.7
2020-06-26 CVE-2020-14477 Philips Improper Authentication vulnerability in Philips products

In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require authentication of the alternate service login to view or modify information.

3.6
2020-06-22 CVE-2020-14990 Iobit Improper Privilege Management vulnerability in Iobit Advanced Systemcare 13.5.0.263

IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link.

3.6
2020-06-26 CVE-2020-9584 Magento Cross-site Scripting vulnerability in Magento

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability.

3.5
2020-06-26 CVE-2020-4223 IBM Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.0.10/7.6.1.1

IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 is vulnerable to cross-site scripting.

3.5
2020-06-25 CVE-2020-9437 Secureauth Cross-site Scripting vulnerability in Secureauth Identity Provider 9.3.0

SecureAuth.aspx in SecureAuth IdP 9.3.0 suffers from a client-side template injection that allows for script execution, in the same manner as XSS.

3.5
2020-06-24 CVE-2020-15041 PHP Fusion Cross-site Scripting vulnerability in PHP-Fusion 9.03.60

PHP-Fusion 9.03.60 allows XSS via the administration/site_links.php Add Site Link field.

3.5
2020-06-24 CVE-2020-13248 Boolebox Cross-site Scripting vulnerability in Boolebox

BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx.

3.5
2020-06-24 CVE-2020-14014 Naviwebs Cross-site Scripting vulnerability in Naviwebs Navigate CMS 2.8/2.9

An issue was discovered in Navigate CMS 2.8 and 2.9 r1433.

3.5
2020-06-24 CVE-2020-14007 Solarwinds Cross-site Scripting vulnerability in Solarwinds products

Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition.

3.5
2020-06-24 CVE-2020-14006 Solarwinds Cross-site Scripting vulnerability in Solarwinds products

Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team.

3.5
2020-06-24 CVE-2020-15006 Bludit Cross-site Scripting vulnerability in Bludit 3.12.0

Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php.

3.5
2020-06-23 CVE-2020-14965 TP Link Injection vulnerability in Tp-Link Tl-Wr740N Firmware and Tl-Wr740Nd Firmware

On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and stations in the access-control settings via targets_lists_name or hosts_lists_name.

3.5
2020-06-22 CVE-2020-13480 Verint Injection vulnerability in Verint Workforce Optimization 15.2

Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the "send email" feature.

3.5
2020-06-22 CVE-2020-9288 Fortinet Cross-site Scripting vulnerability in Fortinet Fortiwlc

An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile.

3.5
2020-06-22 CVE-2020-4070 W3C Cross-site Scripting vulnerability in W3C CSS Validator

In CSS Validator less than or equal to commit 54d68a1, there is a cross-site scripting vulnerability in handling URIs.

3.5
2020-06-22 CVE-2020-13888 Kordil Edms Project Cross-site Scripting vulnerability in Kordil Edms Project Kordil Edms 2.2.60

Kordil EDMS through 2.2.60rc3 allows stored XSS in users_edit.php, users_management_edit.php, and user_management.php.

3.5
2020-06-22 CVE-2020-14962 Machothemes Cross-site Scripting vulnerability in Machothemes Image Photo Gallery Final Tiles Grid

Multiple XSS vulnerabilities in the Final Tiles Gallery plugin before 3.4.19 for WordPress allow remote attackers to inject arbitrary web script or HTML via the Title (aka imageTitle) or Caption (aka description) field of an image to wp-admin/admin-ajax.php.

3.5
2020-06-22 CVE-2020-14959 Goldplugins Cross-site Scripting vulnerability in Goldplugins Easy Testimonials

Multiple XSS vulnerabilities in the Easy Testimonials plugin before 3.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the wp-admin/post.php Client Name, Position, Web Address, Other, Location Reviewed, Product Reviewed, Item Reviewed, or Rating parameter.

3.5
2020-06-24 CVE-2020-12864 Sane Project
Opensuse
Canonical
Out-of-bounds Read vulnerability in multiple products

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.

3.3
2020-06-24 CVE-2020-15005 Mediawiki
Fedoraproject
Debian
In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them.
3.1
2020-06-24 CVE-2020-15011 GNU
Canonical
Debian
Injection vulnerability in multiple products

GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.

2.6
2020-06-24 CVE-2020-4071 Django Basic Auth IP Whitelist Project Information Exposure Through Timing Discrepancy vulnerability in Django-Basic-Auth-Ip-Whitelist Project Django-Basic-Auth-Ip-Whitelist

In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e.

2.4
2020-06-27 CVE-2020-15358 Sqlite
Canonical
Apple
Oracle
Siemens
Out-of-bounds Write vulnerability in multiple products

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

2.1
2020-06-26 CVE-2020-10727 Apache
Netapp
Insufficiently Protected Credentials vulnerability in multiple products

A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the `resetUsers` operation.

2.1
2020-06-25 CVE-2020-3971 Vmware Out-of-bounds Write vulnerability in VMWare products

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter.

2.1
2020-06-25 CVE-2020-3965 Vmware Out-of-bounds Read vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller.

2.1
2020-06-25 CVE-2020-5965 Nvidia Out-of-bounds Read vulnerability in Nvidia products

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX 11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, leading to denial of service.

2.1
2020-06-22 CVE-2019-14092 Qualcomm Information Exposure vulnerability in Qualcomm products

System Services exports services without permission protect and can lead to information exposure in Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130

2.1
2020-06-22 CVE-2019-10626 Qualcomm Information Exposure vulnerability in Qualcomm products

Payload size is not validated before reading memory that may cause issue of accessing invalid pointer or some garbage data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Rennell, Saipan, SC8180X, SDA660, SDA845, SDM429W, SDM439, SDM670, SDM710, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR2130

2.1
2020-06-25 CVE-2020-5967 Nvidia
Canonical
Race Condition vulnerability in multiple products

NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service.

1.9
2020-06-25 CVE-2020-3970 Vmware Out-of-bounds Read vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality.

1.9
2020-06-25 CVE-2020-3964 Vmware Use of Uninitialized Resource vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller.

1.9